From 0e7e4005460964cf8dac080e3d99e1df2a1bdc4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Fri, 12 Dec 2014 11:49:24 +0100 Subject: Updated ics-openvpn to rev924. --- app/openvpn/config-version.h | 2 +- app/openvpn/src/openvpn/crypto_backend.h | 6 +- app/openvpn/src/openvpn/crypto_openssl.c | 4 +- app/openvpn/src/openvpn/crypto_polarssl.c | 4 +- app/openvpn/src/openvpn/ssl.c | 12 +- .../main/java/de/blinkt/openvpn/VpnProfile.java | 38 +----- .../blinkt/openvpn/activities/DisconnectVPN.java | 8 +- .../de/blinkt/openvpn/core/OpenVPNService.java | 1 + .../java/de/blinkt/openvpn/core/OpenVPNThread.java | 7 +- .../de/blinkt/openvpn/core/VPNLaunchHelper.java | 151 ++++++++++++++------- app/src/main/res/menu/logmenu.xml | 10 +- app/src/main/res/values-v21/styles.xml | 15 ++ app/src/main/res/values/styles.xml | 6 +- app/src/main/res/values/untranslatable.xml | 20 +++ 14 files changed, 185 insertions(+), 99 deletions(-) create mode 100644 app/src/main/res/values-v21/styles.xml (limited to 'app') diff --git a/app/openvpn/config-version.h b/app/openvpn/config-version.h index 6e78aeaf..1fca2b7a 100644 --- a/app/openvpn/config-version.h +++ b/app/openvpn/config-version.h @@ -1,2 +1,2 @@ -#define CONFIGURE_GIT_REVISION "icsopenvpn_620-df00abd6979b7376" +#define CONFIGURE_GIT_REVISION "icsopenvpn_621-b603913ee5d54ab8" #define CONFIGURE_GIT_FLAGS "" diff --git a/app/openvpn/src/openvpn/crypto_backend.h b/app/openvpn/src/openvpn/crypto_backend.h index bc067a7d..87498785 100644 --- a/app/openvpn/src/openvpn/crypto_backend.h +++ b/app/openvpn/src/openvpn/crypto_backend.h @@ -223,7 +223,7 @@ int cipher_kt_block_size (const cipher_kt_t *cipher_kt); /** * Returns the mode that the cipher runs in. * - * @param cipher_kt Static cipher parameters + * @param cipher_kt Static cipher parameters. May not be NULL. * * @return Cipher mode, either \c OPENVPN_MODE_CBC, \c * OPENVPN_MODE_OFB or \c OPENVPN_MODE_CFB @@ -233,7 +233,7 @@ int cipher_kt_mode (const cipher_kt_t *cipher_kt); /** * Check if the supplied cipher is a supported CBC mode cipher. * - * @param cipher Static cipher parameters. May not be NULL. + * @param cipher Static cipher parameters. * * @return true iff the cipher is a CBC mode cipher. */ @@ -243,7 +243,7 @@ bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) /** * Check if the supplied cipher is a supported OFB or CFB mode cipher. * - * @param cipher Static cipher parameters. May not be NULL. + * @param cipher Static cipher parameters. * * @return true iff the cipher is a OFB or CFB mode cipher. */ diff --git a/app/openvpn/src/openvpn/crypto_openssl.c b/app/openvpn/src/openvpn/crypto_openssl.c index 0ac89a19..f7a491d6 100644 --- a/app/openvpn/src/openvpn/crypto_openssl.c +++ b/app/openvpn/src/openvpn/crypto_openssl.c @@ -492,7 +492,7 @@ cipher_kt_mode (const EVP_CIPHER *cipher_kt) bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) { - return cipher_kt_mode(cipher) == OPENVPN_MODE_CBC + return cipher && cipher_kt_mode(cipher) == OPENVPN_MODE_CBC #ifdef EVP_CIPH_FLAG_AEAD_CIPHER /* Exclude AEAD cipher modes, they require a different API */ && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) @@ -503,7 +503,7 @@ cipher_kt_mode_cbc(const cipher_kt_t *cipher) bool cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher) { - return (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || + return cipher && (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || cipher_kt_mode(cipher) == OPENVPN_MODE_CFB) #ifdef EVP_CIPH_FLAG_AEAD_CIPHER /* Exclude AEAD cipher modes, they require a different API */ diff --git a/app/openvpn/src/openvpn/crypto_polarssl.c b/app/openvpn/src/openvpn/crypto_polarssl.c index 1a986dbd..e083398f 100644 --- a/app/openvpn/src/openvpn/crypto_polarssl.c +++ b/app/openvpn/src/openvpn/crypto_polarssl.c @@ -419,13 +419,13 @@ cipher_kt_mode (const cipher_info_t *cipher_kt) bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) { - return cipher_kt_mode(cipher) == OPENVPN_MODE_CBC; + return cipher && cipher_kt_mode(cipher) == OPENVPN_MODE_CBC; } bool cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher) { - return (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || + return cipher && (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || cipher_kt_mode(cipher) == OPENVPN_MODE_CFB); } diff --git a/app/openvpn/src/openvpn/ssl.c b/app/openvpn/src/openvpn/ssl.c index 94b7b6d9..f79f42d9 100644 --- a/app/openvpn/src/openvpn/ssl.c +++ b/app/openvpn/src/openvpn/ssl.c @@ -2826,7 +2826,17 @@ tls_pre_decrypt (struct tls_multi *multi, opt->flags &= multi->opt.crypto_flags_and; opt->flags |= multi->opt.crypto_flags_or; - ASSERT (buf_advance (buf, (op == P_DATA_V2) ? 4 : 1)); + ASSERT (buf_advance (buf, 1)); + if (op == P_DATA_V2) + { + if (buf->len < 4) + { + msg (D_TLS_ERRORS, "Protocol error: received P_DATA_V2 from %s but length is < 4", + print_link_socket_actual (from, &gc)); + goto error; + } + ASSERT (buf_advance (buf, 3)); + } ++ks->n_packets; ks->n_bytes += buf->len; diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java index 65214c4f..fb2ba90d 100644 --- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -45,7 +45,6 @@ import java.util.Collection; import java.util.Locale; import java.util.UUID; import java.util.Vector; -import java.util.concurrent.Future; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; @@ -54,6 +53,7 @@ import javax.crypto.NoSuchPaddingException; import de.blinkt.openvpn.core.NativeUtils; import de.blinkt.openvpn.core.OpenVPNService; +import de.blinkt.openvpn.core.VPNLaunchHelper; import de.blinkt.openvpn.core.VpnStatus; import de.blinkt.openvpn.core.X509Utils; @@ -68,11 +68,8 @@ public class VpnProfile implements Serializable { public static final String EXTRA_PROFILEUUID = "de.blinkt.openvpn.profileUUID"; public static final String INLINE_TAG = "[[INLINE]]"; public static final String DISPLAYNAME_TAG = "[[NAME]]"; - private static final String MININONPIEVPN = "nopievpn"; - private static final String MINIPIEVPN = "pievpn"; private static final long serialVersionUID = 7085688938959334563L; - private static final String OVPNCONFIGFILE = "android.conf"; public static final int MAXLOGLEVEL = 4; public static final int CURRENT_PROFILE_VERSION = 2; public static final int DEFAULT_MSSFIX_SIZE = 1450; @@ -164,20 +161,6 @@ public class VpnProfile implements Serializable { mProfileVersion = CURRENT_PROFILE_VERSION; } - public static String getMiniVPNExecutableName() - { - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) - return VpnProfile.MINIPIEVPN; - else - return VpnProfile.MININONPIEVPN; - } - - public static String[] replacePieWithNoPie(String[] mArgv) - { - mArgv[0] = mArgv[0].replace(MINIPIEVPN, MININONPIEVPN); - return mArgv; - } - public static String openVpnEscape(String unescaped) { if (unescaped == null) return null; @@ -576,19 +559,6 @@ public class VpnProfile implements Serializable { return parts[0] + " " + netmask; } - private String[] buildOpenvpnArgv(File cacheDir) { - Vector args = new Vector(); - - // Add fixed paramenters - //args.add("/data/data/de.blinkt.openvpn/lib/openvpn"); - args.add(cacheDir.getAbsolutePath() + "/" + getMiniVPNExecutableName()); - - args.add("--config"); - args.add(cacheDir.getAbsolutePath() + "/" + OVPNCONFIGFILE); - - - return args.toArray(new String[args.size()]); - } @@ -603,7 +573,7 @@ public class VpnProfile implements Serializable { try { - FileWriter cfg = new FileWriter(context.getCacheDir().getAbsolutePath() + "/" + OVPNCONFIGFILE); + FileWriter cfg = new FileWriter(VPNLaunchHelper.getConfigFilePath(context)); cfg.write(getConfigFile(context, false)); cfg.flush(); cfg.close(); @@ -618,7 +588,7 @@ public class VpnProfile implements Serializable { String prefix = context.getPackageName(); Intent intent = new Intent(context, OpenVPNService.class); - intent.putExtra(prefix + ".ARGV", buildOpenvpnArgv(context.getCacheDir())); + intent.putExtra(prefix + ".ARGV", VPNLaunchHelper.buildOpenvpnArgv(context)); intent.putExtra(prefix + ".profileUUID", mUuid.toString()); ApplicationInfo info = context.getApplicationInfo(); @@ -648,7 +618,7 @@ public class VpnProfile implements Serializable { public static boolean isEmbedded(String data) { if (data==null) return false; - if(data.startsWith(INLINE_TAG) || data.startsWith(DISPLAYNAME_TAG)) + if (data.startsWith(INLINE_TAG) || data.startsWith(DISPLAYNAME_TAG)) return true; else return false; diff --git a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java index e6b73a48..4940d5d6 100644 --- a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java +++ b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java @@ -17,7 +17,7 @@ import de.blinkt.openvpn.core.ProfileManager; /** * Created by arne on 13.10.13. */ -public class DisconnectVPN extends Activity implements DialogInterface.OnClickListener{ +public class DisconnectVPN extends Activity implements DialogInterface.OnClickListener, DialogInterface.OnCancelListener { protected OpenVPNService mService; private ServiceConnection mConnection = new ServiceConnection() { @@ -71,6 +71,7 @@ public class DisconnectVPN extends Activity implements DialogInterface.OnClickLi builder.setMessage(R.string.cancel_connection_query); builder.setNegativeButton(android.R.string.no, this); builder.setPositiveButton(android.R.string.yes,this); + builder.setOnCancelListener(this); builder.show(); } @@ -84,4 +85,9 @@ public class DisconnectVPN extends Activity implements DialogInterface.OnClickLi } finish(); } + + @Override + public void onCancel(DialogInterface dialog) { + finish(); + } } diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index ada065ba..d9830955 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -719,6 +719,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac public void updateState(String state, String logmessage, int resid, ConnectionStatus level) { // If the process is not running, ignore any state, // Notification should be invisible in this state + doSendBroadcast(state, level); if (mProcessThread == null && !mNotificationAlwaysVisible) return; diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java index e3c60854..e36a5b8a 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java @@ -5,6 +5,7 @@ package de.blinkt.openvpn.core; +import android.annotation.SuppressLint; import android.util.Log; import java.io.BufferedReader; @@ -30,6 +31,7 @@ import de.blinkt.openvpn.core.VpnStatus.LogItem; public class OpenVPNThread implements Runnable { private static final String DUMP_PATH_STRING = "Dump path: "; + @SuppressLint("SdCardPath") private static final String BROKEN_PIE_SUPPORT = "/data/data/de.blinkt.openvpn/cache/pievpn[1]: syntax error:"; private static final String TAG = "OpenVPN"; public static final int M_FATAL = (1 << 4); @@ -78,7 +80,8 @@ public class OpenVPNThread implements Runnable { if( exitvalue != 0) { VpnStatus.logError("Process exited with exit value " + exitvalue); if (mBrokenPie) { - String[] noPieArgv = VpnProfile.replacePieWithNoPie(mArgv); + /* This will probably fail since the NoPIE binary is probably not written */ + String[] noPieArgv = VPNLaunchHelper.replacePieWithNoPie(mArgv); // We are already noPIE, nothing to gain if (!noPieArgv.equals(mArgv)) { @@ -190,7 +193,7 @@ public class OpenVPNThread implements Runnable { private String genLibraryPath(String[] argv, ProcessBuilder pb) { // Hack until I find a good way to get the real library path - String applibpath = argv[0].replace("/cache/" + VpnProfile.getMiniVPNExecutableName() , "/lib"); + String applibpath = argv[0].replaceFirst("/cache/.*$" , "/lib"); String lbpath = pb.environment().get("LD_LIBRARY_PATH"); if(lbpath==null) diff --git a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java index 40f9742b..208aa359 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java +++ b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java @@ -5,70 +5,122 @@ package de.blinkt.openvpn.core; +import android.annotation.TargetApi; import android.content.Context; import android.content.Intent; +import android.content.pm.ApplicationInfo; import android.os.Build; import java.io.File; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; +import java.util.Vector; import se.leap.bitmaskclient.R; import de.blinkt.openvpn.VpnProfile; public class VPNLaunchHelper { - static private boolean writeMiniVPN(Context context) { - File mvpnout = new File(context.getCacheDir(),VpnProfile.getMiniVPNExecutableName()); - if (mvpnout.exists() && mvpnout.canExecute()) - return true; - - IOException e2 = null; - - try { - InputStream mvpn; - - try { - mvpn = context.getAssets().open(VpnProfile.getMiniVPNExecutableName() + "." + Build.CPU_ABI); - } - catch (IOException errabi) { - VpnStatus.logInfo("Failed getting assets for archicture " + Build.CPU_ABI); - e2=errabi; - mvpn = context.getAssets().open(VpnProfile.getMiniVPNExecutableName() + "." + Build.CPU_ABI2); - - } - - - FileOutputStream fout = new FileOutputStream(mvpnout); - - byte buf[]= new byte[4096]; - - int lenread = mvpn.read(buf); - while(lenread> 0) { - fout.write(buf, 0, lenread); - lenread = mvpn.read(buf); - } - fout.close(); - - if(!mvpnout.setExecutable(true)) { - VpnStatus.logError("Failed to make OpenVPN executable"); - return false; - } - - - return true; - } catch (IOException e) { - if(e2!=null) - VpnStatus.logException(e2); - VpnStatus.logException(e); - - return false; - } + private static final String MININONPIEVPN = "nopievpn"; + private static final String MINIPIEVPN = "pievpn"; + private static final String OVPNCONFIGFILE = "android.conf"; + + + + static private String writeMiniVPN(Context context) { + String[] abis; + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) + abis = getSupportedAbisLollipop(); + else + abis = new String[]{Build.CPU_ABI, Build.CPU_ABI2}; + + for (String abi: abis) { + + File mvpnout = new File(context.getCacheDir(), getMiniVPNExecutableName() + "." + abi); + if ((mvpnout.exists() && mvpnout.canExecute()) || writeMiniVPNBinary(context, abi, mvpnout)) { + return mvpnout.getPath(); + } + } + + return null; } + + @TargetApi(Build.VERSION_CODES.LOLLIPOP) + private static String[] getSupportedAbisLollipop() { + return Build.SUPPORTED_ABIS; + } + + private static String getMiniVPNExecutableName() + { + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) + return MINIPIEVPN; + else + return MININONPIEVPN; + } + + + public static String[] replacePieWithNoPie(String[] mArgv) + { + mArgv[0] = mArgv[0].replace(MINIPIEVPN, MININONPIEVPN); + return mArgv; + } + + + public static String[] buildOpenvpnArgv(Context c) { + Vector args = new Vector(); + + // Add fixed paramenters + //args.add("/data/data/de.blinkt.openvpn/lib/openvpn"); + args.add(writeMiniVPN(c)); + + args.add("--config"); + args.add(c.getCacheDir().getAbsolutePath() + "/" + OVPNCONFIGFILE); + + + return args.toArray(new String[args.size()]); + } + + private static boolean writeMiniVPNBinary(Context context, String abi, File mvpnout) { + try { + InputStream mvpn; + + try { + mvpn = context.getAssets().open(getMiniVPNExecutableName() + "." + abi); + } + catch (IOException errabi) { + VpnStatus.logInfo("Failed getting assets for archicture " + abi); + return false; + } + + + FileOutputStream fout = new FileOutputStream(mvpnout); + + byte buf[]= new byte[4096]; + + int lenread = mvpn.read(buf); + while(lenread> 0) { + fout.write(buf, 0, lenread); + lenread = mvpn.read(buf); + } + fout.close(); + + if(!mvpnout.setExecutable(true)) { + VpnStatus.logError("Failed to make OpenVPN executable"); + return false; + } + + + return true; + } catch (IOException e) { + VpnStatus.logException(e); + return false; + } + + } public static void startOpenVpn(VpnProfile startprofile, Context context) { - if(!writeMiniVPN(context)) { + if(writeMiniVPN(context)==null) { VpnStatus.logError("Error writing minivpn binary"); return; } @@ -80,4 +132,9 @@ public class VPNLaunchHelper { context.startService(startVPN); } + + public static String getConfigFilePath(Context context) { + return context.getCacheDir().getAbsolutePath() + "/" + OVPNCONFIGFILE; + } + } diff --git a/app/src/main/res/menu/logmenu.xml b/app/src/main/res/menu/logmenu.xml index a1d2a7b5..52ba4b7d 100644 --- a/app/src/main/res/menu/logmenu.xml +++ b/app/src/main/res/menu/logmenu.xml @@ -10,33 +10,33 @@ diff --git a/app/src/main/res/values-v21/styles.xml b/app/src/main/res/values-v21/styles.xml new file mode 100644 index 00000000..892b6cb0 --- /dev/null +++ b/app/src/main/res/values-v21/styles.xml @@ -0,0 +1,15 @@ + + + + + + + + diff --git a/app/src/main/res/values/styles.xml b/app/src/main/res/values/styles.xml index 7b26a4a7..a60e29b8 100644 --- a/app/src/main/res/values/styles.xml +++ b/app/src/main/res/values/styles.xml @@ -5,6 +5,10 @@ --> + + diff --git a/app/src/main/res/values/untranslatable.xml b/app/src/main/res/values/untranslatable.xml index 619a550f..7257bf3a 100644 --- a/app/src/main/res/values/untranslatable.xml +++ b/app/src/main/res/values/untranslatable.xml @@ -2449,6 +2449,26 @@ + + + + + + + + + + + + + + + + + + + + -- cgit v1.2.3 From 97aded26654ede8204a313dd6967b678a72a2a10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Fri, 12 Dec 2014 18:02:40 +0100 Subject: Updated ics-openvpn to last rev 14 Nov 2014. Material design! It still doesn't run properly on my tablet, openvpn keeps getting down and exiting. --- app/build.gradle | 57 +- app/openssl/Apps-config-host.mk | 12 +- app/openssl/Apps-config-target.mk | 17 +- app/openssl/Crypto-config-host.mk | 15 +- app/openssl/Crypto-config-target.mk | 20 +- app/openssl/Crypto-config-trusty.mk | 17 +- app/openssl/Ssl-config-host.mk | 12 +- app/openssl/Ssl-config-target.mk | 17 +- app/openssl/Ssl.mk | 2 + app/openssl/android-config.mk | 2 + app/openssl/android.testssl/testssl | 6 + app/openssl/apps/apps.c | 4 + app/openssl/apps/ca.c | 5 + app/openssl/apps/ciphers.c | 6 - app/openssl/apps/crl2p7.c | 8 +- app/openssl/apps/enc.c | 8 + app/openssl/apps/md4.c | 128 +- app/openssl/apps/ocsp.c | 2 +- app/openssl/apps/progs.h | 8 +- app/openssl/apps/progs.pl | 2 +- app/openssl/apps/s_client.c | 12 + app/openssl/apps/s_server.c | 16 +- app/openssl/build-config-32.mk | 4 +- app/openssl/build-config-64.mk | 4 +- app/openssl/build-config-trusty.mk | 4 +- app/openssl/crypto/LPdir_win.c | 48 +- app/openssl/crypto/aes/asm/aesni-x86_64.pl | 52 +- app/openssl/crypto/asn1/a_object.c | 30 +- app/openssl/crypto/asn1/a_strex.c | 1 + app/openssl/crypto/asn1/a_utctm.c | 24 +- app/openssl/crypto/asn1/ameth_lib.c | 7 +- app/openssl/crypto/asn1/asn1_lib.c | 3 + app/openssl/crypto/asn1/asn_mime.c | 2 + app/openssl/crypto/asn1/asn_pack.c | 12 +- app/openssl/crypto/asn1/bio_asn1.c | 3 + app/openssl/crypto/asn1/charmap.pl | 3 + app/openssl/crypto/asn1/evp_asn1.c | 6 +- app/openssl/crypto/asn1/t_x509.c | 2 + app/openssl/crypto/asn1/tasn_enc.c | 7 +- app/openssl/crypto/asn1/x_crl.c | 1 + app/openssl/crypto/bio/bio_lib.c | 4 +- app/openssl/crypto/bn/asm/x86_64-gcc.c | 8 +- app/openssl/crypto/bn/bn_exp.c | 11 +- app/openssl/crypto/bn/bn_lib.c | 9 + app/openssl/crypto/bn/bn_nist.c | 6 +- app/openssl/crypto/bn/bn_sqr.c | 1 + app/openssl/crypto/bn/exptest.c | 45 +- app/openssl/crypto/cms/cms_pwri.c | 3 +- app/openssl/crypto/conf/conf_def.c | 2 +- app/openssl/crypto/constant_time_locl.h | 216 ++ app/openssl/crypto/dsa/dsa_ameth.c | 7 +- app/openssl/crypto/ebcdic.h | 7 + app/openssl/crypto/ec/ec.h | 2 +- app/openssl/crypto/ec/ec2_smpl.c | 9 +- app/openssl/crypto/ec/ec_ameth.c | 14 +- app/openssl/crypto/ec/ec_asn1.c | 40 +- app/openssl/crypto/ec/ec_lib.c | 2 +- app/openssl/crypto/ec/ecp_mont.c | 9 +- app/openssl/crypto/ec/ecp_nist.c | 9 +- app/openssl/crypto/ec/ecp_smpl.c | 183 +- app/openssl/crypto/ec/ectest.c | 64 +- app/openssl/crypto/err/openssl.ec | 1 + app/openssl/crypto/evp/e_aes.c | 63 +- app/openssl/crypto/evp/evp_enc.c | 56 +- app/openssl/crypto/evp/evp_pbe.c | 2 +- app/openssl/crypto/md5/asm/md5-x86_64.pl | 2 +- app/openssl/crypto/objects/obj_dat.c | 16 +- app/openssl/crypto/objects/obj_dat.h | 3429 ++++++++++---------- app/openssl/crypto/objects/obj_dat.pl | 2 +- app/openssl/crypto/ocsp/ocsp_ht.c | 16 +- app/openssl/crypto/ocsp/ocsp_lib.c | 13 +- app/openssl/crypto/ocsp/ocsp_vfy.c | 7 +- app/openssl/crypto/opensslconf-32.h | 12 + app/openssl/crypto/opensslconf-64.h | 12 + app/openssl/crypto/opensslconf-static-32.h | 12 + app/openssl/crypto/opensslconf-static-64.h | 12 + app/openssl/crypto/opensslconf-static-trusty.h | 12 + app/openssl/crypto/opensslconf-trusty.h | 12 + app/openssl/crypto/opensslv.h | 13 +- app/openssl/crypto/ossl_typ.h | 7 + app/openssl/crypto/pem/pvkfmt.c | 5 + app/openssl/crypto/pkcs7/bio_ber.c | 466 --- app/openssl/crypto/pkcs7/dec.c | 248 -- app/openssl/crypto/pkcs7/des.pem | 15 - app/openssl/crypto/pkcs7/doc | 24 - app/openssl/crypto/pkcs7/enc.c | 174 - app/openssl/crypto/pkcs7/es1.pem | 66 - app/openssl/crypto/pkcs7/example.c | 329 -- app/openssl/crypto/pkcs7/example.h | 57 - app/openssl/crypto/pkcs7/info.pem | 57 - app/openssl/crypto/pkcs7/infokey.pem | 9 - app/openssl/crypto/pkcs7/p7/a1 | 2 - app/openssl/crypto/pkcs7/p7/a2 | 1 - app/openssl/crypto/pkcs7/p7/cert.p7c | Bin 1728 -> 0 bytes app/openssl/crypto/pkcs7/p7/smime.p7m | Bin 4894 -> 0 bytes app/openssl/crypto/pkcs7/p7/smime.p7s | Bin 2625 -> 0 bytes app/openssl/crypto/pkcs7/pkcs7.h | 4 - app/openssl/crypto/pkcs7/server.pem | 24 - app/openssl/crypto/pkcs7/sign.c | 154 - app/openssl/crypto/pkcs7/t/3des.pem | 16 - app/openssl/crypto/pkcs7/t/3dess.pem | 32 - app/openssl/crypto/pkcs7/t/c.pem | 48 - app/openssl/crypto/pkcs7/t/ff | 32 - app/openssl/crypto/pkcs7/t/msie-e | 20 - app/openssl/crypto/pkcs7/t/msie-e.pem | 22 - app/openssl/crypto/pkcs7/t/msie-enc-01 | 62 - app/openssl/crypto/pkcs7/t/msie-enc-01.pem | 66 - app/openssl/crypto/pkcs7/t/msie-enc-02 | 90 - app/openssl/crypto/pkcs7/t/msie-enc-02.pem | 106 - app/openssl/crypto/pkcs7/t/msie-s-a-e | 91 - app/openssl/crypto/pkcs7/t/msie-s-a-e.pem | 106 - app/openssl/crypto/pkcs7/t/nav-smime | 157 - app/openssl/crypto/pkcs7/t/s.pem | 57 - app/openssl/crypto/pkcs7/t/server.pem | 57 - app/openssl/crypto/pkcs7/verify.c | 263 -- app/openssl/crypto/pqueue/pqueue.h | 6 + app/openssl/crypto/rand/md_rand.c | 24 +- app/openssl/crypto/rand/rand_lcl.h | 1 + app/openssl/crypto/rand/rand_lib.c | 3 +- app/openssl/crypto/rand/randfile.c | 1 + app/openssl/crypto/rsa/rsa.h | 1 + app/openssl/crypto/rsa/rsa_eay.c | 2 +- app/openssl/crypto/rsa/rsa_err.c | 1 + app/openssl/crypto/rsa/rsa_oaep.c | 150 +- app/openssl/crypto/rsa/rsa_pk1.c | 103 +- app/openssl/crypto/rsa/rsa_sign.c | 21 +- app/openssl/crypto/srp/srp_lib.c | 6 + app/openssl/crypto/stack/safestack.h | 8 + app/openssl/crypto/ui/ui_lib.c | 2 +- app/openssl/e_os.h | 12 +- app/openssl/flavor.mk | 4 + app/openssl/import_openssl.sh | 6 +- app/openssl/include/openssl/dtls1.h | 3 +- app/openssl/include/openssl/ebcdic.h | 7 + app/openssl/include/openssl/ec.h | 2 +- app/openssl/include/openssl/modes.h | 6 + app/openssl/include/openssl/opensslconf-32.h | 12 + app/openssl/include/openssl/opensslconf-64.h | 12 + .../include/openssl/opensslconf-static-32.h | 12 + .../include/openssl/opensslconf-static-64.h | 12 + .../include/openssl/opensslconf-static-trusty.h | 12 + app/openssl/include/openssl/opensslconf-trusty.h | 12 + app/openssl/include/openssl/opensslv.h | 13 +- app/openssl/include/openssl/ossl_typ.h | 7 + app/openssl/include/openssl/pkcs7.h | 4 - app/openssl/include/openssl/pqueue.h | 6 + app/openssl/include/openssl/rsa.h | 1 + app/openssl/include/openssl/safestack.h | 8 + app/openssl/include/openssl/srtp.h | 4 + app/openssl/include/openssl/ssl.h | 17 +- app/openssl/include/openssl/ssl3.h | 7 +- app/openssl/include/openssl/tls1.h | 15 +- app/openssl/openssl.config | 11 + app/openssl/openssl.version | 2 +- app/openssl/patches/README | 5 + app/openssl/rules.mk | 2 + app/openssl/ssl/d1_both.c | 85 +- app/openssl/ssl/d1_clnt.c | 31 +- app/openssl/ssl/d1_lib.c | 10 + app/openssl/ssl/d1_srtp.c | 93 +- app/openssl/ssl/d1_srvr.c | 14 +- app/openssl/ssl/dtls1.h | 3 +- app/openssl/ssl/s23_clnt.c | 12 +- app/openssl/ssl/s23_lib.c | 7 + app/openssl/ssl/s23_srvr.c | 51 +- app/openssl/ssl/s2_lib.c | 6 +- app/openssl/ssl/s3_cbc.c | 65 +- app/openssl/ssl/s3_clnt.c | 266 +- app/openssl/ssl/s3_enc.c | 14 +- app/openssl/ssl/s3_lib.c | 80 +- app/openssl/ssl/s3_pkt.c | 21 +- app/openssl/ssl/s3_srvr.c | 123 +- app/openssl/ssl/srtp.h | 4 + app/openssl/ssl/ssl.h | 17 +- app/openssl/ssl/ssl3.h | 7 +- app/openssl/ssl/ssl_ciph.c | 44 +- app/openssl/ssl/ssl_err.c | 3 + app/openssl/ssl/ssl_lib.c | 65 +- app/openssl/ssl/ssl_locl.h | 25 +- app/openssl/ssl/ssl_stat.c | 5 +- app/openssl/ssl/t1_enc.c | 3 +- app/openssl/ssl/t1_lib.c | 85 +- app/openssl/ssl/tls1.h | 15 +- app/openssl/ssl/tls_srp.c | 48 +- app/openvpn/.gitignore | 59 - app/openvpn/distro/rpm/openvpn.spec | 248 ++ app/openvpn/src/plugins/Makefile.in | 546 ++++ app/openvpn/src/plugins/auth-pam/Makefile.in | 570 ++++ app/openvpn/src/plugins/down-root/Makefile.in | 563 ++++ .../de/blinkt/openvpn/core/OpenVPNThreadv3.java | 275 ++ app/src/main/AndroidManifest.xml | 6 +- .../main/res/drawable-hdpi/ic_close_white_24dp.png | Bin 0 -> 324 bytes .../res/drawable-hdpi/ic_delete_white_24dp.png | Bin 0 -> 246 bytes .../res/drawable-hdpi/ic_edit_grey600_24dp.png | Bin 0 -> 341 bytes .../main/res/drawable-hdpi/ic_edit_white_24dp.png | Bin 0 -> 339 bytes .../drawable-hdpi/ic_filter_list_white_24dp.png | Bin 0 -> 206 bytes .../main/res/drawable-hdpi/ic_share_white_24dp.png | Bin 0 -> 506 bytes .../main/res/drawable-mdpi/ic_close_white_24dp.png | Bin 0 -> 279 bytes .../res/drawable-mdpi/ic_delete_white_24dp.png | Bin 0 -> 197 bytes .../res/drawable-mdpi/ic_edit_grey600_24dp.png | Bin 0 -> 276 bytes .../main/res/drawable-mdpi/ic_edit_white_24dp.png | Bin 0 -> 272 bytes .../drawable-mdpi/ic_filter_list_white_24dp.png | Bin 0 -> 181 bytes .../main/res/drawable-mdpi/ic_share_white_24dp.png | Bin 0 -> 361 bytes .../res/drawable-xhdpi/ic_close_white_24dp.png | Bin 0 -> 402 bytes .../res/drawable-xhdpi/ic_delete_white_24dp.png | Bin 0 -> 270 bytes .../res/drawable-xhdpi/ic_edit_grey600_24dp.png | Bin 0 -> 379 bytes .../main/res/drawable-xhdpi/ic_edit_white_24dp.png | Bin 0 -> 378 bytes .../drawable-xhdpi/ic_filter_list_white_24dp.png | Bin 0 -> 200 bytes .../res/drawable-xhdpi/ic_share_white_24dp.png | Bin 0 -> 625 bytes .../res/drawable-xxhdpi/ic_close_white_24dp.png | Bin 0 -> 492 bytes .../res/drawable-xxhdpi/ic_delete_white_24dp.png | Bin 0 -> 338 bytes .../res/drawable-xxhdpi/ic_edit_grey600_24dp.png | Bin 0 -> 493 bytes .../res/drawable-xxhdpi/ic_edit_white_24dp.png | Bin 0 -> 490 bytes .../drawable-xxhdpi/ic_filter_list_white_24dp.png | Bin 0 -> 223 bytes .../res/drawable-xxhdpi/ic_share_white_24dp.png | Bin 0 -> 857 bytes .../res/drawable-xxxhdpi/ic_close_white_24dp.png | Bin 0 -> 662 bytes .../res/drawable-xxxhdpi/ic_delete_white_24dp.png | Bin 0 -> 397 bytes .../res/drawable-xxxhdpi/ic_edit_grey600_24dp.png | Bin 0 -> 639 bytes .../res/drawable-xxxhdpi/ic_edit_white_24dp.png | Bin 0 -> 632 bytes .../drawable-xxxhdpi/ic_filter_list_white_24dp.png | Bin 0 -> 254 bytes .../res/drawable-xxxhdpi/ic_share_white_24dp.png | Bin 0 -> 1115 bytes app/src/main/res/values-v21/refs.xml | 13 + app/src/main/res/values/colours.xml | 13 + app/src/main/res/values/refs.xml | 15 + app/src/main/res/values/untranslatable.xml | 660 ++++ app/src/ovpn3/Android.mk | 40 + app/src/ovpn3/boostsrc/error_code.cpp | 430 +++ .../src/main/res/values/strings-icsopenvpn.xml | 8 - 228 files changed, 7500 insertions(+), 5490 deletions(-) mode change 120000 => 100644 app/openssl/apps/md4.c create mode 100644 app/openssl/crypto/constant_time_locl.h delete mode 100644 app/openssl/crypto/pkcs7/bio_ber.c delete mode 100644 app/openssl/crypto/pkcs7/dec.c delete mode 100644 app/openssl/crypto/pkcs7/des.pem delete mode 100644 app/openssl/crypto/pkcs7/doc delete mode 100644 app/openssl/crypto/pkcs7/enc.c delete mode 100644 app/openssl/crypto/pkcs7/es1.pem delete mode 100644 app/openssl/crypto/pkcs7/example.c delete mode 100644 app/openssl/crypto/pkcs7/example.h delete mode 100644 app/openssl/crypto/pkcs7/info.pem delete mode 100644 app/openssl/crypto/pkcs7/infokey.pem delete mode 100644 app/openssl/crypto/pkcs7/p7/a1 delete mode 100644 app/openssl/crypto/pkcs7/p7/a2 delete mode 100644 app/openssl/crypto/pkcs7/p7/cert.p7c delete mode 100644 app/openssl/crypto/pkcs7/p7/smime.p7m delete mode 100644 app/openssl/crypto/pkcs7/p7/smime.p7s delete mode 100644 app/openssl/crypto/pkcs7/server.pem delete mode 100644 app/openssl/crypto/pkcs7/sign.c delete mode 100644 app/openssl/crypto/pkcs7/t/3des.pem delete mode 100644 app/openssl/crypto/pkcs7/t/3dess.pem delete mode 100644 app/openssl/crypto/pkcs7/t/c.pem delete mode 100644 app/openssl/crypto/pkcs7/t/ff delete mode 100644 app/openssl/crypto/pkcs7/t/msie-e delete mode 100644 app/openssl/crypto/pkcs7/t/msie-e.pem delete mode 100644 app/openssl/crypto/pkcs7/t/msie-enc-01 delete mode 100644 app/openssl/crypto/pkcs7/t/msie-enc-01.pem delete mode 100644 app/openssl/crypto/pkcs7/t/msie-enc-02 delete mode 100644 app/openssl/crypto/pkcs7/t/msie-enc-02.pem delete mode 100644 app/openssl/crypto/pkcs7/t/msie-s-a-e delete mode 100644 app/openssl/crypto/pkcs7/t/msie-s-a-e.pem delete mode 100644 app/openssl/crypto/pkcs7/t/nav-smime delete mode 100644 app/openssl/crypto/pkcs7/t/s.pem delete mode 100644 app/openssl/crypto/pkcs7/t/server.pem delete mode 100644 app/openssl/crypto/pkcs7/verify.c create mode 100644 app/openssl/flavor.mk delete mode 100644 app/openvpn/.gitignore create mode 100644 app/openvpn/distro/rpm/openvpn.spec create mode 100644 app/openvpn/src/plugins/Makefile.in create mode 100644 app/openvpn/src/plugins/auth-pam/Makefile.in create mode 100644 app/openvpn/src/plugins/down-root/Makefile.in create mode 100644 app/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java create mode 100644 app/src/main/res/drawable-hdpi/ic_close_white_24dp.png create mode 100644 app/src/main/res/drawable-hdpi/ic_delete_white_24dp.png create mode 100644 app/src/main/res/drawable-hdpi/ic_edit_grey600_24dp.png create mode 100644 app/src/main/res/drawable-hdpi/ic_edit_white_24dp.png create mode 100644 app/src/main/res/drawable-hdpi/ic_filter_list_white_24dp.png create mode 100644 app/src/main/res/drawable-hdpi/ic_share_white_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_close_white_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_delete_white_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_edit_grey600_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_edit_white_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_filter_list_white_24dp.png create mode 100644 app/src/main/res/drawable-mdpi/ic_share_white_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_close_white_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_delete_white_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_edit_grey600_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_edit_white_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_filter_list_white_24dp.png create mode 100644 app/src/main/res/drawable-xhdpi/ic_share_white_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_close_white_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_delete_white_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_edit_grey600_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_edit_white_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_filter_list_white_24dp.png create mode 100644 app/src/main/res/drawable-xxhdpi/ic_share_white_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_close_white_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_delete_white_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_edit_grey600_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_edit_white_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_filter_list_white_24dp.png create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_share_white_24dp.png create mode 100644 app/src/main/res/values-v21/refs.xml create mode 100644 app/src/main/res/values/colours.xml create mode 100644 app/src/main/res/values/refs.xml create mode 100644 app/src/ovpn3/Android.mk create mode 100644 app/src/ovpn3/boostsrc/error_code.cpp delete mode 100644 app/vpndialogxposed/src/main/res/values/strings-icsopenvpn.xml (limited to 'app') diff --git a/app/build.gradle b/app/build.gradle index 4211e379..5f739419 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -2,15 +2,8 @@ apply plugin: 'android' //import org.ajoberstar.grgit.* android { - compileSdkVersion 19 - buildToolsVersion "20" - - defaultConfig { - minSdkVersion 14 - targetSdkVersion 19 - - testInstrumentationRunner "android.test.InstrumentationTestRunner" - } + compileSdkVersion 21 + buildToolsVersion "21.1.2" signingConfigs { release { @@ -67,18 +60,10 @@ task checkoutStrippedIcsOpenVPN ( type: Copy ) { into '../ics-openvpn-stripped' } -task copyIcsOpenVPNClasses( type: Copy, dependsOn: 'checkoutStrippedIcsOpenVPN' ) { +task copyIcsOpenVPNClasses( type: Copy ) { from ('../ics-openvpn-stripped/main/') { include '**/*.java' include '**/*.aidl' - include '**/strings.xml' - include '**/log_*.xml' - include '**/vpnstatus.xml' - include '**/styles.xml' - include '**/dimens.xml' - include '**/logmenu.xml' - - rename 'strings.xml', 'strings-icsopenvpn.xml' filter { line -> line.replaceAll('de.blinkt.openvpn.R', 'se.leap.bitmaskclient.R') } @@ -91,14 +76,45 @@ task copyIcsOpenVPNClasses( type: Copy, dependsOn: 'checkoutStrippedIcsOpenVPN' filter { line -> line.replace('package de.blinkt.openvpn.fragments;', 'package de.blinkt.openvpn.fragments;\n\nimport se.leap.bitmaskclient.R;') } + } into '.' +} + +task copyIcsOpenVPNXml( type: Copy ) { + from ('../ics-openvpn-stripped/main/') { + include '**/strings.xml' + include '**/log_*.xml' + include '**/vpnstatus.xml' + include '**/styles.xml' + include '**/dimens.xml' + include '**/refs.xml' + include '**/colours.xml' + include '**/logmenu.xml' + + rename 'strings.xml', 'strings-icsopenvpn.xml' filter { line -> line.replaceAll('.*name="app".*', '') } } into '.' } +task copyIcsOpenVPNImages( type: Copy ) { + from ('../ics-openvpn-stripped/main/') { + include '**/ic_filter*.png' + include '**/ic_delete*.png' + include '**/ic_share*.png' + include '**/ic_close*.png' + include '**/ic_edit*.png' + } into '.' +} + +task copyIcsOpenVPNFiles( type: Copy, dependsOn: 'checkoutStrippedIcsOpenVPN' ) { + copyIcsOpenVPNClasses.execute() + copyIcsOpenVPNXml.execute() + copyIcsOpenVPNImages.execute() +} + // thanks to http://pleac.sourceforge.net/pleac_groovy/fileaccess.html -task removeDuplicatedStrings( dependsOn: 'copyIcsOpenVPNClasses' ) << { +task removeDuplicatedStrings( dependsOn: 'copyIcsOpenVPNFiles' ) << { new File('app').eachFileRecurse { if(it.name.equals('strings.xml')) { def ics_openvpn_file = file(it.absolutePath.replace('strings.xml', 'strings-icsopenvpn.xml')) @@ -149,8 +165,9 @@ task mergeUntranslatable( type: Copy, dependsOn: 'removeDuplicatedStrings') { } task updateIcsOpenVpn( type: Copy, dependsOn: 'mergeUntranslatable') { - from('../ics-openvpn-stripped/main') { + from('../ics-openvpn-stripped/main/src/') { include 'openvpn/**' + include 'openssl/**' include 'lzo/**' include 'jni/**' include 'misc/**' diff --git a/app/openssl/Apps-config-host.mk b/app/openssl/Apps-config-host.mk index 5c1604e0..c6ebf817 100644 --- a/app/openssl/Apps-config-host.mk +++ b/app/openssl/Apps-config-host.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -74,30 +74,40 @@ common_c_includes := \ external/openssl/. \ external/openssl/include \ +arm_clang_asflags := + arm_cflags := arm_src_files := arm_exclude_files := +arm64_clang_asflags := + arm64_cflags := arm64_src_files := arm64_exclude_files := +x86_clang_asflags := + x86_cflags := x86_src_files := x86_exclude_files := +x86_64_clang_asflags := + x86_64_cflags := x86_64_src_files := x86_64_exclude_files := +mips_clang_asflags := + mips_cflags := mips_src_files := diff --git a/app/openssl/Apps-config-target.mk b/app/openssl/Apps-config-target.mk index 0c567d4d..fe600c0a 100644 --- a/app/openssl/Apps-config-target.mk +++ b/app/openssl/Apps-config-target.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -74,30 +74,40 @@ common_c_includes := \ external/openssl/. \ external/openssl/include \ +arm_clang_asflags := + arm_cflags := arm_src_files := arm_exclude_files := +arm64_clang_asflags := + arm64_cflags := arm64_src_files := arm64_exclude_files := +x86_clang_asflags := + x86_cflags := x86_src_files := x86_exclude_files := +x86_64_clang_asflags := + x86_64_cflags := x86_64_src_files := x86_64_exclude_files := +mips_clang_asflags := + mips_cflags := mips_src_files := @@ -110,15 +120,20 @@ LOCAL_C_INCLUDES += $(common_c_includes) LOCAL_SRC_FILES_arm += $(filter-out $(arm_exclude_files),$(common_src_files) $(arm_src_files)) LOCAL_CFLAGS_arm += $(arm_cflags) +LOCAL_CLANG_ASFLAGS_arm += $(arm_clang_asflags) LOCAL_SRC_FILES_arm64 += $(filter-out $(arm64_exclude_files),$(common_src_files) $(arm64_src_files)) LOCAL_CFLAGS_arm64 += $(arm64_cflags) +LOCAL_CLANG_ASFLAGS_arm64 += $(arm64_clang_asflags) LOCAL_SRC_FILES_x86 += $(filter-out $(x86_exclude_files),$(common_src_files) $(x86_src_files)) LOCAL_CFLAGS_x86 += $(x86_cflags) +LOCAL_CLANG_ASFLAGS_x86 += $(x86_clang_asflags) LOCAL_SRC_FILES_x86_64 += $(filter-out $(x86_64_exclude_files),$(common_src_files) $(x86_64_src_files)) LOCAL_CFLAGS_x86_64 += $(x86_64_cflags) +LOCAL_CLANG_ASFLAGS_x86_64 += $(x86_64_clang_asflags) LOCAL_SRC_FILES_mips += $(filter-out $(mips_exclude_files),$(common_src_files) $(mips_src_files)) LOCAL_CFLAGS_mips += $(mips_cflags) +LOCAL_CLANG_ASFLAGS_mips += $(mips_clang_asflags) diff --git a/app/openssl/Crypto-config-host.mk b/app/openssl/Crypto-config-host.mk index 5b643792..1e94f10b 100644 --- a/app/openssl/Crypto-config-host.mk +++ b/app/openssl/Crypto-config-host.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -184,6 +184,7 @@ common_src_files := \ crypto/conf/conf_mall.c \ crypto/conf/conf_mod.c \ crypto/conf/conf_sap.c \ + crypto/constant_time_locl.h \ crypto/cpt_err.c \ crypto/cryptlib.c \ crypto/cversion.c \ @@ -540,6 +541,9 @@ common_c_includes := \ external/openssl/include \ external/openssl/include/openssl \ +arm_clang_asflags := \ + -no-integrated-as \ + arm_cflags := \ -DAES_ASM \ -DBSAES_ASM \ @@ -570,6 +574,9 @@ arm_exclude_files := \ crypto/aes/aes_core.c \ crypto/mem_clr.c \ +arm64_clang_asflags := \ + -no-integrated-as \ + arm64_cflags := \ -DDES_UNROLL \ -DOPENSSL_CPUID_OBJ \ @@ -588,6 +595,8 @@ arm64_src_files := \ arm64_exclude_files := +x86_clang_asflags := + x86_cflags := \ -DAES_ASM \ -DDES_PTR \ @@ -634,6 +643,8 @@ x86_exclude_files := \ crypto/des/fcrypt_b.c \ crypto/mem_clr.c \ +x86_64_clang_asflags := + x86_64_cflags := \ -DAES_ASM \ -DBSAES_ASM \ @@ -678,6 +689,8 @@ x86_64_exclude_files := \ crypto/rc4/rc4_enc.c \ crypto/rc4/rc4_skey.c \ +mips_clang_asflags := + mips_cflags := \ -DAES_ASM \ -DOPENSSL_BN_ASM_MONT \ diff --git a/app/openssl/Crypto-config-target.mk b/app/openssl/Crypto-config-target.mk index bd29dfe5..43de9567 100644 --- a/app/openssl/Crypto-config-target.mk +++ b/app/openssl/Crypto-config-target.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -184,6 +184,7 @@ common_src_files := \ crypto/conf/conf_mall.c \ crypto/conf/conf_mod.c \ crypto/conf/conf_sap.c \ + crypto/constant_time_locl.h \ crypto/cpt_err.c \ crypto/cryptlib.c \ crypto/cversion.c \ @@ -540,6 +541,9 @@ common_c_includes := \ openssl/include \ openssl/include/openssl \ +arm_clang_asflags := \ + -no-integrated-as \ + arm_cflags := \ -DAES_ASM \ -DBSAES_ASM \ @@ -570,6 +574,9 @@ arm_exclude_files := \ crypto/aes/aes_core.c \ crypto/mem_clr.c \ +arm64_clang_asflags := \ + -no-integrated-as \ + arm64_cflags := \ -DDES_UNROLL \ -DOPENSSL_CPUID_OBJ \ @@ -588,6 +595,8 @@ arm64_src_files := \ arm64_exclude_files := +x86_clang_asflags := + x86_cflags := \ -DAES_ASM \ -DDES_PTR \ @@ -634,6 +643,8 @@ x86_exclude_files := \ crypto/des/fcrypt_b.c \ crypto/mem_clr.c \ +x86_64_clang_asflags := + x86_64_cflags := \ -DAES_ASM \ -DBSAES_ASM \ @@ -678,6 +689,8 @@ x86_64_exclude_files := \ crypto/rc4/rc4_enc.c \ crypto/rc4/rc4_skey.c \ +mips_clang_asflags := + mips_cflags := \ -DAES_ASM \ -DOPENSSL_BN_ASM_MONT \ @@ -701,15 +714,20 @@ LOCAL_C_INCLUDES += $(common_c_includes) LOCAL_SRC_FILES_arm += $(filter-out $(arm_exclude_files),$(common_src_files) $(arm_src_files)) LOCAL_CFLAGS_arm += $(arm_cflags) +LOCAL_CLANG_ASFLAGS_arm += $(arm_clang_asflags) LOCAL_SRC_FILES_arm64 += $(filter-out $(arm64_exclude_files),$(common_src_files) $(arm64_src_files)) LOCAL_CFLAGS_arm64 += $(arm64_cflags) +LOCAL_CLANG_ASFLAGS_arm64 += $(arm64_clang_asflags) LOCAL_SRC_FILES_x86 += $(filter-out $(x86_exclude_files),$(common_src_files) $(x86_src_files)) LOCAL_CFLAGS_x86 += $(x86_cflags) +LOCAL_CLANG_ASFLAGS_x86 += $(x86_clang_asflags) LOCAL_SRC_FILES_x86_64 += $(filter-out $(x86_64_exclude_files),$(common_src_files) $(x86_64_src_files)) LOCAL_CFLAGS_x86_64 += $(x86_64_cflags) +LOCAL_CLANG_ASFLAGS_x86_64 += $(x86_64_clang_asflags) LOCAL_SRC_FILES_mips += $(filter-out $(mips_exclude_files),$(common_src_files) $(mips_src_files)) LOCAL_CFLAGS_mips += $(mips_cflags) +LOCAL_CLANG_ASFLAGS_mips += $(mips_clang_asflags) diff --git a/app/openssl/Crypto-config-trusty.mk b/app/openssl/Crypto-config-trusty.mk index 59915986..c1b01d50 100644 --- a/app/openssl/Crypto-config-trusty.mk +++ b/app/openssl/Crypto-config-trusty.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -199,6 +199,8 @@ common_c_includes := \ external/openssl/include \ external/openssl/include/openssl \ +arm_clang_asflags := + arm_cflags := \ -DAES_ASM \ -DGHASH_ASM \ @@ -218,24 +220,32 @@ arm_src_files := \ arm_exclude_files := +arm64_clang_asflags := + arm64_cflags := arm64_src_files := arm64_exclude_files := +x86_clang_asflags := + x86_cflags := x86_src_files := x86_exclude_files := +x86_64_clang_asflags := + x86_64_cflags := x86_64_src_files := x86_64_exclude_files := +mips_clang_asflags := + mips_cflags := mips_src_files := @@ -248,15 +258,20 @@ LOCAL_C_INCLUDES += $(common_c_includes) LOCAL_SRC_FILES_arm += $(filter-out $(arm_exclude_files),$(common_src_files) $(arm_src_files)) LOCAL_CFLAGS_arm += $(arm_cflags) +LOCAL_CLANG_ASFLAGS_arm += $(arm_clang_asflags) LOCAL_SRC_FILES_arm64 += $(filter-out $(arm64_exclude_files),$(common_src_files) $(arm64_src_files)) LOCAL_CFLAGS_arm64 += $(arm64_cflags) +LOCAL_CLANG_ASFLAGS_arm64 += $(arm64_clang_asflags) LOCAL_SRC_FILES_x86 += $(filter-out $(x86_exclude_files),$(common_src_files) $(x86_src_files)) LOCAL_CFLAGS_x86 += $(x86_cflags) +LOCAL_CLANG_ASFLAGS_x86 += $(x86_clang_asflags) LOCAL_SRC_FILES_x86_64 += $(filter-out $(x86_64_exclude_files),$(common_src_files) $(x86_64_src_files)) LOCAL_CFLAGS_x86_64 += $(x86_64_cflags) +LOCAL_CLANG_ASFLAGS_x86_64 += $(x86_64_clang_asflags) LOCAL_SRC_FILES_mips += $(filter-out $(mips_exclude_files),$(common_src_files) $(mips_src_files)) LOCAL_CFLAGS_mips += $(mips_cflags) +LOCAL_CLANG_ASFLAGS_mips += $(mips_clang_asflags) diff --git a/app/openssl/Ssl-config-host.mk b/app/openssl/Ssl-config-host.mk index 57ea3775..83c60267 100644 --- a/app/openssl/Ssl-config-host.mk +++ b/app/openssl/Ssl-config-host.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -68,30 +68,40 @@ common_c_includes := \ external/openssl/crypto \ external/openssl/include \ +arm_clang_asflags := + arm_cflags := arm_src_files := arm_exclude_files := +arm64_clang_asflags := + arm64_cflags := arm64_src_files := arm64_exclude_files := +x86_clang_asflags := + x86_cflags := x86_src_files := x86_exclude_files := +x86_64_clang_asflags := + x86_64_cflags := x86_64_src_files := x86_64_exclude_files := +mips_clang_asflags := + mips_cflags := mips_src_files := diff --git a/app/openssl/Ssl-config-target.mk b/app/openssl/Ssl-config-target.mk index c08a971d..bf1671f0 100644 --- a/app/openssl/Ssl-config-target.mk +++ b/app/openssl/Ssl-config-target.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # # This script will append to the following variables: # @@ -68,30 +68,40 @@ common_c_includes := \ openssl/crypto \ openssl/include \ +arm_clang_asflags := + arm_cflags := arm_src_files := arm_exclude_files := +arm64_clang_asflags := + arm64_cflags := arm64_src_files := arm64_exclude_files := +x86_clang_asflags := + x86_cflags := x86_src_files := x86_exclude_files := +x86_64_clang_asflags := + x86_64_cflags := x86_64_src_files := x86_64_exclude_files := +mips_clang_asflags := + mips_cflags := mips_src_files := @@ -104,15 +114,20 @@ LOCAL_C_INCLUDES += $(common_c_includes) LOCAL_SRC_FILES_arm += $(filter-out $(arm_exclude_files),$(common_src_files) $(arm_src_files)) LOCAL_CFLAGS_arm += $(arm_cflags) +LOCAL_CLANG_ASFLAGS_arm += $(arm_clang_asflags) LOCAL_SRC_FILES_arm64 += $(filter-out $(arm64_exclude_files),$(common_src_files) $(arm64_src_files)) LOCAL_CFLAGS_arm64 += $(arm64_cflags) +LOCAL_CLANG_ASFLAGS_arm64 += $(arm64_clang_asflags) LOCAL_SRC_FILES_x86 += $(filter-out $(x86_exclude_files),$(common_src_files) $(x86_src_files)) LOCAL_CFLAGS_x86 += $(x86_cflags) +LOCAL_CLANG_ASFLAGS_x86 += $(x86_clang_asflags) LOCAL_SRC_FILES_x86_64 += $(filter-out $(x86_64_exclude_files),$(common_src_files) $(x86_64_src_files)) LOCAL_CFLAGS_x86_64 += $(x86_64_cflags) +LOCAL_CLANG_ASFLAGS_x86_64 += $(x86_64_clang_asflags) LOCAL_SRC_FILES_mips += $(filter-out $(mips_exclude_files),$(common_src_files) $(mips_src_files)) LOCAL_CFLAGS_mips += $(mips_cflags) +LOCAL_CLANG_ASFLAGS_mips += $(mips_clang_asflags) diff --git a/app/openssl/Ssl.mk b/app/openssl/Ssl.mk index 0cb93eac..f3263ff0 100644 --- a/app/openssl/Ssl.mk +++ b/app/openssl/Ssl.mk @@ -1,5 +1,6 @@ ####################################### # target static library + include $(CLEAR_VARS) include $(LOCAL_PATH)/ndk-build-clear.mk @@ -25,6 +26,7 @@ include $(BUILD_STATIC_LIBRARY) # target shared library include $(CLEAR_VARS) include $(LOCAL_PATH)/ndk-build-clear.mk + LOCAL_SHARED_LIBRARIES := $(log_shared_libraries) LOCAL_C_INCLUDES := $(log_c_includes) diff --git a/app/openssl/android-config.mk b/app/openssl/android-config.mk index 2a091130..675a65b3 100644 --- a/app/openssl/android-config.mk +++ b/app/openssl/android-config.mk @@ -41,6 +41,8 @@ LOCAL_CFLAGS_32 := $(filter-out -DDSO_DLFCN -DHAVE_DLFCN_H,$(LOCAL_CFLAGS_32)) LOCAL_CFLAGS_64 := $(filter-out -DDSO_DLFCN -DHAVE_DLFCN_H,$(LOCAL_CFLAGS_64)) endif +LOCAL_CFLAGS += -Wno-missing-field-initializers -Wno-unused-parameter + # Debug # LOCAL_CFLAGS += -DCIPHER_DEBUG diff --git a/app/openssl/android.testssl/testssl b/app/openssl/android.testssl/testssl index 5ff48604..66b87361 100755 --- a/app/openssl/android.testssl/testssl +++ b/app/openssl/android.testssl/testssl @@ -176,6 +176,12 @@ else echo test tls1 with SRP via BIO pair $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123 + + echo test tls1 with SRP auth + $ssltest -tls1 -cipher aSRP -srpuser test -srppass abc123 + + echo test tls1 with SRP auth via BIO pair + $ssltest -bio_pair -tls1 -cipher aSRP -srpuser test -srppass abc123 fi exit 0 diff --git a/app/openssl/apps/apps.c b/app/openssl/apps/apps.c index b76db10a..3e18289a 100644 --- a/app/openssl/apps/apps.c +++ b/app/openssl/apps/apps.c @@ -390,6 +390,8 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) { arg->count=20; arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count); + if (arg->data == NULL) + return 0; } for (i=0; icount; i++) arg->data[i]=NULL; @@ -1542,6 +1544,8 @@ char *make_config_name() len=strlen(t)+strlen(OPENSSL_CONF)+2; p=OPENSSL_malloc(len); + if (p == NULL) + return NULL; BUF_strlcpy(p,t,len); #ifndef OPENSSL_SYS_VMS BUF_strlcat(p,"/",len); diff --git a/app/openssl/apps/ca.c b/app/openssl/apps/ca.c index 1cf50e00..9c25026a 100644 --- a/app/openssl/apps/ca.c +++ b/app/openssl/apps/ca.c @@ -1620,12 +1620,14 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, { ok=0; BIO_printf(bio_err,"Signature verification problems....\n"); + ERR_print_errors(bio_err); goto err; } if (i == 0) { ok=0; BIO_printf(bio_err,"Signature did not match the certificate request\n"); + ERR_print_errors(bio_err); goto err; } else @@ -2777,6 +2779,9 @@ char *make_revocation_str(int rev_type, char *rev_arg) revtm = X509_gmtime_adj(NULL, 0); + if (!revtm) + return NULL; + i = revtm->length + 1; if (reason) i += strlen(reason) + 1; diff --git a/app/openssl/apps/ciphers.c b/app/openssl/apps/ciphers.c index 5f2b7397..93dce1c4 100644 --- a/app/openssl/apps/ciphers.c +++ b/app/openssl/apps/ciphers.c @@ -96,13 +96,7 @@ int MAIN(int argc, char **argv) char buf[512]; BIO *STDout=NULL; -#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) meth=SSLv23_server_method(); -#elif !defined(OPENSSL_NO_SSL3) - meth=SSLv3_server_method(); -#elif !defined(OPENSSL_NO_SSL2) - meth=SSLv2_server_method(); -#endif apps_startup(); diff --git a/app/openssl/apps/crl2p7.c b/app/openssl/apps/crl2p7.c index bbc83774..42c6886b 100644 --- a/app/openssl/apps/crl2p7.c +++ b/app/openssl/apps/crl2p7.c @@ -141,7 +141,13 @@ int MAIN(int argc, char **argv) { if (--argc < 1) goto bad; if(!certflst) certflst = sk_OPENSSL_STRING_new_null(); - sk_OPENSSL_STRING_push(certflst,*(++argv)); + if (!certflst) + goto end; + if (!sk_OPENSSL_STRING_push(certflst,*(++argv))) + { + sk_OPENSSL_STRING_free(certflst); + goto end; + } } else { diff --git a/app/openssl/apps/enc.c b/app/openssl/apps/enc.c index 19ea3df9..c8cb0212 100644 --- a/app/openssl/apps/enc.c +++ b/app/openssl/apps/enc.c @@ -67,7 +67,9 @@ #include #include #include +#ifndef OPENSSL_NO_COMP #include +#endif #include int set_hex(char *in,unsigned char *out,int size); @@ -337,6 +339,12 @@ bad: goto end; } + if (cipher && (EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)) + { + BIO_printf(bio_err, "Ciphers in XTS mode are not supported by the enc utility\n"); + goto end; + } + if (md && (dgst=EVP_get_digestbyname(md)) == NULL) { BIO_printf(bio_err,"%s is an unsupported message digest type\n",md); diff --git a/app/openssl/apps/md4.c b/app/openssl/apps/md4.c deleted file mode 120000 index 7f457b2a..00000000 --- a/app/openssl/apps/md4.c +++ /dev/null @@ -1 +0,0 @@ -../crypto/md4/md4.c \ No newline at end of file diff --git a/app/openssl/apps/md4.c b/app/openssl/apps/md4.c new file mode 100644 index 00000000..141415ad --- /dev/null +++ b/app/openssl/apps/md4.c @@ -0,0 +1,127 @@ +/* crypto/md4/md4.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include + +#define BUFSIZE 1024*16 + +void do_fp(FILE *f); +void pt(unsigned char *md); +#if !defined(_OSD_POSIX) && !defined(__DJGPP__) +int read(int, void *, unsigned int); +#endif + +int main(int argc, char **argv) + { + int i,err=0; + FILE *IN; + + if (argc == 1) + { + do_fp(stdin); + } + else + { + for (i=1; i HTTP/1.0' with file ./\n"); BIO_printf(bio_err," -HTTP - Respond to a 'GET / HTTP/1.0' with file ./\n"); @@ -562,6 +564,10 @@ static void sv_usage(void) #endif BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); + BIO_printf(bio_err," -status - respond to certificate status requests\n"); + BIO_printf(bio_err," -status_verbose - enable status request verbose printout\n"); + BIO_printf(bio_err," -status_timeout n - status request responder timeout\n"); + BIO_printf(bio_err," -status_url URL - status request fallback URL\n"); } static int local_argc=0; @@ -739,7 +745,7 @@ static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) if (servername) { - if (strcmp(servername,p->servername)) + if (strcasecmp(servername,p->servername)) return p->extension_error; if (ctx2) { @@ -1356,6 +1362,14 @@ bad: sv_usage(); goto end; } +#ifndef OPENSSL_NO_DTLS1 + if (www && socket_type == SOCK_DGRAM) + { + BIO_printf(bio_err, + "Can't use -HTTP, -www or -WWW with DTLS\n"); + goto end; + } +#endif #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) if (jpake_secret) diff --git a/app/openssl/build-config-32.mk b/app/openssl/build-config-32.mk index d035f1e4..9f1380b9 100644 --- a/app/openssl/build-config-32.mk +++ b/app/openssl/build-config-32.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # openssl_cflags_32 := \ -DOPENSSL_THREADS \ @@ -31,6 +31,7 @@ openssl_cflags_32 := \ -DOPENSSL_NO_SHA0 \ -DOPENSSL_NO_STATIC_ENGINE \ -DOPENSSL_NO_STORE \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ openssl_cflags_static_32 := \ @@ -60,5 +61,6 @@ openssl_cflags_static_32 := \ -DOPENSSL_NO_SHA0 \ -DOPENSSL_NO_STATIC_ENGINE \ -DOPENSSL_NO_STORE \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ diff --git a/app/openssl/build-config-64.mk b/app/openssl/build-config-64.mk index 45a8141d..2475c2ed 100644 --- a/app/openssl/build-config-64.mk +++ b/app/openssl/build-config-64.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # openssl_cflags_64 := \ -DOPENSSL_THREADS \ @@ -31,6 +31,7 @@ openssl_cflags_64 := \ -DOPENSSL_NO_SHA0 \ -DOPENSSL_NO_STATIC_ENGINE \ -DOPENSSL_NO_STORE \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ openssl_cflags_static_64 := \ @@ -60,5 +61,6 @@ openssl_cflags_static_64 := \ -DOPENSSL_NO_SHA0 \ -DOPENSSL_NO_STATIC_ENGINE \ -DOPENSSL_NO_STORE \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ diff --git a/app/openssl/build-config-trusty.mk b/app/openssl/build-config-trusty.mk index 4d6fb58c..34574f34 100644 --- a/app/openssl/build-config-trusty.mk +++ b/app/openssl/build-config-trusty.mk @@ -1,6 +1,6 @@ # Auto-generated - DO NOT EDIT! # To regenerate, edit openssl.config, then run: -# ./import_openssl.sh import /path/to/openssl-1.0.1h.tar.gz +# ./import_openssl.sh import /path/to/openssl-1.0.1j.tar.gz # openssl_cflags_trusty := \ -DL_ENDIAN \ @@ -48,6 +48,7 @@ openssl_cflags_trusty := \ -DOPENSSL_NO_TS \ -DOPENSSL_NO_TXT_DB \ -DOPENSSL_NO_UI \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ openssl_cflags_static_trusty := \ @@ -96,5 +97,6 @@ openssl_cflags_static_trusty := \ -DOPENSSL_NO_TS \ -DOPENSSL_NO_TXT_DB \ -DOPENSSL_NO_UI \ + -DOPENSSL_NO_UNIT_TEST \ -DOPENSSL_NO_WHIRLPOOL \ diff --git a/app/openssl/crypto/LPdir_win.c b/app/openssl/crypto/LPdir_win.c index 702dbc73..d5b5e2c9 100644 --- a/app/openssl/crypto/LPdir_win.c +++ b/app/openssl/crypto/LPdir_win.c @@ -1,4 +1,3 @@ -/* $LP: LPlib/source/LPdir_win.c,v 1.10 2004/08/26 13:36:05 _cvs_levitte Exp $ */ /* * Copyright (c) 2004, Richard Levitte * All rights reserved. @@ -63,6 +62,16 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory) errno = 0; if (*ctx == NULL) { + const char *extdir = directory; + char *extdirbuf = NULL; + size_t dirlen = strlen (directory); + + if (dirlen == 0) + { + errno = ENOENT; + return 0; + } + *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX)); if (*ctx == NULL) { @@ -71,15 +80,35 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory) } memset(*ctx, '\0', sizeof(LP_DIR_CTX)); + if (directory[dirlen-1] != '*') + { + extdirbuf = (char *)malloc(dirlen + 3); + if (extdirbuf == NULL) + { + free(*ctx); + *ctx = NULL; + errno = ENOMEM; + return 0; + } + if (directory[dirlen-1] != '/' && directory[dirlen-1] != '\\') + extdir = strcat(strcpy (extdirbuf,directory),"/*"); + else + extdir = strcat(strcpy (extdirbuf,directory),"*"); + } + if (sizeof(TCHAR) != sizeof(char)) { TCHAR *wdir = NULL; /* len_0 denotes string length *with* trailing 0 */ - size_t index = 0,len_0 = strlen(directory) + 1; + size_t index = 0,len_0 = strlen(extdir) + 1; - wdir = (TCHAR *)malloc(len_0 * sizeof(TCHAR)); + wdir = (TCHAR *)calloc(len_0, sizeof(TCHAR)); if (wdir == NULL) { + if (extdirbuf != NULL) + { + free (extdirbuf); + } free(*ctx); *ctx = NULL; errno = ENOMEM; @@ -87,17 +116,23 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory) } #ifdef LP_MULTIBYTE_AVAILABLE - if (!MultiByteToWideChar(CP_ACP, 0, directory, len_0, (WCHAR *)wdir, len_0)) + if (!MultiByteToWideChar(CP_ACP, 0, extdir, len_0, (WCHAR *)wdir, len_0)) #endif for (index = 0; index < len_0; index++) - wdir[index] = (TCHAR)directory[index]; + wdir[index] = (TCHAR)extdir[index]; (*ctx)->handle = FindFirstFile(wdir, &(*ctx)->ctx); free(wdir); } else - (*ctx)->handle = FindFirstFile((TCHAR *)directory, &(*ctx)->ctx); + { + (*ctx)->handle = FindFirstFile((TCHAR *)extdir, &(*ctx)->ctx); + } + if (extdirbuf != NULL) + { + free (extdirbuf); + } if ((*ctx)->handle == INVALID_HANDLE_VALUE) { @@ -114,7 +149,6 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory) return 0; } } - if (sizeof(TCHAR) != sizeof(char)) { TCHAR *wdir = (*ctx)->ctx.cFileName; diff --git a/app/openssl/crypto/aes/asm/aesni-x86_64.pl b/app/openssl/crypto/aes/asm/aesni-x86_64.pl index 0dbb194b..c9270dfd 100644 --- a/app/openssl/crypto/aes/asm/aesni-x86_64.pl +++ b/app/openssl/crypto/aes/asm/aesni-x86_64.pl @@ -525,6 +525,16 @@ $code.=<<___; .type aesni_ecb_encrypt,\@function,5 .align 16 aesni_ecb_encrypt: +___ +$code.=<<___ if ($win64); + lea -0x58(%rsp),%rsp + movaps %xmm6,(%rsp) + movaps %xmm7,0x10(%rsp) + movaps %xmm8,0x20(%rsp) + movaps %xmm9,0x30(%rsp) +.Lecb_enc_body: +___ +$code.=<<___; and \$-16,$len jz .Lecb_ret @@ -805,6 +815,16 @@ $code.=<<___; movups $inout5,0x50($out) .Lecb_ret: +___ +$code.=<<___ if ($win64); + movaps (%rsp),%xmm6 + movaps 0x10(%rsp),%xmm7 + movaps 0x20(%rsp),%xmm8 + movaps 0x30(%rsp),%xmm9 + lea 0x58(%rsp),%rsp +.Lecb_enc_ret: +___ +$code.=<<___; ret .size aesni_ecb_encrypt,.-aesni_ecb_encrypt ___ @@ -2730,28 +2750,9 @@ $code.=<<___; .extern __imp_RtlVirtualUnwind ___ $code.=<<___ if ($PREFIX eq "aesni"); -.type ecb_se_handler,\@abi-omnipotent -.align 16 -ecb_se_handler: - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 152($context),%rax # pull context->Rsp - - jmp .Lcommon_seh_tail -.size ecb_se_handler,.-ecb_se_handler - -.type ccm64_se_handler,\@abi-omnipotent +.type ecb_ccm64_se_handler,\@abi-omnipotent .align 16 -ccm64_se_handler: +ecb_ccm64_se_handler: push %rsi push %rdi push %rbx @@ -2788,7 +2789,7 @@ ccm64_se_handler: lea 0x58(%rax),%rax # adjust stack pointer jmp .Lcommon_seh_tail -.size ccm64_se_handler,.-ccm64_se_handler +.size ecb_ccm64_se_handler,.-ecb_ccm64_se_handler .type ctr32_se_handler,\@abi-omnipotent .align 16 @@ -2993,14 +2994,15 @@ ___ $code.=<<___ if ($PREFIX eq "aesni"); .LSEH_info_ecb: .byte 9,0,0,0 - .rva ecb_se_handler + .rva ecb_ccm64_se_handler + .rva .Lecb_enc_body,.Lecb_enc_ret # HandlerData[] .LSEH_info_ccm64_enc: .byte 9,0,0,0 - .rva ccm64_se_handler + .rva ecb_ccm64_se_handler .rva .Lccm64_enc_body,.Lccm64_enc_ret # HandlerData[] .LSEH_info_ccm64_dec: .byte 9,0,0,0 - .rva ccm64_se_handler + .rva ecb_ccm64_se_handler .rva .Lccm64_dec_body,.Lccm64_dec_ret # HandlerData[] .LSEH_info_ctr32: .byte 9,0,0,0 diff --git a/app/openssl/crypto/asn1/a_object.c b/app/openssl/crypto/asn1/a_object.c index 3978c915..77b27689 100644 --- a/app/openssl/crypto/asn1/a_object.c +++ b/app/openssl/crypto/asn1/a_object.c @@ -283,17 +283,29 @@ err: ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); return(NULL); } + ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long len) { ASN1_OBJECT *ret=NULL; const unsigned char *p; unsigned char *data; - int i; - /* Sanity check OID encoding: can't have leading 0x80 in - * subidentifiers, see: X.690 8.19.2 + int i, length; + + /* Sanity check OID encoding. + * Need at least one content octet. + * MSB must be clear in the last octet. + * can't have leading 0x80 in subidentifiers, see: X.690 8.19.2 */ - for (i = 0, p = *pp; i < len; i++, p++) + if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL || + p[len - 1] & 0x80) + { + ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING); + return NULL; + } + /* Now 0 < len <= INT_MAX, so the cast is safe. */ + length = (int)len; + for (i = 0; i < length; i++, p++) { if (*p == 0x80 && (!i || !(p[-1] & 0x80))) { @@ -316,23 +328,23 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, data = (unsigned char *)ret->data; ret->data = NULL; /* once detached we can change it */ - if ((data == NULL) || (ret->length < len)) + if ((data == NULL) || (ret->length < length)) { ret->length=0; if (data != NULL) OPENSSL_free(data); - data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1); + data=(unsigned char *)OPENSSL_malloc(length); if (data == NULL) { i=ERR_R_MALLOC_FAILURE; goto err; } ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; } - memcpy(data,p,(int)len); + memcpy(data,p,length); /* reattach data to object, after which it remains const */ ret->data =data; - ret->length=(int)len; + ret->length=length; ret->sn=NULL; ret->ln=NULL; /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */ - p+=len; + p+=length; if (a != NULL) (*a)=ret; *pp=p; diff --git a/app/openssl/crypto/asn1/a_strex.c b/app/openssl/crypto/asn1/a_strex.c index ead37ac3..8fb4193b 100644 --- a/app/openssl/crypto/asn1/a_strex.c +++ b/app/openssl/crypto/asn1/a_strex.c @@ -568,6 +568,7 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in) mbflag |= MBSTRING_FLAG; stmp.data = NULL; stmp.length = 0; + stmp.flags = 0; ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING); if(ret < 0) return ret; *out = stmp.data; diff --git a/app/openssl/crypto/asn1/a_utctm.c b/app/openssl/crypto/asn1/a_utctm.c index 072e2365..bbdc9b32 100644 --- a/app/openssl/crypto/asn1/a_utctm.c +++ b/app/openssl/crypto/asn1/a_utctm.c @@ -196,24 +196,29 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, struct tm *ts; struct tm data; size_t len = 20; + int free_s = 0; if (s == NULL) + { + free_s = 1; s=M_ASN1_UTCTIME_new(); + } if (s == NULL) - return(NULL); + goto err; + ts=OPENSSL_gmtime(&t, &data); if (ts == NULL) - return(NULL); + goto err; if (offset_day || offset_sec) { if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) - return NULL; + goto err; } if((ts->tm_year < 50) || (ts->tm_year >= 150)) - return NULL; + goto err; p=(char *)s->data; if ((p == NULL) || ((size_t)s->length < len)) @@ -222,7 +227,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, if (p == NULL) { ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE); - return(NULL); + goto err; } if (s->data != NULL) OPENSSL_free(s->data); @@ -237,6 +242,10 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, ebcdic2ascii(s->data, s->data, s->length); #endif return(s); + err: + if (free_s && s) + M_ASN1_UTCTIME_free(s); + return NULL; } @@ -261,6 +270,11 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) t -= offset*60; /* FIXME: may overflow in extreme cases */ tm = OPENSSL_gmtime(&t, &data); + /* NB: -1, 0, 1 already valid return values so use -2 to + * indicate error. + */ + if (tm == NULL) + return -2; #define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1 year = g2(s->data); diff --git a/app/openssl/crypto/asn1/ameth_lib.c b/app/openssl/crypto/asn1/ameth_lib.c index a19e058f..ef153d46 100644 --- a/app/openssl/crypto/asn1/ameth_lib.c +++ b/app/openssl/crypto/asn1/ameth_lib.c @@ -258,7 +258,12 @@ int EVP_PKEY_asn1_add_alias(int to, int from) if (!ameth) return 0; ameth->pkey_base_id = to; - return EVP_PKEY_asn1_add0(ameth); + if (!EVP_PKEY_asn1_add0(ameth)) + { + EVP_PKEY_asn1_free(ameth); + return 0; + } + return 1; } int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, int *ppkey_flags, diff --git a/app/openssl/crypto/asn1/asn1_lib.c b/app/openssl/crypto/asn1/asn1_lib.c index 1bcb44ae..fa04b08e 100644 --- a/app/openssl/crypto/asn1/asn1_lib.c +++ b/app/openssl/crypto/asn1/asn1_lib.c @@ -131,6 +131,9 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, *pclass=xclass; if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err; + if (inf && !(ret & V_ASN1_CONSTRUCTED)) + goto err; + #if 0 fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n", (int)p,*plength,omax,(int)*pp,(int)(p+ *plength), diff --git a/app/openssl/crypto/asn1/asn_mime.c b/app/openssl/crypto/asn1/asn_mime.c index 54a704a9..13d003bc 100644 --- a/app/openssl/crypto/asn1/asn_mime.c +++ b/app/openssl/crypto/asn1/asn_mime.c @@ -667,6 +667,8 @@ static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio) int len, state, save_state = 0; headers = sk_MIME_HEADER_new(mime_hdr_cmp); + if (!headers) + return NULL; while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { /* If whitespace at line start then continuation line */ if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME; diff --git a/app/openssl/crypto/asn1/asn_pack.c b/app/openssl/crypto/asn1/asn_pack.c index ad738217..00dbf5ad 100644 --- a/app/openssl/crypto/asn1/asn_pack.c +++ b/app/openssl/crypto/asn1/asn_pack.c @@ -134,15 +134,23 @@ ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct) if (!(octmp->length = i2d(obj, NULL))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); - return NULL; + goto err; } if (!(p = OPENSSL_malloc (octmp->length))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } octmp->data = p; i2d (obj, &p); return octmp; + err: + if (!oct || !*oct) + { + ASN1_STRING_free(octmp); + if (oct) + *oct = NULL; + } + return NULL; } #endif diff --git a/app/openssl/crypto/asn1/bio_asn1.c b/app/openssl/crypto/asn1/bio_asn1.c index dc7efd55..bca4eebf 100644 --- a/app/openssl/crypto/asn1/bio_asn1.c +++ b/app/openssl/crypto/asn1/bio_asn1.c @@ -154,7 +154,10 @@ static int asn1_bio_new(BIO *b) if (!ctx) return 0; if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) + { + OPENSSL_free(ctx); return 0; + } b->init = 1; b->ptr = (char *)ctx; b->flags = 0; diff --git a/app/openssl/crypto/asn1/charmap.pl b/app/openssl/crypto/asn1/charmap.pl index 2875c598..25ebf2c2 100644 --- a/app/openssl/crypto/asn1/charmap.pl +++ b/app/openssl/crypto/asn1/charmap.pl @@ -1,5 +1,8 @@ #!/usr/local/bin/perl -w +# Written by Dr Stephen N Henson (steve@openssl.org). +# Licensed under the terms of the OpenSSL license. + use strict; my ($i, @arr); diff --git a/app/openssl/crypto/asn1/evp_asn1.c b/app/openssl/crypto/asn1/evp_asn1.c index f3d98048..1b944597 100644 --- a/app/openssl/crypto/asn1/evp_asn1.c +++ b/app/openssl/crypto/asn1/evp_asn1.c @@ -66,7 +66,11 @@ int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len) ASN1_STRING *os; if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0); - if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0); + if (!M_ASN1_OCTET_STRING_set(os,data,len)) + { + M_ASN1_OCTET_STRING_free(os); + return 0; + } ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os); return(1); } diff --git a/app/openssl/crypto/asn1/t_x509.c b/app/openssl/crypto/asn1/t_x509.c index edbb39a0..8e961f5e 100644 --- a/app/openssl/crypto/asn1/t_x509.c +++ b/app/openssl/crypto/asn1/t_x509.c @@ -475,6 +475,8 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) l=80-2-obase; b=X509_NAME_oneline(name,NULL,0); + if (!b) + return 0; if (!*b) { OPENSSL_free(b); diff --git a/app/openssl/crypto/asn1/tasn_enc.c b/app/openssl/crypto/asn1/tasn_enc.c index 936ad1f7..1390e5e6 100644 --- a/app/openssl/crypto/asn1/tasn_enc.c +++ b/app/openssl/crypto/asn1/tasn_enc.c @@ -453,9 +453,14 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, { derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst)); + if (!derlst) + return 0; tmpdat = OPENSSL_malloc(skcontlen); - if (!derlst || !tmpdat) + if (!tmpdat) + { + OPENSSL_free(derlst); return 0; + } } } /* If not sorting just output each item */ diff --git a/app/openssl/crypto/asn1/x_crl.c b/app/openssl/crypto/asn1/x_crl.c index c51c690b..3f03efbe 100644 --- a/app/openssl/crypto/asn1/x_crl.c +++ b/app/openssl/crypto/asn1/x_crl.c @@ -270,6 +270,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, { /* We handle IDP and deltas */ if ((nid == NID_issuing_distribution_point) + || (nid == NID_authority_key_identifier) || (nid == NID_delta_crl)) break;; crl->flags |= EXFLAG_CRITICAL; diff --git a/app/openssl/crypto/bio/bio_lib.c b/app/openssl/crypto/bio/bio_lib.c index 9c9646af..4793a453 100644 --- a/app/openssl/crypto/bio/bio_lib.c +++ b/app/openssl/crypto/bio/bio_lib.c @@ -132,8 +132,8 @@ int BIO_free(BIO *a) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data); - if ((a->method == NULL) || (a->method->destroy == NULL)) return(1); - a->method->destroy(a); + if ((a->method != NULL) && (a->method->destroy != NULL)) + a->method->destroy(a); OPENSSL_free(a); return(1); } diff --git a/app/openssl/crypto/bn/asm/x86_64-gcc.c b/app/openssl/crypto/bn/asm/x86_64-gcc.c index 329946e5..6bcf32f6 100644 --- a/app/openssl/crypto/bn/asm/x86_64-gcc.c +++ b/app/openssl/crypto/bn/asm/x86_64-gcc.c @@ -189,7 +189,7 @@ BN_ULONG bn_add_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int if (n <= 0) return 0; - asm ( + asm volatile ( " subq %2,%2 \n" ".p2align 4 \n" "1: movq (%4,%2,8),%0 \n" @@ -200,7 +200,7 @@ BN_ULONG bn_add_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int " sbbq %0,%0 \n" : "=&a"(ret),"+c"(n),"=&r"(i) : "r"(rp),"r"(ap),"r"(bp) - : "cc" + : "cc", "memory" ); return ret&1; @@ -212,7 +212,7 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int if (n <= 0) return 0; - asm ( + asm volatile ( " subq %2,%2 \n" ".p2align 4 \n" "1: movq (%4,%2,8),%0 \n" @@ -223,7 +223,7 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int " sbbq %0,%0 \n" : "=&a"(ret),"+c"(n),"=&r"(i) : "r"(rp),"r"(ap),"r"(bp) - : "cc" + : "cc", "memory" ); return ret&1; diff --git a/app/openssl/crypto/bn/bn_exp.c b/app/openssl/crypto/bn/bn_exp.c index 2abf6fd6..611fa326 100644 --- a/app/openssl/crypto/bn/bn_exp.c +++ b/app/openssl/crypto/bn/bn_exp.c @@ -680,7 +680,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, /* Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as * 512-bit RSA is hardly relevant, we omit it to spare size... */ - if (window==5) + if (window==5 && top>1) { void bn_mul_mont_gather5(BN_ULONG *rp,const BN_ULONG *ap, const void *table,const BN_ULONG *np, @@ -874,7 +874,14 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, bits = BN_num_bits(p); if (bits == 0) { - ret = BN_one(rr); + /* x**0 mod 1 is still zero. */ + if (BN_is_one(m)) + { + ret = 1; + BN_zero(rr); + } + else + ret = BN_one(rr); return ret; } if (a == 0) diff --git a/app/openssl/crypto/bn/bn_lib.c b/app/openssl/crypto/bn/bn_lib.c index 5461e6ee..d5a211e2 100644 --- a/app/openssl/crypto/bn/bn_lib.c +++ b/app/openssl/crypto/bn/bn_lib.c @@ -320,6 +320,15 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); return(NULL); } +#ifdef PURIFY + /* Valgrind complains in BN_consttime_swap because we process the whole + * array even if it's not initialised yet. This doesn't matter in that + * function - what's important is constant time operation (we're not + * actually going to use the data) + */ + memset(a, 0, sizeof(BN_ULONG)*words); +#endif + #if 1 B=b->d; /* Check if the previous number needs to be copied */ diff --git a/app/openssl/crypto/bn/bn_nist.c b/app/openssl/crypto/bn/bn_nist.c index e22968d4..abb15708 100644 --- a/app/openssl/crypto/bn/bn_nist.c +++ b/app/openssl/crypto/bn/bn_nist.c @@ -1088,9 +1088,9 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, /* ... and right shift */ for (val=t_d[0],i=0; i>BN_NIST_521_RSHIFT; - val = t_d[i+1]; - t_d[i] = (tmp | val<>BN_NIST_521_RSHIFT | + (tmp=t_d[i+1])<>BN_NIST_521_RSHIFT; /* lower 521 bits */ diff --git a/app/openssl/crypto/bn/bn_sqr.c b/app/openssl/crypto/bn/bn_sqr.c index 270d0cd3..65bbf165 100644 --- a/app/openssl/crypto/bn/bn_sqr.c +++ b/app/openssl/crypto/bn/bn_sqr.c @@ -77,6 +77,7 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) if (al <= 0) { r->top=0; + r->neg = 0; return 1; } diff --git a/app/openssl/crypto/bn/exptest.c b/app/openssl/crypto/bn/exptest.c index 074a8e88..5fa02a12 100644 --- a/app/openssl/crypto/bn/exptest.c +++ b/app/openssl/crypto/bn/exptest.c @@ -71,6 +71,43 @@ static const char rnd_seed[] = "string to make the random number generator think it has entropy"; +/* test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success. */ +static int test_exp_mod_zero() { + BIGNUM a, p, m; + BIGNUM r; + BN_CTX *ctx = BN_CTX_new(); + int ret = 1; + + BN_init(&m); + BN_one(&m); + + BN_init(&a); + BN_one(&a); + + BN_init(&p); + BN_zero(&p); + + BN_init(&r); + BN_mod_exp(&r, &a, &p, &m, ctx); + BN_CTX_free(ctx); + + if (BN_is_zero(&r)) + ret = 0; + else + { + printf("1**0 mod 1 = "); + BN_print_fp(stdout, &r); + printf(", should be 0\n"); + } + + BN_free(&r); + BN_free(&a); + BN_free(&p); + BN_free(&m); + + return ret; +} + int main(int argc, char *argv[]) { BN_CTX *ctx; @@ -190,7 +227,13 @@ int main(int argc, char *argv[]) ERR_remove_thread_state(NULL); CRYPTO_mem_leaks(out); BIO_free(out); - printf(" done\n"); + printf("\n"); + + if (test_exp_mod_zero() != 0) + goto err; + + printf("done\n"); + EXIT(0); err: ERR_load_crypto_strings(); diff --git a/app/openssl/crypto/cms/cms_pwri.c b/app/openssl/crypto/cms/cms_pwri.c index b79612a1..71f2ddb4 100644 --- a/app/openssl/crypto/cms/cms_pwri.c +++ b/app/openssl/crypto/cms/cms_pwri.c @@ -93,9 +93,10 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, X509_ALGOR *encalg = NULL; unsigned char iv[EVP_MAX_IV_LENGTH]; int ivlen; + env = cms_get0_enveloped(cms); if (!env) - goto err; + return NULL; if (wrap_nid <= 0) wrap_nid = NID_id_alg_PWRI_KEK; diff --git a/app/openssl/crypto/conf/conf_def.c b/app/openssl/crypto/conf/conf_def.c index cf951320..f0b27687 100644 --- a/app/openssl/crypto/conf/conf_def.c +++ b/app/openssl/crypto/conf/conf_def.c @@ -321,7 +321,7 @@ again: p=eat_ws(conf, end); if (*p != ']') { - if (*p != '\0') + if (*p != '\0' && ss != p) { ss=p; goto again; diff --git a/app/openssl/crypto/constant_time_locl.h b/app/openssl/crypto/constant_time_locl.h new file mode 100644 index 00000000..c0483939 --- /dev/null +++ b/app/openssl/crypto/constant_time_locl.h @@ -0,0 +1,216 @@ +/* crypto/constant_time_locl.h */ +/* + * Utilities for constant-time cryptography. + * + * Author: Emilia Kasper (emilia@openssl.org) + * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley + * (Google). + * ==================================================================== + * Copyright (c) 2014 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_CONSTANT_TIME_LOCL_H +#define HEADER_CONSTANT_TIME_LOCL_H + +#include "e_os.h" /* For 'inline' */ + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * The boolean methods return a bitmask of all ones (0xff...f) for true + * and 0 for false. This is useful for choosing a value based on the result + * of a conditional in constant time. For example, + * + * if (a < b) { + * c = a; + * } else { + * c = b; + * } + * + * can be written as + * + * unsigned int lt = constant_time_lt(a, b); + * c = constant_time_select(lt, a, b); + */ + +/* + * Returns the given value with the MSB copied to all the other + * bits. Uses the fact that arithmetic shift shifts-in the sign bit. + * However, this is not ensured by the C standard so you may need to + * replace this with something else on odd CPUs. + */ +static inline unsigned int constant_time_msb(unsigned int a); + +/* + * Returns 0xff..f if a < b and 0 otherwise. + */ +static inline unsigned int constant_time_lt(unsigned int a, unsigned int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b); + +/* + * Returns 0xff..f if a >= b and 0 otherwise. + */ +static inline unsigned int constant_time_ge(unsigned int a, unsigned int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b); + +/* + * Returns 0xff..f if a == 0 and 0 otherwise. + */ +static inline unsigned int constant_time_is_zero(unsigned int a); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_is_zero_8(unsigned int a); + + +/* + * Returns 0xff..f if a == b and 0 otherwise. + */ +static inline unsigned int constant_time_eq(unsigned int a, unsigned int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b); +/* Signed integers. */ +static inline unsigned int constant_time_eq_int(int a, int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_eq_int_8(int a, int b); + + +/* + * Returns (mask & a) | (~mask & b). + * + * When |mask| is all 1s or all 0s (as returned by the methods above), + * the select methods return either |a| (if |mask| is nonzero) or |b| + * (if |mask| is zero). + */ +static inline unsigned int constant_time_select(unsigned int mask, + unsigned int a, unsigned int b); +/* Convenience method for unsigned chars. */ +static inline unsigned char constant_time_select_8(unsigned char mask, + unsigned char a, unsigned char b); +/* Convenience method for signed integers. */ +static inline int constant_time_select_int(unsigned int mask, int a, int b); + +static inline unsigned int constant_time_msb(unsigned int a) + { + return (unsigned int)((int)(a) >> (sizeof(int) * 8 - 1)); + } + +static inline unsigned int constant_time_lt(unsigned int a, unsigned int b) + { + unsigned int lt; + /* Case 1: msb(a) == msb(b). a < b iff the MSB of a - b is set.*/ + lt = ~(a ^ b) & (a - b); + /* Case 2: msb(a) != msb(b). a < b iff the MSB of b is set. */ + lt |= ~a & b; + return constant_time_msb(lt); + } + +static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b) + { + return (unsigned char)(constant_time_lt(a, b)); + } + +static inline unsigned int constant_time_ge(unsigned int a, unsigned int b) + { + unsigned int ge; + /* Case 1: msb(a) == msb(b). a >= b iff the MSB of a - b is not set.*/ + ge = ~((a ^ b) | (a - b)); + /* Case 2: msb(a) != msb(b). a >= b iff the MSB of a is set. */ + ge |= a & ~b; + return constant_time_msb(ge); + } + +static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b) + { + return (unsigned char)(constant_time_ge(a, b)); + } + +static inline unsigned int constant_time_is_zero(unsigned int a) + { + return constant_time_msb(~a & (a - 1)); + } + +static inline unsigned char constant_time_is_zero_8(unsigned int a) + { + return (unsigned char)(constant_time_is_zero(a)); + } + +static inline unsigned int constant_time_eq(unsigned int a, unsigned int b) + { + return constant_time_is_zero(a ^ b); + } + +static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b) + { + return (unsigned char)(constant_time_eq(a, b)); + } + +static inline unsigned int constant_time_eq_int(int a, int b) + { + return constant_time_eq((unsigned)(a), (unsigned)(b)); + } + +static inline unsigned char constant_time_eq_int_8(int a, int b) + { + return constant_time_eq_8((unsigned)(a), (unsigned)(b)); + } + +static inline unsigned int constant_time_select(unsigned int mask, + unsigned int a, unsigned int b) + { + return (mask & a) | (~mask & b); + } + +static inline unsigned char constant_time_select_8(unsigned char mask, + unsigned char a, unsigned char b) + { + return (unsigned char)(constant_time_select(mask, a, b)); + } + +inline int constant_time_select_int(unsigned int mask, int a, int b) + { + return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b))); + } + +#ifdef __cplusplus +} +#endif + +#endif /* HEADER_CONSTANT_TIME_LOCL_H */ diff --git a/app/openssl/crypto/dsa/dsa_ameth.c b/app/openssl/crypto/dsa/dsa_ameth.c index 376156ec..5af76ead 100644 --- a/app/openssl/crypto/dsa/dsa_ameth.c +++ b/app/openssl/crypto/dsa/dsa_ameth.c @@ -307,6 +307,12 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) unsigned char *dp = NULL; int dplen; + if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) + { + DSAerr(DSA_F_DSA_PRIV_ENCODE,DSA_R_MISSING_PARAMETERS); + goto err; + } + params = ASN1_STRING_new(); if (!params) @@ -701,4 +707,3 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = old_dsa_priv_encode } }; - diff --git a/app/openssl/crypto/ebcdic.h b/app/openssl/crypto/ebcdic.h index 6d65afcf..85f3cf7f 100644 --- a/app/openssl/crypto/ebcdic.h +++ b/app/openssl/crypto/ebcdic.h @@ -5,6 +5,10 @@ #include +#ifdef __cplusplus +extern "C" { +#endif + /* Avoid name clashes with other applications */ #define os_toascii _openssl_os_toascii #define os_toebcdic _openssl_os_toebcdic @@ -16,4 +20,7 @@ extern const unsigned char os_toebcdic[256]; void *ebcdic2ascii(void *dest, const void *srce, size_t count); void *ascii2ebcdic(void *dest, const void *srce, size_t count); +#ifdef __cplusplus +} +#endif #endif diff --git a/app/openssl/crypto/ec/ec.h b/app/openssl/crypto/ec/ec.h index d008a0da..b6e745b8 100644 --- a/app/openssl/crypto/ec/ec.h +++ b/app/openssl/crypto/ec/ec.h @@ -629,7 +629,7 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx); int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx); -/** Computes r = generator * n sum_{i=0}^num p[i] * m[i] +/** Computes r = generator * n sum_{i=0}^{num-1} p[i] * m[i] * \param group underlying EC_GROUP object * \param r EC_POINT object for the result * \param n BIGNUM with the multiplier for the group generator (optional) diff --git a/app/openssl/crypto/ec/ec2_smpl.c b/app/openssl/crypto/ec/ec2_smpl.c index e0e59c7d..62223cbb 100644 --- a/app/openssl/crypto/ec/ec2_smpl.c +++ b/app/openssl/crypto/ec/ec2_smpl.c @@ -80,9 +80,6 @@ const EC_METHOD *EC_GF2m_simple_method(void) { -#ifdef OPENSSL_FIPS - return fips_ec_gf2m_simple_method(); -#else static const EC_METHOD ret = { EC_FLAGS_DEFAULT_OCT, NID_X9_62_characteristic_two_field, @@ -125,8 +122,12 @@ const EC_METHOD *EC_GF2m_simple_method(void) 0 /* field_decode */, 0 /* field_set_to_one */ }; - return &ret; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return fips_ec_gf2m_simple_method(); #endif + + return &ret; } diff --git a/app/openssl/crypto/ec/ec_ameth.c b/app/openssl/crypto/ec/ec_ameth.c index f715a238..11283769 100644 --- a/app/openssl/crypto/ec/ec_ameth.c +++ b/app/openssl/crypto/ec/ec_ameth.c @@ -453,14 +453,16 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) if (ktype > 0) { public_key = EC_KEY_get0_public_key(x); - if ((pub_key = EC_POINT_point2bn(group, public_key, - EC_KEY_get_conv_form(x), NULL, ctx)) == NULL) + if (public_key != NULL) { - reason = ERR_R_EC_LIB; - goto err; - } - if (pub_key) + if ((pub_key = EC_POINT_point2bn(group, public_key, + EC_KEY_get_conv_form(x), NULL, ctx)) == NULL) + { + reason = ERR_R_EC_LIB; + goto err; + } buf_len = (size_t)BN_num_bytes(pub_key); + } } if (ktype == 2) diff --git a/app/openssl/crypto/ec/ec_asn1.c b/app/openssl/crypto/ec/ec_asn1.c index e94f34e1..52d31c2f 100644 --- a/app/openssl/crypto/ec/ec_asn1.c +++ b/app/openssl/crypto/ec/ec_asn1.c @@ -1183,29 +1183,46 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) goto err; } + if (ret->pub_key) + EC_POINT_clear_free(ret->pub_key); + ret->pub_key = EC_POINT_new(ret->group); + if (ret->pub_key == NULL) + { + ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); + goto err; + } + if (priv_key->publicKey) { const unsigned char *pub_oct; - size_t pub_oct_len; + int pub_oct_len; - if (ret->pub_key) - EC_POINT_clear_free(ret->pub_key); - ret->pub_key = EC_POINT_new(ret->group); - if (ret->pub_key == NULL) + pub_oct = M_ASN1_STRING_data(priv_key->publicKey); + pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); + /* The first byte - point conversion form - must be present. */ + if (pub_oct_len <= 0) { - ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); + ECerr(EC_F_D2I_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL); goto err; } - pub_oct = M_ASN1_STRING_data(priv_key->publicKey); - pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); - /* save the point conversion form */ + /* Save the point conversion form. */ ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01); if (!EC_POINT_oct2point(ret->group, ret->pub_key, - pub_oct, pub_oct_len, NULL)) + pub_oct, (size_t)(pub_oct_len), NULL)) + { + ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); + goto err; + } + } + else + { + if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL)) { ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); goto err; } + /* Remember the original private-key-only encoding. */ + ret->enc_flag |= EC_PKEY_NO_PUBKEY; } ok = 1; @@ -1230,7 +1247,8 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out) size_t buf_len=0, tmp_len; EC_PRIVATEKEY *priv_key=NULL; - if (a == NULL || a->group == NULL || a->priv_key == NULL) + if (a == NULL || a->group == NULL || a->priv_key == NULL || + (!(a->enc_flag & EC_PKEY_NO_PUBKEY) && a->pub_key == NULL)) { ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER); diff --git a/app/openssl/crypto/ec/ec_lib.c b/app/openssl/crypto/ec/ec_lib.c index de9a0cc2..e2c4741b 100644 --- a/app/openssl/crypto/ec/ec_lib.c +++ b/app/openssl/crypto/ec/ec_lib.c @@ -942,7 +942,7 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX * int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx) { - if (group->meth->dbl == 0) + if (group->meth->invert == 0) { ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; diff --git a/app/openssl/crypto/ec/ecp_mont.c b/app/openssl/crypto/ec/ecp_mont.c index f04f132c..3c5ec196 100644 --- a/app/openssl/crypto/ec/ecp_mont.c +++ b/app/openssl/crypto/ec/ecp_mont.c @@ -72,9 +72,6 @@ const EC_METHOD *EC_GFp_mont_method(void) { -#ifdef OPENSSL_FIPS - return fips_ec_gfp_mont_method(); -#else static const EC_METHOD ret = { EC_FLAGS_DEFAULT_OCT, NID_X9_62_prime_field, @@ -114,8 +111,12 @@ const EC_METHOD *EC_GFp_mont_method(void) ec_GFp_mont_field_decode, ec_GFp_mont_field_set_to_one }; - return &ret; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return fips_ec_gfp_mont_method(); #endif + + return &ret; } diff --git a/app/openssl/crypto/ec/ecp_nist.c b/app/openssl/crypto/ec/ecp_nist.c index aad2d5f4..db3b99e0 100644 --- a/app/openssl/crypto/ec/ecp_nist.c +++ b/app/openssl/crypto/ec/ecp_nist.c @@ -73,9 +73,6 @@ const EC_METHOD *EC_GFp_nist_method(void) { -#ifdef OPENSSL_FIPS - return fips_ec_gfp_nist_method(); -#else static const EC_METHOD ret = { EC_FLAGS_DEFAULT_OCT, NID_X9_62_prime_field, @@ -115,8 +112,12 @@ const EC_METHOD *EC_GFp_nist_method(void) 0 /* field_decode */, 0 /* field_set_to_one */ }; - return &ret; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return fips_ec_gfp_nist_method(); #endif + + return &ret; } int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src) diff --git a/app/openssl/crypto/ec/ecp_smpl.c b/app/openssl/crypto/ec/ecp_smpl.c index 7cbb321f..2d1f3576 100644 --- a/app/openssl/crypto/ec/ecp_smpl.c +++ b/app/openssl/crypto/ec/ecp_smpl.c @@ -73,9 +73,6 @@ const EC_METHOD *EC_GFp_simple_method(void) { -#ifdef OPENSSL_FIPS - return fips_ec_gfp_simple_method(); -#else static const EC_METHOD ret = { EC_FLAGS_DEFAULT_OCT, NID_X9_62_prime_field, @@ -115,8 +112,12 @@ const EC_METHOD *EC_GFp_simple_method(void) 0 /* field_decode */, 0 /* field_set_to_one */ }; - return &ret; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return fips_ec_gfp_simple_method(); #endif + + return &ret; } @@ -1181,9 +1182,8 @@ int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ct int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx) { BN_CTX *new_ctx = NULL; - BIGNUM *tmp0, *tmp1; - size_t pow2 = 0; - BIGNUM **heap = NULL; + BIGNUM *tmp, *tmp_Z; + BIGNUM **prod_Z = NULL; size_t i; int ret = 0; @@ -1198,124 +1198,104 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT } BN_CTX_start(ctx); - tmp0 = BN_CTX_get(ctx); - tmp1 = BN_CTX_get(ctx); - if (tmp0 == NULL || tmp1 == NULL) goto err; + tmp = BN_CTX_get(ctx); + tmp_Z = BN_CTX_get(ctx); + if (tmp == NULL || tmp_Z == NULL) goto err; - /* Before converting the individual points, compute inverses of all Z values. - * Modular inversion is rather slow, but luckily we can do with a single - * explicit inversion, plus about 3 multiplications per input value. - */ + prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]); + if (prod_Z == NULL) goto err; + for (i = 0; i < num; i++) + { + prod_Z[i] = BN_new(); + if (prod_Z[i] == NULL) goto err; + } - pow2 = 1; - while (num > pow2) - pow2 <<= 1; - /* Now pow2 is the smallest power of 2 satifsying pow2 >= num. - * We need twice that. */ - pow2 <<= 1; + /* Set each prod_Z[i] to the product of points[0]->Z .. points[i]->Z, + * skipping any zero-valued inputs (pretend that they're 1). */ - heap = OPENSSL_malloc(pow2 * sizeof heap[0]); - if (heap == NULL) goto err; - - /* The array is used as a binary tree, exactly as in heapsort: - * - * heap[1] - * heap[2] heap[3] - * heap[4] heap[5] heap[6] heap[7] - * heap[8]heap[9] heap[10]heap[11] heap[12]heap[13] heap[14] heap[15] - * - * We put the Z's in the last line; - * then we set each other node to the product of its two child-nodes (where - * empty or 0 entries are treated as ones); - * then we invert heap[1]; - * then we invert each other node by replacing it by the product of its - * parent (after inversion) and its sibling (before inversion). - */ - heap[0] = NULL; - for (i = pow2/2 - 1; i > 0; i--) - heap[i] = NULL; - for (i = 0; i < num; i++) - heap[pow2/2 + i] = &points[i]->Z; - for (i = pow2/2 + num; i < pow2; i++) - heap[i] = NULL; - - /* set each node to the product of its children */ - for (i = pow2/2 - 1; i > 0; i--) + if (!BN_is_zero(&points[0]->Z)) { - heap[i] = BN_new(); - if (heap[i] == NULL) goto err; - - if (heap[2*i] != NULL) + if (!BN_copy(prod_Z[0], &points[0]->Z)) goto err; + } + else + { + if (group->meth->field_set_to_one != 0) { - if ((heap[2*i + 1] == NULL) || BN_is_zero(heap[2*i + 1])) - { - if (!BN_copy(heap[i], heap[2*i])) goto err; - } - else - { - if (BN_is_zero(heap[2*i])) - { - if (!BN_copy(heap[i], heap[2*i + 1])) goto err; - } - else - { - if (!group->meth->field_mul(group, heap[i], - heap[2*i], heap[2*i + 1], ctx)) goto err; - } - } + if (!group->meth->field_set_to_one(group, prod_Z[0], ctx)) goto err; + } + else + { + if (!BN_one(prod_Z[0])) goto err; } } - /* invert heap[1] */ - if (!BN_is_zero(heap[1])) + for (i = 1; i < num; i++) { - if (!BN_mod_inverse(heap[1], heap[1], &group->field, ctx)) + if (!BN_is_zero(&points[i]->Z)) { - ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB); - goto err; + if (!group->meth->field_mul(group, prod_Z[i], prod_Z[i - 1], &points[i]->Z, ctx)) goto err; + } + else + { + if (!BN_copy(prod_Z[i], prod_Z[i - 1])) goto err; } } + + /* Now use a single explicit inversion to replace every + * non-zero points[i]->Z by its inverse. */ + + if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx)) + { + ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB); + goto err; + } if (group->meth->field_encode != 0) { - /* in the Montgomery case, we just turned R*H (representing H) + /* In the Montgomery case, we just turned R*H (representing H) * into 1/(R*H), but we need R*(1/H) (representing 1/H); - * i.e. we have need to multiply by the Montgomery factor twice */ - if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err; - if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err; + * i.e. we need to multiply by the Montgomery factor twice. */ + if (!group->meth->field_encode(group, tmp, tmp, ctx)) goto err; + if (!group->meth->field_encode(group, tmp, tmp, ctx)) goto err; } - /* set other heap[i]'s to their inverses */ - for (i = 2; i < pow2/2 + num; i += 2) + for (i = num - 1; i > 0; --i) { - /* i is even */ - if ((heap[i + 1] != NULL) && !BN_is_zero(heap[i + 1])) - { - if (!group->meth->field_mul(group, tmp0, heap[i/2], heap[i + 1], ctx)) goto err; - if (!group->meth->field_mul(group, tmp1, heap[i/2], heap[i], ctx)) goto err; - if (!BN_copy(heap[i], tmp0)) goto err; - if (!BN_copy(heap[i + 1], tmp1)) goto err; - } - else + /* Loop invariant: tmp is the product of the inverses of + * points[0]->Z .. points[i]->Z (zero-valued inputs skipped). */ + if (!BN_is_zero(&points[i]->Z)) { - if (!BN_copy(heap[i], heap[i/2])) goto err; + /* Set tmp_Z to the inverse of points[i]->Z (as product + * of Z inverses 0 .. i, Z values 0 .. i - 1). */ + if (!group->meth->field_mul(group, tmp_Z, prod_Z[i - 1], tmp, ctx)) goto err; + /* Update tmp to satisfy the loop invariant for i - 1. */ + if (!group->meth->field_mul(group, tmp, tmp, &points[i]->Z, ctx)) goto err; + /* Replace points[i]->Z by its inverse. */ + if (!BN_copy(&points[i]->Z, tmp_Z)) goto err; } } - /* we have replaced all non-zero Z's by their inverses, now fix up all the points */ + if (!BN_is_zero(&points[0]->Z)) + { + /* Replace points[0]->Z by its inverse. */ + if (!BN_copy(&points[0]->Z, tmp)) goto err; + } + + /* Finally, fix up the X and Y coordinates for all points. */ + for (i = 0; i < num; i++) { EC_POINT *p = points[i]; - + if (!BN_is_zero(&p->Z)) { /* turn (X, Y, 1/Z) into (X/Z^2, Y/Z^3, 1) */ - if (!group->meth->field_sqr(group, tmp1, &p->Z, ctx)) goto err; - if (!group->meth->field_mul(group, &p->X, &p->X, tmp1, ctx)) goto err; + if (!group->meth->field_sqr(group, tmp, &p->Z, ctx)) goto err; + if (!group->meth->field_mul(group, &p->X, &p->X, tmp, ctx)) goto err; + + if (!group->meth->field_mul(group, tmp, tmp, &p->Z, ctx)) goto err; + if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp, ctx)) goto err; - if (!group->meth->field_mul(group, tmp1, tmp1, &p->Z, ctx)) goto err; - if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp1, ctx)) goto err; - if (group->meth->field_set_to_one != 0) { if (!group->meth->field_set_to_one(group, &p->Z, ctx)) goto err; @@ -1329,20 +1309,19 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT } ret = 1; - + err: BN_CTX_end(ctx); if (new_ctx != NULL) BN_CTX_free(new_ctx); - if (heap != NULL) + if (prod_Z != NULL) { - /* heap[pow2/2] .. heap[pow2-1] have not been allocated locally! */ - for (i = pow2/2 - 1; i > 0; i--) + for (i = 0; i < num; i++) { - if (heap[i] != NULL) - BN_clear_free(heap[i]); + if (prod_Z[i] == NULL) break; + BN_clear_free(prod_Z[i]); } - OPENSSL_free(heap); + OPENSSL_free(prod_Z); } return ret; } diff --git a/app/openssl/crypto/ec/ectest.c b/app/openssl/crypto/ec/ectest.c index 102eaa9b..d1bf9805 100644 --- a/app/openssl/crypto/ec/ectest.c +++ b/app/openssl/crypto/ec/ectest.c @@ -199,6 +199,7 @@ static void group_order_tests(EC_GROUP *group) EC_POINT *P = EC_POINT_new(group); EC_POINT *Q = EC_POINT_new(group); BN_CTX *ctx = BN_CTX_new(); + int i; n1 = BN_new(); n2 = BN_new(); order = BN_new(); fprintf(stdout, "verify group order ..."); @@ -212,21 +213,56 @@ static void group_order_tests(EC_GROUP *group) if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) ABORT; if (!EC_POINT_is_at_infinity(group, Q)) ABORT; fprintf(stdout, " ok\n"); - fprintf(stdout, "long/negative scalar tests ... "); - if (!BN_one(n1)) ABORT; - /* n1 = 1 - order */ - if (!BN_sub(n1, n1, order)) ABORT; - if(!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; - /* n2 = 1 + order */ - if (!BN_add(n2, order, BN_value_one())) ABORT; - if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; - /* n2 = (1 - order) * (1 + order) */ - if (!BN_mul(n2, n1, n2, ctx)) ABORT; - if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; + fprintf(stdout, "long/negative scalar tests "); + for (i = 1; i <= 2; i++) + { + const BIGNUM *scalars[6]; + const EC_POINT *points[6]; + + fprintf(stdout, i == 1 ? + "allowing precomputation ... " : + "without precomputation ... "); + if (!BN_set_word(n1, i)) ABORT; + /* If i == 1, P will be the predefined generator for which + * EC_GROUP_precompute_mult has set up precomputation. */ + if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx)) ABORT; + + if (!BN_one(n1)) ABORT; + /* n1 = 1 - order */ + if (!BN_sub(n1, n1, order)) ABORT; + if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; + + /* n2 = 1 + order */ + if (!BN_add(n2, order, BN_value_one())) ABORT; + if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; + + /* n2 = (1 - order) * (1 + order) = 1 - order^2 */ + if (!BN_mul(n2, n1, n2, ctx)) ABORT; + if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; + if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT; + + /* n2 = order^2 - 1 */ + BN_set_negative(n2, 0); + if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT; + /* Add P to verify the result. */ + if (!EC_POINT_add(group, Q, Q, P, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, Q)) ABORT; + + /* Exercise EC_POINTs_mul, including corner cases. */ + if (EC_POINT_is_at_infinity(group, P)) ABORT; + scalars[0] = n1; points[0] = Q; /* => infinity */ + scalars[1] = n2; points[1] = P; /* => -P */ + scalars[2] = n1; points[2] = Q; /* => infinity */ + scalars[3] = n2; points[3] = Q; /* => infinity */ + scalars[4] = n1; points[4] = P; /* => P */ + scalars[5] = n2; points[5] = Q; /* => infinity */ + if (!EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx)) ABORT; + if (!EC_POINT_is_at_infinity(group, P)) ABORT; + } fprintf(stdout, "ok\n"); + EC_POINT_free(P); EC_POINT_free(Q); BN_free(n1); diff --git a/app/openssl/crypto/err/openssl.ec b/app/openssl/crypto/err/openssl.ec index e0554b43..bafbc35d 100644 --- a/app/openssl/crypto/err/openssl.ec +++ b/app/openssl/crypto/err/openssl.ec @@ -71,6 +71,7 @@ R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 +R SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086 R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 R SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 diff --git a/app/openssl/crypto/evp/e_aes.c b/app/openssl/crypto/evp/e_aes.c index ad0f7a4a..85d5aaa4 100644 --- a/app/openssl/crypto/evp/e_aes.c +++ b/app/openssl/crypto/evp/e_aes.c @@ -166,7 +166,7 @@ extern unsigned int OPENSSL_ia32cap_P[]; #define VPAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32))) #endif #ifdef BSAES_ASM -#define BSAES_CAPABLE VPAES_CAPABLE +#define BSAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32))) #endif /* * AES-NI section @@ -873,6 +873,28 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) /* Extra padding: tag appended to record */ return EVP_GCM_TLS_TAG_LEN; + case EVP_CTRL_COPY: + { + EVP_CIPHER_CTX *out = ptr; + EVP_AES_GCM_CTX *gctx_out = out->cipher_data; + if (gctx->gcm.key) + { + if (gctx->gcm.key != &gctx->ks) + return 0; + gctx_out->gcm.key = &gctx_out->ks; + } + if (gctx->iv == c->iv) + gctx_out->iv = out->iv; + else + { + gctx_out->iv = OPENSSL_malloc(gctx->ivlen); + if (!gctx_out->iv) + return 0; + memcpy(gctx_out->iv, gctx->iv, gctx->ivlen); + } + return 1; + } + default: return -1; @@ -1112,7 +1134,8 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, #define CUSTOM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT) + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ + | EVP_CIPH_CUSTOM_COPY) BLOCK_CIPHER_custom(NID_aes,128,1,12,gcm,GCM, EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS) @@ -1124,7 +1147,25 @@ BLOCK_CIPHER_custom(NID_aes,256,1,12,gcm,GCM, static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { EVP_AES_XTS_CTX *xctx = c->cipher_data; - if (type != EVP_CTRL_INIT) + if (type == EVP_CTRL_COPY) + { + EVP_CIPHER_CTX *out = ptr; + EVP_AES_XTS_CTX *xctx_out = out->cipher_data; + if (xctx->xts.key1) + { + if (xctx->xts.key1 != &xctx->ks1) + return 0; + xctx_out->xts.key1 = &xctx_out->ks1; + } + if (xctx->xts.key2) + { + if (xctx->xts.key2 != &xctx->ks2) + return 0; + xctx_out->xts.key2 = &xctx_out->ks2; + } + return 1; + } + else if (type != EVP_CTRL_INIT) return -1; /* key1 and key2 are used as an indicator both key and IV are set */ xctx->xts.key1 = NULL; @@ -1256,7 +1297,8 @@ static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, #define aes_xts_cleanup NULL #define XTS_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \ - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT) + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ + | EVP_CIPH_CUSTOM_COPY) BLOCK_CIPHER_custom(NID_aes,128,1,16,xts,XTS,EVP_CIPH_FLAG_FIPS|XTS_FLAGS) BLOCK_CIPHER_custom(NID_aes,256,1,16,xts,XTS,EVP_CIPH_FLAG_FIPS|XTS_FLAGS) @@ -1306,6 +1348,19 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) cctx->len_set = 0; return 1; + case EVP_CTRL_COPY: + { + EVP_CIPHER_CTX *out = ptr; + EVP_AES_CCM_CTX *cctx_out = out->cipher_data; + if (cctx->ccm.key) + { + if (cctx->ccm.key != &cctx->ks) + return 0; + cctx_out->ccm.key = &cctx_out->ks; + } + return 1; + } + default: return -1; diff --git a/app/openssl/crypto/evp/evp_enc.c b/app/openssl/crypto/evp/evp_enc.c index 0c54f05e..7b1842a5 100644 --- a/app/openssl/crypto/evp/evp_enc.c +++ b/app/openssl/crypto/evp/evp_enc.c @@ -67,6 +67,7 @@ #ifdef OPENSSL_FIPS #include #endif +#include "constant_time_locl.h" #include "evp_locl.h" #ifdef OPENSSL_FIPS @@ -500,21 +501,21 @@ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) { - int i,n; - unsigned int b; + unsigned int i, b; + unsigned char pad, padding_good; *outl=0; if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { - i = M_do_cipher(ctx, out, NULL, 0); - if (i < 0) + int ret = M_do_cipher(ctx, out, NULL, 0); + if (ret < 0) return 0; else - *outl = i; + *outl = ret; return 1; } - b=ctx->cipher->block_size; + b=(unsigned int)(ctx->cipher->block_size); if (ctx->flags & EVP_CIPH_NO_PADDING) { if(ctx->buf_len) @@ -533,28 +534,34 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) return(0); } OPENSSL_assert(b <= sizeof ctx->final); - n=ctx->final[b-1]; - if (n == 0 || n > (int)b) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); - return(0); - } - for (i=0; ifinal[b-1]; + + padding_good = (unsigned char)(~constant_time_is_zero_8(pad)); + padding_good &= constant_time_ge_8(b, pad); + + for (i = 1; i < b; ++i) { - if (ctx->final[--b] != n) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); - return(0); - } + unsigned char is_pad_index = constant_time_lt_8(i, pad); + unsigned char pad_byte_good = constant_time_eq_8(ctx->final[b-i-1], pad); + padding_good &= constant_time_select_8(is_pad_index, pad_byte_good, 0xff); } - n=ctx->cipher->block_size-n; - for (i=0; ifinal[i]; - *outl=n; + + /* + * At least 1 byte is always padding, so we always write b - 1 + * bytes to avoid a timing leak. The caller is required to have |b| + * bytes space in |out| by the API contract. + */ + for (i = 0; i < b - 1; ++i) + out[i] = ctx->final[i] & padding_good; + /* Safe cast: for a good padding, EVP_MAX_IV_LENGTH >= b >= pad */ + *outl = padding_good & ((unsigned char)(b - pad)); + return padding_good & 1; } else - *outl=0; - return(1); + { + *outl = 0; + return 1; + } } void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) @@ -678,4 +685,3 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out); return 1; } - diff --git a/app/openssl/crypto/evp/evp_pbe.c b/app/openssl/crypto/evp/evp_pbe.c index f8c32d82..59696959 100644 --- a/app/openssl/crypto/evp/evp_pbe.c +++ b/app/openssl/crypto/evp/evp_pbe.c @@ -259,7 +259,7 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, { int cipher_nid, md_nid; if (cipher) - cipher_nid = EVP_CIPHER_type(cipher); + cipher_nid = EVP_CIPHER_nid(cipher); else cipher_nid = -1; if (md) diff --git a/app/openssl/crypto/md5/asm/md5-x86_64.pl b/app/openssl/crypto/md5/asm/md5-x86_64.pl index f11224d1..381bf77e 100755 --- a/app/openssl/crypto/md5/asm/md5-x86_64.pl +++ b/app/openssl/crypto/md5/asm/md5-x86_64.pl @@ -108,6 +108,7 @@ sub round4_step EOF } +no warnings qw(uninitialized); my $flavour = shift; my $output = shift; if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } @@ -119,7 +120,6 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate; ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or die "can't locate x86_64-xlate.pl"; -no warnings qw(uninitialized); open OUT,"| \"$^X\" $xlate $flavour $output"; *STDOUT=*OUT; diff --git a/app/openssl/crypto/objects/obj_dat.c b/app/openssl/crypto/objects/obj_dat.c index 8a342ba3..0b2f4424 100644 --- a/app/openssl/crypto/objects/obj_dat.c +++ b/app/openssl/crypto/objects/obj_dat.c @@ -471,11 +471,12 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) const unsigned char *p; char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; - if ((a == NULL) || (a->data == NULL)) { - buf[0]='\0'; - return(0); - } + /* Ensure that, at every state, |buf| is NUL-terminated. */ + if (buf && buf_len > 0) + buf[0] = '\0'; + if ((a == NULL) || (a->data == NULL)) + return(0); if (!no_name && (nid=OBJ_obj2nid(a)) != NID_undef) { @@ -554,9 +555,10 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) i=(int)(l/40); l-=(long)(i*40); } - if (buf && (buf_len > 0)) + if (buf && (buf_len > 1)) { *buf++ = i + '0'; + *buf = '\0'; buf_len--; } n++; @@ -571,9 +573,10 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) i = strlen(bndec); if (buf) { - if (buf_len > 0) + if (buf_len > 1) { *buf++ = '.'; + *buf = '\0'; buf_len--; } BUF_strlcpy(buf,bndec,buf_len); @@ -807,4 +810,3 @@ err: OPENSSL_free(buf); return(ok); } - diff --git a/app/openssl/crypto/objects/obj_dat.h b/app/openssl/crypto/objects/obj_dat.h index d404ad07..bc69665b 100644 --- a/app/openssl/crypto/objects/obj_dat.h +++ b/app/openssl/crypto/objects/obj_dat.h @@ -67,1908 +67,1901 @@ #define NUM_LN 913 #define NUM_OBJ 857 -static const unsigned char lvalues[5980]={ -0x00, /* [ 0] OBJ_undef */ -0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 14] OBJ_md2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 22] OBJ_md5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 30] OBJ_rc4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 38] OBJ_rsaEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 47] OBJ_md2WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 56] OBJ_md5WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 65] OBJ_pbeWithMD2AndDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 74] OBJ_pbeWithMD5AndDES_CBC */ -0x55, /* [ 83] OBJ_X500 */ -0x55,0x04, /* [ 84] OBJ_X509 */ -0x55,0x04,0x03, /* [ 86] OBJ_commonName */ -0x55,0x04,0x06, /* [ 89] OBJ_countryName */ -0x55,0x04,0x07, /* [ 92] OBJ_localityName */ -0x55,0x04,0x08, /* [ 95] OBJ_stateOrProvinceName */ -0x55,0x04,0x0A, /* [ 98] OBJ_organizationName */ -0x55,0x04,0x0B, /* [101] OBJ_organizationalUnitName */ -0x55,0x08,0x01,0x01, /* [104] OBJ_rsa */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [108] OBJ_pkcs7 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [116] OBJ_pkcs7_data */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [125] OBJ_pkcs7_signed */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [134] OBJ_pkcs7_enveloped */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [143] OBJ_pkcs7_signedAndEnveloped */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [152] OBJ_pkcs7_digest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [161] OBJ_pkcs7_encrypted */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [170] OBJ_pkcs3 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [178] OBJ_dhKeyAgreement */ -0x2B,0x0E,0x03,0x02,0x06, /* [187] OBJ_des_ecb */ -0x2B,0x0E,0x03,0x02,0x09, /* [192] OBJ_des_cfb64 */ -0x2B,0x0E,0x03,0x02,0x07, /* [197] OBJ_des_cbc */ -0x2B,0x0E,0x03,0x02,0x11, /* [202] OBJ_des_ede_ecb */ -0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [207] OBJ_idea_cbc */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [218] OBJ_rc2_cbc */ -0x2B,0x0E,0x03,0x02,0x12, /* [226] OBJ_sha */ -0x2B,0x0E,0x03,0x02,0x0F, /* [231] OBJ_shaWithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [236] OBJ_des_ede3_cbc */ -0x2B,0x0E,0x03,0x02,0x08, /* [244] OBJ_des_ofb64 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [249] OBJ_pkcs9 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [257] OBJ_pkcs9_emailAddress */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [266] OBJ_pkcs9_unstructuredName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [275] OBJ_pkcs9_contentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [284] OBJ_pkcs9_messageDigest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [293] OBJ_pkcs9_signingTime */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [302] OBJ_pkcs9_countersignature */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [311] OBJ_pkcs9_challengePassword */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [320] OBJ_pkcs9_unstructuredAddress */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [329] OBJ_pkcs9_extCertAttributes */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [338] OBJ_netscape */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [345] OBJ_netscape_cert_extension */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [353] OBJ_netscape_data_type */ -0x2B,0x0E,0x03,0x02,0x1A, /* [361] OBJ_sha1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [366] OBJ_sha1WithRSAEncryption */ -0x2B,0x0E,0x03,0x02,0x0D, /* [375] OBJ_dsaWithSHA */ -0x2B,0x0E,0x03,0x02,0x0C, /* [380] OBJ_dsa_2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [385] OBJ_pbeWithSHA1AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [394] OBJ_id_pbkdf2 */ -0x2B,0x0E,0x03,0x02,0x1B, /* [403] OBJ_dsaWithSHA1_2 */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [408] OBJ_netscape_cert_type */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [417] OBJ_netscape_base_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [426] OBJ_netscape_revocation_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [435] OBJ_netscape_ca_revocation_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [444] OBJ_netscape_renewal_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [453] OBJ_netscape_ca_policy_url */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [462] OBJ_netscape_ssl_server_name */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [471] OBJ_netscape_comment */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [480] OBJ_netscape_cert_sequence */ -0x55,0x1D, /* [489] OBJ_id_ce */ -0x55,0x1D,0x0E, /* [491] OBJ_subject_key_identifier */ -0x55,0x1D,0x0F, /* [494] OBJ_key_usage */ -0x55,0x1D,0x10, /* [497] OBJ_private_key_usage_period */ -0x55,0x1D,0x11, /* [500] OBJ_subject_alt_name */ -0x55,0x1D,0x12, /* [503] OBJ_issuer_alt_name */ -0x55,0x1D,0x13, /* [506] OBJ_basic_constraints */ -0x55,0x1D,0x14, /* [509] OBJ_crl_number */ -0x55,0x1D,0x20, /* [512] OBJ_certificate_policies */ -0x55,0x1D,0x23, /* [515] OBJ_authority_key_identifier */ -0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [518] OBJ_bf_cbc */ -0x55,0x08,0x03,0x65, /* [527] OBJ_mdc2 */ -0x55,0x08,0x03,0x64, /* [531] OBJ_mdc2WithRSA */ -0x55,0x04,0x2A, /* [535] OBJ_givenName */ -0x55,0x04,0x04, /* [538] OBJ_surname */ -0x55,0x04,0x2B, /* [541] OBJ_initials */ -0x55,0x1D,0x1F, /* [544] OBJ_crl_distribution_points */ -0x2B,0x0E,0x03,0x02,0x03, /* [547] OBJ_md5WithRSA */ -0x55,0x04,0x05, /* [552] OBJ_serialNumber */ -0x55,0x04,0x0C, /* [555] OBJ_title */ -0x55,0x04,0x0D, /* [558] OBJ_description */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [561] OBJ_cast5_cbc */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [570] OBJ_pbeWithMD5AndCast5_CBC */ -0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [579] OBJ_dsaWithSHA1 */ -0x2B,0x0E,0x03,0x02,0x1D, /* [586] OBJ_sha1WithRSA */ -0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [591] OBJ_dsa */ -0x2B,0x24,0x03,0x02,0x01, /* [598] OBJ_ripemd160 */ -0x2B,0x24,0x03,0x03,0x01,0x02, /* [603] OBJ_ripemd160WithRSA */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [609] OBJ_rc5_cbc */ -0x29,0x01,0x01,0x85,0x1A,0x01, /* [617] OBJ_rle_compression */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [623] OBJ_zlib_compression */ -0x55,0x1D,0x25, /* [634] OBJ_ext_key_usage */ -0x2B,0x06,0x01,0x05,0x05,0x07, /* [637] OBJ_id_pkix */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [643] OBJ_id_kp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [650] OBJ_server_auth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [658] OBJ_client_auth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [666] OBJ_code_sign */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [674] OBJ_email_protect */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [682] OBJ_time_stamp */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [690] OBJ_ms_code_ind */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [700] OBJ_ms_code_com */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [710] OBJ_ms_ctl_sign */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [720] OBJ_ms_sgc */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [730] OBJ_ms_efs */ -0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [740] OBJ_ns_sgc */ -0x55,0x1D,0x1B, /* [749] OBJ_delta_crl */ -0x55,0x1D,0x15, /* [752] OBJ_crl_reason */ -0x55,0x1D,0x18, /* [755] OBJ_invalidity_date */ -0x2B,0x65,0x01,0x04,0x01, /* [758] OBJ_sxnet */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [763] OBJ_pbe_WithSHA1And128BitRC4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [773] OBJ_pbe_WithSHA1And40BitRC4 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [783] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [793] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [803] OBJ_pbe_WithSHA1And128BitRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [813] OBJ_pbe_WithSHA1And40BitRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [823] OBJ_keyBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [834] OBJ_pkcs8ShroudedKeyBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [845] OBJ_certBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [856] OBJ_crlBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [867] OBJ_secretBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [878] OBJ_safeContentsBag */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [889] OBJ_friendlyName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [898] OBJ_localKeyID */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [907] OBJ_x509Certificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [917] OBJ_sdsiCertificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [927] OBJ_x509Crl */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [937] OBJ_pbes2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [946] OBJ_pbmac1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [955] OBJ_hmacWithSHA1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [963] OBJ_id_qt_cps */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [971] OBJ_id_qt_unotice */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [979] OBJ_SMIMECapabilities */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [988] OBJ_pbeWithMD2AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [997] OBJ_pbeWithMD5AndRC2_CBC */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1006] OBJ_pbeWithSHA1AndDES_CBC */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1015] OBJ_ms_ext_req */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1025] OBJ_ext_req */ -0x55,0x04,0x29, /* [1034] OBJ_name */ -0x55,0x04,0x2E, /* [1037] OBJ_dnQualifier */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1040] OBJ_id_pe */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1047] OBJ_id_ad */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1054] OBJ_info_access */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1062] OBJ_ad_OCSP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1070] OBJ_ad_ca_issuers */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1078] OBJ_OCSP_sign */ -0x28, /* [1086] OBJ_iso */ -0x2A, /* [1087] OBJ_member_body */ -0x2A,0x86,0x48, /* [1088] OBJ_ISO_US */ -0x2A,0x86,0x48,0xCE,0x38, /* [1091] OBJ_X9_57 */ -0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1096] OBJ_X9cm */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1102] OBJ_pkcs1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1110] OBJ_pkcs5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1118] OBJ_SMIME */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1127] OBJ_id_smime_mod */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1137] OBJ_id_smime_ct */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1147] OBJ_id_smime_aa */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1157] OBJ_id_smime_alg */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1167] OBJ_id_smime_cd */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1177] OBJ_id_smime_spq */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1187] OBJ_id_smime_cti */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1197] OBJ_id_smime_mod_cms */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1208] OBJ_id_smime_mod_ess */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1219] OBJ_id_smime_mod_oid */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1230] OBJ_id_smime_mod_msg_v3 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1241] OBJ_id_smime_mod_ets_eSignature_88 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1252] OBJ_id_smime_mod_ets_eSignature_97 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1263] OBJ_id_smime_mod_ets_eSigPolicy_88 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1274] OBJ_id_smime_mod_ets_eSigPolicy_97 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1285] OBJ_id_smime_ct_receipt */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1296] OBJ_id_smime_ct_authData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1307] OBJ_id_smime_ct_publishCert */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1318] OBJ_id_smime_ct_TSTInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1329] OBJ_id_smime_ct_TDTInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1340] OBJ_id_smime_ct_contentInfo */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1351] OBJ_id_smime_ct_DVCSRequestData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1362] OBJ_id_smime_ct_DVCSResponseData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1373] OBJ_id_smime_aa_receiptRequest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1384] OBJ_id_smime_aa_securityLabel */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1395] OBJ_id_smime_aa_mlExpandHistory */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1406] OBJ_id_smime_aa_contentHint */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1417] OBJ_id_smime_aa_msgSigDigest */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1428] OBJ_id_smime_aa_encapContentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1439] OBJ_id_smime_aa_contentIdentifier */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1450] OBJ_id_smime_aa_macValue */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1461] OBJ_id_smime_aa_equivalentLabels */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1472] OBJ_id_smime_aa_contentReference */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1483] OBJ_id_smime_aa_encrypKeyPref */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1494] OBJ_id_smime_aa_signingCertificate */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1505] OBJ_id_smime_aa_smimeEncryptCerts */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1516] OBJ_id_smime_aa_timeStampToken */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1527] OBJ_id_smime_aa_ets_sigPolicyId */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1538] OBJ_id_smime_aa_ets_commitmentType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1549] OBJ_id_smime_aa_ets_signerLocation */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1560] OBJ_id_smime_aa_ets_signerAttr */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1571] OBJ_id_smime_aa_ets_otherSigCert */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1582] OBJ_id_smime_aa_ets_contentTimestamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1593] OBJ_id_smime_aa_ets_CertificateRefs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1604] OBJ_id_smime_aa_ets_RevocationRefs */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1615] OBJ_id_smime_aa_ets_certValues */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1626] OBJ_id_smime_aa_ets_revocationValues */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1637] OBJ_id_smime_aa_ets_escTimeStamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1648] OBJ_id_smime_aa_ets_certCRLTimestamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1659] OBJ_id_smime_aa_ets_archiveTimeStamp */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1670] OBJ_id_smime_aa_signatureType */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1681] OBJ_id_smime_aa_dvcs_dvc */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1692] OBJ_id_smime_alg_ESDHwith3DES */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1703] OBJ_id_smime_alg_ESDHwithRC2 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1714] OBJ_id_smime_alg_3DESwrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1725] OBJ_id_smime_alg_RC2wrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1736] OBJ_id_smime_alg_ESDH */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1747] OBJ_id_smime_alg_CMS3DESwrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1758] OBJ_id_smime_alg_CMSRC2wrap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1769] OBJ_id_smime_cd_ldap */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1780] OBJ_id_smime_spq_ets_sqt_uri */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1791] OBJ_id_smime_spq_ets_sqt_unotice */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1802] OBJ_id_smime_cti_ets_proofOfOrigin */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1813] OBJ_id_smime_cti_ets_proofOfReceipt */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1824] OBJ_id_smime_cti_ets_proofOfDelivery */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1835] OBJ_id_smime_cti_ets_proofOfSender */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1846] OBJ_id_smime_cti_ets_proofOfApproval */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1857] OBJ_id_smime_cti_ets_proofOfCreation */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1868] OBJ_md4 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1876] OBJ_id_pkix_mod */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1883] OBJ_id_qt */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1890] OBJ_id_it */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1897] OBJ_id_pkip */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1904] OBJ_id_alg */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1911] OBJ_id_cmc */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1918] OBJ_id_on */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1925] OBJ_id_pda */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1932] OBJ_id_aca */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1939] OBJ_id_qcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1946] OBJ_id_cct */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1953] OBJ_id_pkix1_explicit_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1961] OBJ_id_pkix1_implicit_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1969] OBJ_id_pkix1_explicit_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1977] OBJ_id_pkix1_implicit_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1985] OBJ_id_mod_crmf */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1993] OBJ_id_mod_cmc */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [2001] OBJ_id_mod_kea_profile_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2009] OBJ_id_mod_kea_profile_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2017] OBJ_id_mod_cmp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2025] OBJ_id_mod_qualified_cert_88 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2033] OBJ_id_mod_qualified_cert_93 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2041] OBJ_id_mod_attribute_cert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2049] OBJ_id_mod_timestamp_protocol */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2057] OBJ_id_mod_ocsp */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2065] OBJ_id_mod_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2073] OBJ_id_mod_cmp2000 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2081] OBJ_biometricInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2089] OBJ_qcStatements */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2097] OBJ_ac_auditEntity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2105] OBJ_ac_targeting */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2113] OBJ_aaControls */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2121] OBJ_sbgp_ipAddrBlock */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2129] OBJ_sbgp_autonomousSysNum */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2137] OBJ_sbgp_routerIdentifier */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2145] OBJ_textNotice */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2153] OBJ_ipsecEndSystem */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2161] OBJ_ipsecTunnel */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2169] OBJ_ipsecUser */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2177] OBJ_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2185] OBJ_id_it_caProtEncCert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2193] OBJ_id_it_signKeyPairTypes */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2201] OBJ_id_it_encKeyPairTypes */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2209] OBJ_id_it_preferredSymmAlg */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2217] OBJ_id_it_caKeyUpdateInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2225] OBJ_id_it_currentCRL */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2233] OBJ_id_it_unsupportedOIDs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2241] OBJ_id_it_subscriptionRequest */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2249] OBJ_id_it_subscriptionResponse */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2257] OBJ_id_it_keyPairParamReq */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2265] OBJ_id_it_keyPairParamRep */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2273] OBJ_id_it_revPassphrase */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2281] OBJ_id_it_implicitConfirm */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2289] OBJ_id_it_confirmWaitTime */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2297] OBJ_id_it_origPKIMessage */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2305] OBJ_id_regCtrl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2313] OBJ_id_regInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2321] OBJ_id_regCtrl_regToken */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2330] OBJ_id_regCtrl_authenticator */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2339] OBJ_id_regCtrl_pkiPublicationInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2348] OBJ_id_regCtrl_pkiArchiveOptions */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2357] OBJ_id_regCtrl_oldCertID */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2366] OBJ_id_regCtrl_protocolEncrKey */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2375] OBJ_id_regInfo_utf8Pairs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2384] OBJ_id_regInfo_certReq */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2393] OBJ_id_alg_des40 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2401] OBJ_id_alg_noSignature */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2409] OBJ_id_alg_dh_sig_hmac_sha1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2417] OBJ_id_alg_dh_pop */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2425] OBJ_id_cmc_statusInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2433] OBJ_id_cmc_identification */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2441] OBJ_id_cmc_identityProof */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2449] OBJ_id_cmc_dataReturn */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2457] OBJ_id_cmc_transactionId */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2465] OBJ_id_cmc_senderNonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2473] OBJ_id_cmc_recipientNonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2481] OBJ_id_cmc_addExtensions */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2489] OBJ_id_cmc_encryptedPOP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2497] OBJ_id_cmc_decryptedPOP */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2505] OBJ_id_cmc_lraPOPWitness */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2513] OBJ_id_cmc_getCert */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2521] OBJ_id_cmc_getCRL */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2529] OBJ_id_cmc_revokeRequest */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2537] OBJ_id_cmc_regInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2545] OBJ_id_cmc_responseInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2553] OBJ_id_cmc_queryPending */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2561] OBJ_id_cmc_popLinkRandom */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2569] OBJ_id_cmc_popLinkWitness */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2577] OBJ_id_cmc_confirmCertAcceptance */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2585] OBJ_id_on_personalData */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2593] OBJ_id_pda_dateOfBirth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2601] OBJ_id_pda_placeOfBirth */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2609] OBJ_id_pda_gender */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2617] OBJ_id_pda_countryOfCitizenship */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2625] OBJ_id_pda_countryOfResidence */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2633] OBJ_id_aca_authenticationInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2641] OBJ_id_aca_accessIdentity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2649] OBJ_id_aca_chargingIdentity */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2657] OBJ_id_aca_group */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2665] OBJ_id_aca_role */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2673] OBJ_id_qcs_pkixQCSyntax_v1 */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2681] OBJ_id_cct_crs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2689] OBJ_id_cct_PKIData */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2697] OBJ_id_cct_PKIResponse */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2705] OBJ_ad_timeStamping */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2713] OBJ_ad_dvcs */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2721] OBJ_id_pkix_OCSP_basic */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2730] OBJ_id_pkix_OCSP_Nonce */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2739] OBJ_id_pkix_OCSP_CrlID */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2748] OBJ_id_pkix_OCSP_acceptableResponses */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2757] OBJ_id_pkix_OCSP_noCheck */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2766] OBJ_id_pkix_OCSP_archiveCutoff */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2775] OBJ_id_pkix_OCSP_serviceLocator */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2784] OBJ_id_pkix_OCSP_extendedStatus */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2793] OBJ_id_pkix_OCSP_valid */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2802] OBJ_id_pkix_OCSP_path */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2811] OBJ_id_pkix_OCSP_trustRoot */ -0x2B,0x0E,0x03,0x02, /* [2820] OBJ_algorithm */ -0x2B,0x0E,0x03,0x02,0x0B, /* [2824] OBJ_rsaSignature */ -0x55,0x08, /* [2829] OBJ_X500algorithms */ -0x2B, /* [2831] OBJ_org */ -0x2B,0x06, /* [2832] OBJ_dod */ -0x2B,0x06,0x01, /* [2834] OBJ_iana */ -0x2B,0x06,0x01,0x01, /* [2837] OBJ_Directory */ -0x2B,0x06,0x01,0x02, /* [2841] OBJ_Management */ -0x2B,0x06,0x01,0x03, /* [2845] OBJ_Experimental */ -0x2B,0x06,0x01,0x04, /* [2849] OBJ_Private */ -0x2B,0x06,0x01,0x05, /* [2853] OBJ_Security */ -0x2B,0x06,0x01,0x06, /* [2857] OBJ_SNMPv2 */ -0x2B,0x06,0x01,0x07, /* [2861] OBJ_Mail */ -0x2B,0x06,0x01,0x04,0x01, /* [2865] OBJ_Enterprises */ -0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2870] OBJ_dcObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2879] OBJ_domainComponent */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2889] OBJ_Domain */ -0x00, /* [2899] OBJ_joint_iso_ccitt */ -0x55,0x01,0x05, /* [2900] OBJ_selected_attribute_types */ -0x55,0x01,0x05,0x37, /* [2903] OBJ_clearance */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2907] OBJ_md4WithRSAEncryption */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2916] OBJ_ac_proxying */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2924] OBJ_sinfo_access */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2932] OBJ_id_aca_encAttrs */ -0x55,0x04,0x48, /* [2940] OBJ_role */ -0x55,0x1D,0x24, /* [2943] OBJ_policy_constraints */ -0x55,0x1D,0x37, /* [2946] OBJ_target_information */ -0x55,0x1D,0x38, /* [2949] OBJ_no_rev_avail */ -0x00, /* [2952] OBJ_ccitt */ -0x2A,0x86,0x48,0xCE,0x3D, /* [2953] OBJ_ansi_X9_62 */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2958] OBJ_X9_62_prime_field */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2965] OBJ_X9_62_characteristic_two_field */ -0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2972] OBJ_X9_62_id_ecPublicKey */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2979] OBJ_X9_62_prime192v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2987] OBJ_X9_62_prime192v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2995] OBJ_X9_62_prime192v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [3003] OBJ_X9_62_prime239v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3011] OBJ_X9_62_prime239v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3019] OBJ_X9_62_prime239v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3027] OBJ_X9_62_prime256v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3035] OBJ_ecdsa_with_SHA1 */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3042] OBJ_ms_csp_name */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3051] OBJ_aes_128_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3060] OBJ_aes_128_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3069] OBJ_aes_128_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3078] OBJ_aes_128_cfb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3087] OBJ_aes_192_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3096] OBJ_aes_192_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3105] OBJ_aes_192_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3114] OBJ_aes_192_cfb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3123] OBJ_aes_256_ecb */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3132] OBJ_aes_256_cbc */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3141] OBJ_aes_256_ofb128 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3150] OBJ_aes_256_cfb128 */ -0x55,0x1D,0x17, /* [3159] OBJ_hold_instruction_code */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3162] OBJ_hold_instruction_none */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3169] OBJ_hold_instruction_call_issuer */ -0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3176] OBJ_hold_instruction_reject */ -0x09, /* [3183] OBJ_data */ -0x09,0x92,0x26, /* [3184] OBJ_pss */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3187] OBJ_ucl */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3194] OBJ_pilot */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3202] OBJ_pilotAttributeType */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3211] OBJ_pilotAttributeSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3220] OBJ_pilotObjectClass */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3229] OBJ_pilotGroups */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3238] OBJ_iA5StringSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3248] OBJ_caseIgnoreIA5StringSyntax */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3258] OBJ_pilotObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3268] OBJ_pilotPerson */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3278] OBJ_account */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3288] OBJ_document */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3298] OBJ_room */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3308] OBJ_documentSeries */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3318] OBJ_rFC822localPart */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3328] OBJ_dNSDomain */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3338] OBJ_domainRelatedObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3348] OBJ_friendlyCountry */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3358] OBJ_simpleSecurityObject */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3368] OBJ_pilotOrganization */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3378] OBJ_pilotDSA */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3388] OBJ_qualityLabelledData */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3398] OBJ_userId */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3408] OBJ_textEncodedORAddress */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3418] OBJ_rfc822Mailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3428] OBJ_info */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3438] OBJ_favouriteDrink */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3448] OBJ_roomNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3458] OBJ_photo */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3468] OBJ_userClass */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3478] OBJ_host */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3488] OBJ_manager */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3498] OBJ_documentIdentifier */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3508] OBJ_documentTitle */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3518] OBJ_documentVersion */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3528] OBJ_documentAuthor */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3538] OBJ_documentLocation */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3548] OBJ_homeTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3558] OBJ_secretary */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3568] OBJ_otherMailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3578] OBJ_lastModifiedTime */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3588] OBJ_lastModifiedBy */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3598] OBJ_aRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3608] OBJ_pilotAttributeType27 */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3618] OBJ_mXRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3628] OBJ_nSRecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3638] OBJ_sOARecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3648] OBJ_cNAMERecord */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3658] OBJ_associatedDomain */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3668] OBJ_associatedName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3678] OBJ_homePostalAddress */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3688] OBJ_personalTitle */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3698] OBJ_mobileTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3708] OBJ_pagerTelephoneNumber */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3718] OBJ_friendlyCountryName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3728] OBJ_organizationalStatus */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3738] OBJ_janetMailbox */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3748] OBJ_mailPreferenceOption */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3758] OBJ_buildingName */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3768] OBJ_dSAQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3778] OBJ_singleLevelQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3788] OBJ_subtreeMinimumQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3798] OBJ_subtreeMaximumQuality */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3808] OBJ_personalSignature */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3818] OBJ_dITRedirect */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3828] OBJ_audio */ -0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3838] OBJ_documentPublisher */ -0x55,0x04,0x2D, /* [3848] OBJ_x500UniqueIdentifier */ -0x2B,0x06,0x01,0x07,0x01, /* [3851] OBJ_mime_mhs */ -0x2B,0x06,0x01,0x07,0x01,0x01, /* [3856] OBJ_mime_mhs_headings */ -0x2B,0x06,0x01,0x07,0x01,0x02, /* [3862] OBJ_mime_mhs_bodies */ -0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3868] OBJ_id_hex_partial_message */ -0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3875] OBJ_id_hex_multipart_message */ -0x55,0x04,0x2C, /* [3882] OBJ_generationQualifier */ -0x55,0x04,0x41, /* [3885] OBJ_pseudonym */ -0x67,0x2A, /* [3888] OBJ_id_set */ -0x67,0x2A,0x00, /* [3890] OBJ_set_ctype */ -0x67,0x2A,0x01, /* [3893] OBJ_set_msgExt */ -0x67,0x2A,0x03, /* [3896] OBJ_set_attr */ -0x67,0x2A,0x05, /* [3899] OBJ_set_policy */ -0x67,0x2A,0x07, /* [3902] OBJ_set_certExt */ -0x67,0x2A,0x08, /* [3905] OBJ_set_brand */ -0x67,0x2A,0x00,0x00, /* [3908] OBJ_setct_PANData */ -0x67,0x2A,0x00,0x01, /* [3912] OBJ_setct_PANToken */ -0x67,0x2A,0x00,0x02, /* [3916] OBJ_setct_PANOnly */ -0x67,0x2A,0x00,0x03, /* [3920] OBJ_setct_OIData */ -0x67,0x2A,0x00,0x04, /* [3924] OBJ_setct_PI */ -0x67,0x2A,0x00,0x05, /* [3928] OBJ_setct_PIData */ -0x67,0x2A,0x00,0x06, /* [3932] OBJ_setct_PIDataUnsigned */ -0x67,0x2A,0x00,0x07, /* [3936] OBJ_setct_HODInput */ -0x67,0x2A,0x00,0x08, /* [3940] OBJ_setct_AuthResBaggage */ -0x67,0x2A,0x00,0x09, /* [3944] OBJ_setct_AuthRevReqBaggage */ -0x67,0x2A,0x00,0x0A, /* [3948] OBJ_setct_AuthRevResBaggage */ -0x67,0x2A,0x00,0x0B, /* [3952] OBJ_setct_CapTokenSeq */ -0x67,0x2A,0x00,0x0C, /* [3956] OBJ_setct_PInitResData */ -0x67,0x2A,0x00,0x0D, /* [3960] OBJ_setct_PI_TBS */ -0x67,0x2A,0x00,0x0E, /* [3964] OBJ_setct_PResData */ -0x67,0x2A,0x00,0x10, /* [3968] OBJ_setct_AuthReqTBS */ -0x67,0x2A,0x00,0x11, /* [3972] OBJ_setct_AuthResTBS */ -0x67,0x2A,0x00,0x12, /* [3976] OBJ_setct_AuthResTBSX */ -0x67,0x2A,0x00,0x13, /* [3980] OBJ_setct_AuthTokenTBS */ -0x67,0x2A,0x00,0x14, /* [3984] OBJ_setct_CapTokenData */ -0x67,0x2A,0x00,0x15, /* [3988] OBJ_setct_CapTokenTBS */ -0x67,0x2A,0x00,0x16, /* [3992] OBJ_setct_AcqCardCodeMsg */ -0x67,0x2A,0x00,0x17, /* [3996] OBJ_setct_AuthRevReqTBS */ -0x67,0x2A,0x00,0x18, /* [4000] OBJ_setct_AuthRevResData */ -0x67,0x2A,0x00,0x19, /* [4004] OBJ_setct_AuthRevResTBS */ -0x67,0x2A,0x00,0x1A, /* [4008] OBJ_setct_CapReqTBS */ -0x67,0x2A,0x00,0x1B, /* [4012] OBJ_setct_CapReqTBSX */ -0x67,0x2A,0x00,0x1C, /* [4016] OBJ_setct_CapResData */ -0x67,0x2A,0x00,0x1D, /* [4020] OBJ_setct_CapRevReqTBS */ -0x67,0x2A,0x00,0x1E, /* [4024] OBJ_setct_CapRevReqTBSX */ -0x67,0x2A,0x00,0x1F, /* [4028] OBJ_setct_CapRevResData */ -0x67,0x2A,0x00,0x20, /* [4032] OBJ_setct_CredReqTBS */ -0x67,0x2A,0x00,0x21, /* [4036] OBJ_setct_CredReqTBSX */ -0x67,0x2A,0x00,0x22, /* [4040] OBJ_setct_CredResData */ -0x67,0x2A,0x00,0x23, /* [4044] OBJ_setct_CredRevReqTBS */ -0x67,0x2A,0x00,0x24, /* [4048] OBJ_setct_CredRevReqTBSX */ -0x67,0x2A,0x00,0x25, /* [4052] OBJ_setct_CredRevResData */ -0x67,0x2A,0x00,0x26, /* [4056] OBJ_setct_PCertReqData */ -0x67,0x2A,0x00,0x27, /* [4060] OBJ_setct_PCertResTBS */ -0x67,0x2A,0x00,0x28, /* [4064] OBJ_setct_BatchAdminReqData */ -0x67,0x2A,0x00,0x29, /* [4068] OBJ_setct_BatchAdminResData */ -0x67,0x2A,0x00,0x2A, /* [4072] OBJ_setct_CardCInitResTBS */ -0x67,0x2A,0x00,0x2B, /* [4076] OBJ_setct_MeAqCInitResTBS */ -0x67,0x2A,0x00,0x2C, /* [4080] OBJ_setct_RegFormResTBS */ -0x67,0x2A,0x00,0x2D, /* [4084] OBJ_setct_CertReqData */ -0x67,0x2A,0x00,0x2E, /* [4088] OBJ_setct_CertReqTBS */ -0x67,0x2A,0x00,0x2F, /* [4092] OBJ_setct_CertResData */ -0x67,0x2A,0x00,0x30, /* [4096] OBJ_setct_CertInqReqTBS */ -0x67,0x2A,0x00,0x31, /* [4100] OBJ_setct_ErrorTBS */ -0x67,0x2A,0x00,0x32, /* [4104] OBJ_setct_PIDualSignedTBE */ -0x67,0x2A,0x00,0x33, /* [4108] OBJ_setct_PIUnsignedTBE */ -0x67,0x2A,0x00,0x34, /* [4112] OBJ_setct_AuthReqTBE */ -0x67,0x2A,0x00,0x35, /* [4116] OBJ_setct_AuthResTBE */ -0x67,0x2A,0x00,0x36, /* [4120] OBJ_setct_AuthResTBEX */ -0x67,0x2A,0x00,0x37, /* [4124] OBJ_setct_AuthTokenTBE */ -0x67,0x2A,0x00,0x38, /* [4128] OBJ_setct_CapTokenTBE */ -0x67,0x2A,0x00,0x39, /* [4132] OBJ_setct_CapTokenTBEX */ -0x67,0x2A,0x00,0x3A, /* [4136] OBJ_setct_AcqCardCodeMsgTBE */ -0x67,0x2A,0x00,0x3B, /* [4140] OBJ_setct_AuthRevReqTBE */ -0x67,0x2A,0x00,0x3C, /* [4144] OBJ_setct_AuthRevResTBE */ -0x67,0x2A,0x00,0x3D, /* [4148] OBJ_setct_AuthRevResTBEB */ -0x67,0x2A,0x00,0x3E, /* [4152] OBJ_setct_CapReqTBE */ -0x67,0x2A,0x00,0x3F, /* [4156] OBJ_setct_CapReqTBEX */ -0x67,0x2A,0x00,0x40, /* [4160] OBJ_setct_CapResTBE */ -0x67,0x2A,0x00,0x41, /* [4164] OBJ_setct_CapRevReqTBE */ -0x67,0x2A,0x00,0x42, /* [4168] OBJ_setct_CapRevReqTBEX */ -0x67,0x2A,0x00,0x43, /* [4172] OBJ_setct_CapRevResTBE */ -0x67,0x2A,0x00,0x44, /* [4176] OBJ_setct_CredReqTBE */ -0x67,0x2A,0x00,0x45, /* [4180] OBJ_setct_CredReqTBEX */ -0x67,0x2A,0x00,0x46, /* [4184] OBJ_setct_CredResTBE */ -0x67,0x2A,0x00,0x47, /* [4188] OBJ_setct_CredRevReqTBE */ -0x67,0x2A,0x00,0x48, /* [4192] OBJ_setct_CredRevReqTBEX */ -0x67,0x2A,0x00,0x49, /* [4196] OBJ_setct_CredRevResTBE */ -0x67,0x2A,0x00,0x4A, /* [4200] OBJ_setct_BatchAdminReqTBE */ -0x67,0x2A,0x00,0x4B, /* [4204] OBJ_setct_BatchAdminResTBE */ -0x67,0x2A,0x00,0x4C, /* [4208] OBJ_setct_RegFormReqTBE */ -0x67,0x2A,0x00,0x4D, /* [4212] OBJ_setct_CertReqTBE */ -0x67,0x2A,0x00,0x4E, /* [4216] OBJ_setct_CertReqTBEX */ -0x67,0x2A,0x00,0x4F, /* [4220] OBJ_setct_CertResTBE */ -0x67,0x2A,0x00,0x50, /* [4224] OBJ_setct_CRLNotificationTBS */ -0x67,0x2A,0x00,0x51, /* [4228] OBJ_setct_CRLNotificationResTBS */ -0x67,0x2A,0x00,0x52, /* [4232] OBJ_setct_BCIDistributionTBS */ -0x67,0x2A,0x01,0x01, /* [4236] OBJ_setext_genCrypt */ -0x67,0x2A,0x01,0x03, /* [4240] OBJ_setext_miAuth */ -0x67,0x2A,0x01,0x04, /* [4244] OBJ_setext_pinSecure */ -0x67,0x2A,0x01,0x05, /* [4248] OBJ_setext_pinAny */ -0x67,0x2A,0x01,0x07, /* [4252] OBJ_setext_track2 */ -0x67,0x2A,0x01,0x08, /* [4256] OBJ_setext_cv */ -0x67,0x2A,0x05,0x00, /* [4260] OBJ_set_policy_root */ -0x67,0x2A,0x07,0x00, /* [4264] OBJ_setCext_hashedRoot */ -0x67,0x2A,0x07,0x01, /* [4268] OBJ_setCext_certType */ -0x67,0x2A,0x07,0x02, /* [4272] OBJ_setCext_merchData */ -0x67,0x2A,0x07,0x03, /* [4276] OBJ_setCext_cCertRequired */ -0x67,0x2A,0x07,0x04, /* [4280] OBJ_setCext_tunneling */ -0x67,0x2A,0x07,0x05, /* [4284] OBJ_setCext_setExt */ -0x67,0x2A,0x07,0x06, /* [4288] OBJ_setCext_setQualf */ -0x67,0x2A,0x07,0x07, /* [4292] OBJ_setCext_PGWYcapabilities */ -0x67,0x2A,0x07,0x08, /* [4296] OBJ_setCext_TokenIdentifier */ -0x67,0x2A,0x07,0x09, /* [4300] OBJ_setCext_Track2Data */ -0x67,0x2A,0x07,0x0A, /* [4304] OBJ_setCext_TokenType */ -0x67,0x2A,0x07,0x0B, /* [4308] OBJ_setCext_IssuerCapabilities */ -0x67,0x2A,0x03,0x00, /* [4312] OBJ_setAttr_Cert */ -0x67,0x2A,0x03,0x01, /* [4316] OBJ_setAttr_PGWYcap */ -0x67,0x2A,0x03,0x02, /* [4320] OBJ_setAttr_TokenType */ -0x67,0x2A,0x03,0x03, /* [4324] OBJ_setAttr_IssCap */ -0x67,0x2A,0x03,0x00,0x00, /* [4328] OBJ_set_rootKeyThumb */ -0x67,0x2A,0x03,0x00,0x01, /* [4333] OBJ_set_addPolicy */ -0x67,0x2A,0x03,0x02,0x01, /* [4338] OBJ_setAttr_Token_EMV */ -0x67,0x2A,0x03,0x02,0x02, /* [4343] OBJ_setAttr_Token_B0Prime */ -0x67,0x2A,0x03,0x03,0x03, /* [4348] OBJ_setAttr_IssCap_CVM */ -0x67,0x2A,0x03,0x03,0x04, /* [4353] OBJ_setAttr_IssCap_T2 */ -0x67,0x2A,0x03,0x03,0x05, /* [4358] OBJ_setAttr_IssCap_Sig */ -0x67,0x2A,0x03,0x03,0x03,0x01, /* [4363] OBJ_setAttr_GenCryptgrm */ -0x67,0x2A,0x03,0x03,0x04,0x01, /* [4369] OBJ_setAttr_T2Enc */ -0x67,0x2A,0x03,0x03,0x04,0x02, /* [4375] OBJ_setAttr_T2cleartxt */ -0x67,0x2A,0x03,0x03,0x05,0x01, /* [4381] OBJ_setAttr_TokICCsig */ -0x67,0x2A,0x03,0x03,0x05,0x02, /* [4387] OBJ_setAttr_SecDevSig */ -0x67,0x2A,0x08,0x01, /* [4393] OBJ_set_brand_IATA_ATA */ -0x67,0x2A,0x08,0x1E, /* [4397] OBJ_set_brand_Diners */ -0x67,0x2A,0x08,0x22, /* [4401] OBJ_set_brand_AmericanExpress */ -0x67,0x2A,0x08,0x23, /* [4405] OBJ_set_brand_JCB */ -0x67,0x2A,0x08,0x04, /* [4409] OBJ_set_brand_Visa */ -0x67,0x2A,0x08,0x05, /* [4413] OBJ_set_brand_MasterCard */ -0x67,0x2A,0x08,0xAE,0x7B, /* [4417] OBJ_set_brand_Novus */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4422] OBJ_des_cdmf */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4430] OBJ_rsaOAEPEncryptionSET */ -0x00, /* [4439] OBJ_itu_t */ -0x50, /* [4440] OBJ_joint_iso_itu_t */ -0x67, /* [4441] OBJ_international_organizations */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4442] OBJ_ms_smartcard_login */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4452] OBJ_ms_upn */ -0x55,0x04,0x09, /* [4462] OBJ_streetAddress */ -0x55,0x04,0x11, /* [4465] OBJ_postalCode */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4468] OBJ_id_ppl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4475] OBJ_proxyCertInfo */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4483] OBJ_id_ppl_anyLanguage */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4491] OBJ_id_ppl_inheritAll */ -0x55,0x1D,0x1E, /* [4499] OBJ_name_constraints */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4502] OBJ_Independent */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4510] OBJ_sha256WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4519] OBJ_sha384WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4528] OBJ_sha512WithRSAEncryption */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4537] OBJ_sha224WithRSAEncryption */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4546] OBJ_sha256 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4555] OBJ_sha384 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4564] OBJ_sha512 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4573] OBJ_sha224 */ -0x2B, /* [4582] OBJ_identified_organization */ -0x2B,0x81,0x04, /* [4583] OBJ_certicom_arc */ -0x67,0x2B, /* [4586] OBJ_wap */ -0x67,0x2B,0x01, /* [4588] OBJ_wap_wsg */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4591] OBJ_X9_62_id_characteristic_two_basis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4599] OBJ_X9_62_onBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4608] OBJ_X9_62_tpBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4617] OBJ_X9_62_ppBasis */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4626] OBJ_X9_62_c2pnb163v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4634] OBJ_X9_62_c2pnb163v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4642] OBJ_X9_62_c2pnb163v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4650] OBJ_X9_62_c2pnb176v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4658] OBJ_X9_62_c2tnb191v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4666] OBJ_X9_62_c2tnb191v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4674] OBJ_X9_62_c2tnb191v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4682] OBJ_X9_62_c2onb191v4 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4690] OBJ_X9_62_c2onb191v5 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4698] OBJ_X9_62_c2pnb208w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4706] OBJ_X9_62_c2tnb239v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4714] OBJ_X9_62_c2tnb239v2 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4722] OBJ_X9_62_c2tnb239v3 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4730] OBJ_X9_62_c2onb239v4 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4738] OBJ_X9_62_c2onb239v5 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4746] OBJ_X9_62_c2pnb272w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4754] OBJ_X9_62_c2pnb304w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4762] OBJ_X9_62_c2tnb359v1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4770] OBJ_X9_62_c2pnb368w1 */ -0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4778] OBJ_X9_62_c2tnb431r1 */ -0x2B,0x81,0x04,0x00,0x06, /* [4786] OBJ_secp112r1 */ -0x2B,0x81,0x04,0x00,0x07, /* [4791] OBJ_secp112r2 */ -0x2B,0x81,0x04,0x00,0x1C, /* [4796] OBJ_secp128r1 */ -0x2B,0x81,0x04,0x00,0x1D, /* [4801] OBJ_secp128r2 */ -0x2B,0x81,0x04,0x00,0x09, /* [4806] OBJ_secp160k1 */ -0x2B,0x81,0x04,0x00,0x08, /* [4811] OBJ_secp160r1 */ -0x2B,0x81,0x04,0x00,0x1E, /* [4816] OBJ_secp160r2 */ -0x2B,0x81,0x04,0x00,0x1F, /* [4821] OBJ_secp192k1 */ -0x2B,0x81,0x04,0x00,0x20, /* [4826] OBJ_secp224k1 */ -0x2B,0x81,0x04,0x00,0x21, /* [4831] OBJ_secp224r1 */ -0x2B,0x81,0x04,0x00,0x0A, /* [4836] OBJ_secp256k1 */ -0x2B,0x81,0x04,0x00,0x22, /* [4841] OBJ_secp384r1 */ -0x2B,0x81,0x04,0x00,0x23, /* [4846] OBJ_secp521r1 */ -0x2B,0x81,0x04,0x00,0x04, /* [4851] OBJ_sect113r1 */ -0x2B,0x81,0x04,0x00,0x05, /* [4856] OBJ_sect113r2 */ -0x2B,0x81,0x04,0x00,0x16, /* [4861] OBJ_sect131r1 */ -0x2B,0x81,0x04,0x00,0x17, /* [4866] OBJ_sect131r2 */ -0x2B,0x81,0x04,0x00,0x01, /* [4871] OBJ_sect163k1 */ -0x2B,0x81,0x04,0x00,0x02, /* [4876] OBJ_sect163r1 */ -0x2B,0x81,0x04,0x00,0x0F, /* [4881] OBJ_sect163r2 */ -0x2B,0x81,0x04,0x00,0x18, /* [4886] OBJ_sect193r1 */ -0x2B,0x81,0x04,0x00,0x19, /* [4891] OBJ_sect193r2 */ -0x2B,0x81,0x04,0x00,0x1A, /* [4896] OBJ_sect233k1 */ -0x2B,0x81,0x04,0x00,0x1B, /* [4901] OBJ_sect233r1 */ -0x2B,0x81,0x04,0x00,0x03, /* [4906] OBJ_sect239k1 */ -0x2B,0x81,0x04,0x00,0x10, /* [4911] OBJ_sect283k1 */ -0x2B,0x81,0x04,0x00,0x11, /* [4916] OBJ_sect283r1 */ -0x2B,0x81,0x04,0x00,0x24, /* [4921] OBJ_sect409k1 */ -0x2B,0x81,0x04,0x00,0x25, /* [4926] OBJ_sect409r1 */ -0x2B,0x81,0x04,0x00,0x26, /* [4931] OBJ_sect571k1 */ -0x2B,0x81,0x04,0x00,0x27, /* [4936] OBJ_sect571r1 */ -0x67,0x2B,0x01,0x04,0x01, /* [4941] OBJ_wap_wsg_idm_ecid_wtls1 */ -0x67,0x2B,0x01,0x04,0x03, /* [4946] OBJ_wap_wsg_idm_ecid_wtls3 */ -0x67,0x2B,0x01,0x04,0x04, /* [4951] OBJ_wap_wsg_idm_ecid_wtls4 */ -0x67,0x2B,0x01,0x04,0x05, /* [4956] OBJ_wap_wsg_idm_ecid_wtls5 */ -0x67,0x2B,0x01,0x04,0x06, /* [4961] OBJ_wap_wsg_idm_ecid_wtls6 */ -0x67,0x2B,0x01,0x04,0x07, /* [4966] OBJ_wap_wsg_idm_ecid_wtls7 */ -0x67,0x2B,0x01,0x04,0x08, /* [4971] OBJ_wap_wsg_idm_ecid_wtls8 */ -0x67,0x2B,0x01,0x04,0x09, /* [4976] OBJ_wap_wsg_idm_ecid_wtls9 */ -0x67,0x2B,0x01,0x04,0x0A, /* [4981] OBJ_wap_wsg_idm_ecid_wtls10 */ -0x67,0x2B,0x01,0x04,0x0B, /* [4986] OBJ_wap_wsg_idm_ecid_wtls11 */ -0x67,0x2B,0x01,0x04,0x0C, /* [4991] OBJ_wap_wsg_idm_ecid_wtls12 */ -0x55,0x1D,0x20,0x00, /* [4996] OBJ_any_policy */ -0x55,0x1D,0x21, /* [5000] OBJ_policy_mappings */ -0x55,0x1D,0x36, /* [5003] OBJ_inhibit_any_policy */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5006] OBJ_camellia_128_cbc */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5017] OBJ_camellia_192_cbc */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5028] OBJ_camellia_256_cbc */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5039] OBJ_camellia_128_ecb */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5047] OBJ_camellia_192_ecb */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5055] OBJ_camellia_256_ecb */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5063] OBJ_camellia_128_cfb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5071] OBJ_camellia_192_cfb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5079] OBJ_camellia_256_cfb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5087] OBJ_camellia_128_ofb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5095] OBJ_camellia_192_ofb128 */ -0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5103] OBJ_camellia_256_ofb128 */ -0x55,0x1D,0x09, /* [5111] OBJ_subject_directory_attributes */ -0x55,0x1D,0x1C, /* [5114] OBJ_issuing_distribution_point */ -0x55,0x1D,0x1D, /* [5117] OBJ_certificate_issuer */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5120] OBJ_kisa */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5126] OBJ_seed_ecb */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5134] OBJ_seed_cbc */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5142] OBJ_seed_ofb128 */ -0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5150] OBJ_seed_cfb128 */ -0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5158] OBJ_hmac_md5 */ -0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5166] OBJ_hmac_sha1 */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5174] OBJ_id_PasswordBasedMAC */ -0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5183] OBJ_id_DHBasedMac */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5192] OBJ_id_it_suppLangTags */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5200] OBJ_caRepository */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5208] OBJ_id_smime_ct_compressedData */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5219] OBJ_id_ct_asciiTextWithCRLF */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5230] OBJ_id_aes128_wrap */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5239] OBJ_id_aes192_wrap */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5248] OBJ_id_aes256_wrap */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5257] OBJ_ecdsa_with_Recommended */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5264] OBJ_ecdsa_with_Specified */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5271] OBJ_ecdsa_with_SHA224 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5279] OBJ_ecdsa_with_SHA256 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5287] OBJ_ecdsa_with_SHA384 */ -0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5295] OBJ_ecdsa_with_SHA512 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06, /* [5303] OBJ_hmacWithMD5 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08, /* [5311] OBJ_hmacWithSHA224 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09, /* [5319] OBJ_hmacWithSHA256 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A, /* [5327] OBJ_hmacWithSHA384 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B, /* [5335] OBJ_hmacWithSHA512 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5343] OBJ_dsa_with_SHA224 */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5352] OBJ_dsa_with_SHA256 */ -0x28,0xCF,0x06,0x03,0x00,0x37, /* [5361] OBJ_whirlpool */ -0x2A,0x85,0x03,0x02,0x02, /* [5367] OBJ_cryptopro */ -0x2A,0x85,0x03,0x02,0x09, /* [5372] OBJ_cryptocom */ -0x2A,0x85,0x03,0x02,0x02,0x03, /* [5377] OBJ_id_GostR3411_94_with_GostR3410_2001 */ -0x2A,0x85,0x03,0x02,0x02,0x04, /* [5383] OBJ_id_GostR3411_94_with_GostR3410_94 */ -0x2A,0x85,0x03,0x02,0x02,0x09, /* [5389] OBJ_id_GostR3411_94 */ -0x2A,0x85,0x03,0x02,0x02,0x0A, /* [5395] OBJ_id_HMACGostR3411_94 */ -0x2A,0x85,0x03,0x02,0x02,0x13, /* [5401] OBJ_id_GostR3410_2001 */ -0x2A,0x85,0x03,0x02,0x02,0x14, /* [5407] OBJ_id_GostR3410_94 */ -0x2A,0x85,0x03,0x02,0x02,0x15, /* [5413] OBJ_id_Gost28147_89 */ -0x2A,0x85,0x03,0x02,0x02,0x16, /* [5419] OBJ_id_Gost28147_89_MAC */ -0x2A,0x85,0x03,0x02,0x02,0x17, /* [5425] OBJ_id_GostR3411_94_prf */ -0x2A,0x85,0x03,0x02,0x02,0x62, /* [5431] OBJ_id_GostR3410_2001DH */ -0x2A,0x85,0x03,0x02,0x02,0x63, /* [5437] OBJ_id_GostR3410_94DH */ -0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5443] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */ -0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5450] OBJ_id_Gost28147_89_None_KeyMeshing */ -0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5457] OBJ_id_GostR3411_94_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5464] OBJ_id_GostR3411_94_CryptoProParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5471] OBJ_id_Gost28147_89_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5478] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5485] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5492] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5499] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5506] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5513] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5520] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5527] OBJ_id_GostR3410_94_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5534] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5541] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5548] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5555] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5562] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5569] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5576] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5583] OBJ_id_GostR3410_2001_TestParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5590] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5597] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5604] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5611] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5618] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5625] OBJ_id_GostR3410_94_a */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5632] OBJ_id_GostR3410_94_aBis */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5639] OBJ_id_GostR3410_94_b */ -0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5646] OBJ_id_GostR3410_94_bBis */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5653] OBJ_id_Gost28147_89_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5661] OBJ_id_GostR3410_94_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5669] OBJ_id_GostR3410_2001_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5677] OBJ_id_GostR3411_94_with_GostR3410_94_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5685] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */ -0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5693] OBJ_id_GostR3410_2001_ParamSet_cc */ -0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5701] OBJ_LocalKeySet */ -0x55,0x1D,0x2E, /* [5710] OBJ_freshest_crl */ -0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5713] OBJ_id_on_permanentIdentifier */ -0x55,0x04,0x0E, /* [5721] OBJ_searchGuide */ -0x55,0x04,0x0F, /* [5724] OBJ_businessCategory */ -0x55,0x04,0x10, /* [5727] OBJ_postalAddress */ -0x55,0x04,0x12, /* [5730] OBJ_postOfficeBox */ -0x55,0x04,0x13, /* [5733] OBJ_physicalDeliveryOfficeName */ -0x55,0x04,0x14, /* [5736] OBJ_telephoneNumber */ -0x55,0x04,0x15, /* [5739] OBJ_telexNumber */ -0x55,0x04,0x16, /* [5742] OBJ_teletexTerminalIdentifier */ -0x55,0x04,0x17, /* [5745] OBJ_facsimileTelephoneNumber */ -0x55,0x04,0x18, /* [5748] OBJ_x121Address */ -0x55,0x04,0x19, /* [5751] OBJ_internationaliSDNNumber */ -0x55,0x04,0x1A, /* [5754] OBJ_registeredAddress */ -0x55,0x04,0x1B, /* [5757] OBJ_destinationIndicator */ -0x55,0x04,0x1C, /* [5760] OBJ_preferredDeliveryMethod */ -0x55,0x04,0x1D, /* [5763] OBJ_presentationAddress */ -0x55,0x04,0x1E, /* [5766] OBJ_supportedApplicationContext */ -0x55,0x04,0x1F, /* [5769] OBJ_member */ -0x55,0x04,0x20, /* [5772] OBJ_owner */ -0x55,0x04,0x21, /* [5775] OBJ_roleOccupant */ -0x55,0x04,0x22, /* [5778] OBJ_seeAlso */ -0x55,0x04,0x23, /* [5781] OBJ_userPassword */ -0x55,0x04,0x24, /* [5784] OBJ_userCertificate */ -0x55,0x04,0x25, /* [5787] OBJ_cACertificate */ -0x55,0x04,0x26, /* [5790] OBJ_authorityRevocationList */ -0x55,0x04,0x27, /* [5793] OBJ_certificateRevocationList */ -0x55,0x04,0x28, /* [5796] OBJ_crossCertificatePair */ -0x55,0x04,0x2F, /* [5799] OBJ_enhancedSearchGuide */ -0x55,0x04,0x30, /* [5802] OBJ_protocolInformation */ -0x55,0x04,0x31, /* [5805] OBJ_distinguishedName */ -0x55,0x04,0x32, /* [5808] OBJ_uniqueMember */ -0x55,0x04,0x33, /* [5811] OBJ_houseIdentifier */ -0x55,0x04,0x34, /* [5814] OBJ_supportedAlgorithms */ -0x55,0x04,0x35, /* [5817] OBJ_deltaRevocationList */ -0x55,0x04,0x36, /* [5820] OBJ_dmdName */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5823] OBJ_id_alg_PWRI_KEK */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5834] OBJ_aes_128_gcm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5843] OBJ_aes_128_ccm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5852] OBJ_id_aes128_wrap_pad */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5861] OBJ_aes_192_gcm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5870] OBJ_aes_192_ccm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5879] OBJ_id_aes192_wrap_pad */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5888] OBJ_aes_256_gcm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5897] OBJ_aes_256_ccm */ -0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5906] OBJ_id_aes256_wrap_pad */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5915] OBJ_id_camellia128_wrap */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5926] OBJ_id_camellia192_wrap */ -0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5937] OBJ_id_camellia256_wrap */ -0x55,0x1D,0x25,0x00, /* [5948] OBJ_anyExtendedKeyUsage */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5952] OBJ_mgf1 */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5961] OBJ_rsassaPss */ -0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5970] OBJ_rsaesOaep */ +static const unsigned char lvalues[5974]={ +0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 21] OBJ_md5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 29] OBJ_rc4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */ +0x55, /* [ 82] OBJ_X500 */ +0x55,0x04, /* [ 83] OBJ_X509 */ +0x55,0x04,0x03, /* [ 85] OBJ_commonName */ +0x55,0x04,0x06, /* [ 88] OBJ_countryName */ +0x55,0x04,0x07, /* [ 91] OBJ_localityName */ +0x55,0x04,0x08, /* [ 94] OBJ_stateOrProvinceName */ +0x55,0x04,0x0A, /* [ 97] OBJ_organizationName */ +0x55,0x04,0x0B, /* [100] OBJ_organizationalUnitName */ +0x55,0x08,0x01,0x01, /* [103] OBJ_rsa */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [107] OBJ_pkcs7 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [169] OBJ_pkcs3 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */ +0x2B,0x0E,0x03,0x02,0x06, /* [186] OBJ_des_ecb */ +0x2B,0x0E,0x03,0x02,0x09, /* [191] OBJ_des_cfb64 */ +0x2B,0x0E,0x03,0x02,0x07, /* [196] OBJ_des_cbc */ +0x2B,0x0E,0x03,0x02,0x11, /* [201] OBJ_des_ede_ecb */ +0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [206] OBJ_idea_cbc */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [217] OBJ_rc2_cbc */ +0x2B,0x0E,0x03,0x02,0x12, /* [225] OBJ_sha */ +0x2B,0x0E,0x03,0x02,0x0F, /* [230] OBJ_shaWithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [235] OBJ_des_ede3_cbc */ +0x2B,0x0E,0x03,0x02,0x08, /* [243] OBJ_des_ofb64 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [248] OBJ_pkcs9 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [256] OBJ_pkcs9_emailAddress */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [265] OBJ_pkcs9_unstructuredName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [274] OBJ_pkcs9_contentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [283] OBJ_pkcs9_messageDigest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [292] OBJ_pkcs9_signingTime */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [301] OBJ_pkcs9_countersignature */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [310] OBJ_pkcs9_challengePassword */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [319] OBJ_pkcs9_unstructuredAddress */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [328] OBJ_pkcs9_extCertAttributes */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [337] OBJ_netscape */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [344] OBJ_netscape_cert_extension */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [352] OBJ_netscape_data_type */ +0x2B,0x0E,0x03,0x02,0x1A, /* [360] OBJ_sha1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [365] OBJ_sha1WithRSAEncryption */ +0x2B,0x0E,0x03,0x02,0x0D, /* [374] OBJ_dsaWithSHA */ +0x2B,0x0E,0x03,0x02,0x0C, /* [379] OBJ_dsa_2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [384] OBJ_pbeWithSHA1AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [393] OBJ_id_pbkdf2 */ +0x2B,0x0E,0x03,0x02,0x1B, /* [402] OBJ_dsaWithSHA1_2 */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [407] OBJ_netscape_cert_type */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [416] OBJ_netscape_base_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [425] OBJ_netscape_revocation_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [434] OBJ_netscape_ca_revocation_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [443] OBJ_netscape_renewal_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [452] OBJ_netscape_ca_policy_url */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [461] OBJ_netscape_ssl_server_name */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [470] OBJ_netscape_comment */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [479] OBJ_netscape_cert_sequence */ +0x55,0x1D, /* [488] OBJ_id_ce */ +0x55,0x1D,0x0E, /* [490] OBJ_subject_key_identifier */ +0x55,0x1D,0x0F, /* [493] OBJ_key_usage */ +0x55,0x1D,0x10, /* [496] OBJ_private_key_usage_period */ +0x55,0x1D,0x11, /* [499] OBJ_subject_alt_name */ +0x55,0x1D,0x12, /* [502] OBJ_issuer_alt_name */ +0x55,0x1D,0x13, /* [505] OBJ_basic_constraints */ +0x55,0x1D,0x14, /* [508] OBJ_crl_number */ +0x55,0x1D,0x20, /* [511] OBJ_certificate_policies */ +0x55,0x1D,0x23, /* [514] OBJ_authority_key_identifier */ +0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [517] OBJ_bf_cbc */ +0x55,0x08,0x03,0x65, /* [526] OBJ_mdc2 */ +0x55,0x08,0x03,0x64, /* [530] OBJ_mdc2WithRSA */ +0x55,0x04,0x2A, /* [534] OBJ_givenName */ +0x55,0x04,0x04, /* [537] OBJ_surname */ +0x55,0x04,0x2B, /* [540] OBJ_initials */ +0x55,0x1D,0x1F, /* [543] OBJ_crl_distribution_points */ +0x2B,0x0E,0x03,0x02,0x03, /* [546] OBJ_md5WithRSA */ +0x55,0x04,0x05, /* [551] OBJ_serialNumber */ +0x55,0x04,0x0C, /* [554] OBJ_title */ +0x55,0x04,0x0D, /* [557] OBJ_description */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [560] OBJ_cast5_cbc */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [569] OBJ_pbeWithMD5AndCast5_CBC */ +0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [578] OBJ_dsaWithSHA1 */ +0x2B,0x0E,0x03,0x02,0x1D, /* [585] OBJ_sha1WithRSA */ +0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [590] OBJ_dsa */ +0x2B,0x24,0x03,0x02,0x01, /* [597] OBJ_ripemd160 */ +0x2B,0x24,0x03,0x03,0x01,0x02, /* [602] OBJ_ripemd160WithRSA */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [608] OBJ_rc5_cbc */ +0x29,0x01,0x01,0x85,0x1A,0x01, /* [616] OBJ_rle_compression */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [622] OBJ_zlib_compression */ +0x55,0x1D,0x25, /* [633] OBJ_ext_key_usage */ +0x2B,0x06,0x01,0x05,0x05,0x07, /* [636] OBJ_id_pkix */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [642] OBJ_id_kp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [649] OBJ_server_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [657] OBJ_client_auth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [665] OBJ_code_sign */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [673] OBJ_email_protect */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [681] OBJ_time_stamp */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [689] OBJ_ms_code_ind */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [699] OBJ_ms_code_com */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [709] OBJ_ms_ctl_sign */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [719] OBJ_ms_sgc */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [729] OBJ_ms_efs */ +0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [739] OBJ_ns_sgc */ +0x55,0x1D,0x1B, /* [748] OBJ_delta_crl */ +0x55,0x1D,0x15, /* [751] OBJ_crl_reason */ +0x55,0x1D,0x18, /* [754] OBJ_invalidity_date */ +0x2B,0x65,0x01,0x04,0x01, /* [757] OBJ_sxnet */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [762] OBJ_pbe_WithSHA1And128BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [772] OBJ_pbe_WithSHA1And40BitRC4 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [782] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [792] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [802] OBJ_pbe_WithSHA1And128BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [812] OBJ_pbe_WithSHA1And40BitRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [822] OBJ_keyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [833] OBJ_pkcs8ShroudedKeyBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [844] OBJ_certBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [855] OBJ_crlBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [866] OBJ_secretBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [877] OBJ_safeContentsBag */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [888] OBJ_friendlyName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [897] OBJ_localKeyID */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [906] OBJ_x509Certificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [916] OBJ_sdsiCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [926] OBJ_x509Crl */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [936] OBJ_pbes2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [945] OBJ_pbmac1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [954] OBJ_hmacWithSHA1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [962] OBJ_id_qt_cps */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [970] OBJ_id_qt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [978] OBJ_SMIMECapabilities */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [987] OBJ_pbeWithMD2AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [996] OBJ_pbeWithMD5AndRC2_CBC */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1005] OBJ_pbeWithSHA1AndDES_CBC */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1014] OBJ_ms_ext_req */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1024] OBJ_ext_req */ +0x55,0x04,0x29, /* [1033] OBJ_name */ +0x55,0x04,0x2E, /* [1036] OBJ_dnQualifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1039] OBJ_id_pe */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1046] OBJ_id_ad */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1053] OBJ_info_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1061] OBJ_ad_OCSP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1069] OBJ_ad_ca_issuers */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1077] OBJ_OCSP_sign */ +0x2A, /* [1085] OBJ_member_body */ +0x2A,0x86,0x48, /* [1086] OBJ_ISO_US */ +0x2A,0x86,0x48,0xCE,0x38, /* [1089] OBJ_X9_57 */ +0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1094] OBJ_X9cm */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1100] OBJ_pkcs1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1108] OBJ_pkcs5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1116] OBJ_SMIME */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1125] OBJ_id_smime_mod */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1135] OBJ_id_smime_ct */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1145] OBJ_id_smime_aa */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1155] OBJ_id_smime_alg */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1165] OBJ_id_smime_cd */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1175] OBJ_id_smime_spq */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1185] OBJ_id_smime_cti */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1195] OBJ_id_smime_mod_cms */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1206] OBJ_id_smime_mod_ess */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1217] OBJ_id_smime_mod_oid */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1228] OBJ_id_smime_mod_msg_v3 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1239] OBJ_id_smime_mod_ets_eSignature_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1250] OBJ_id_smime_mod_ets_eSignature_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1261] OBJ_id_smime_mod_ets_eSigPolicy_88 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1272] OBJ_id_smime_mod_ets_eSigPolicy_97 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1283] OBJ_id_smime_ct_receipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1294] OBJ_id_smime_ct_authData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1305] OBJ_id_smime_ct_publishCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1316] OBJ_id_smime_ct_TSTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1327] OBJ_id_smime_ct_TDTInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1338] OBJ_id_smime_ct_contentInfo */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1349] OBJ_id_smime_ct_DVCSRequestData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1360] OBJ_id_smime_ct_DVCSResponseData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1371] OBJ_id_smime_aa_receiptRequest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1382] OBJ_id_smime_aa_securityLabel */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1393] OBJ_id_smime_aa_mlExpandHistory */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1404] OBJ_id_smime_aa_contentHint */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1415] OBJ_id_smime_aa_msgSigDigest */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1426] OBJ_id_smime_aa_encapContentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1437] OBJ_id_smime_aa_contentIdentifier */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1448] OBJ_id_smime_aa_macValue */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1459] OBJ_id_smime_aa_equivalentLabels */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1470] OBJ_id_smime_aa_contentReference */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1481] OBJ_id_smime_aa_encrypKeyPref */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1492] OBJ_id_smime_aa_signingCertificate */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1503] OBJ_id_smime_aa_smimeEncryptCerts */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1514] OBJ_id_smime_aa_timeStampToken */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1525] OBJ_id_smime_aa_ets_sigPolicyId */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1536] OBJ_id_smime_aa_ets_commitmentType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1547] OBJ_id_smime_aa_ets_signerLocation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1558] OBJ_id_smime_aa_ets_signerAttr */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1569] OBJ_id_smime_aa_ets_otherSigCert */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1580] OBJ_id_smime_aa_ets_contentTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1591] OBJ_id_smime_aa_ets_CertificateRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1602] OBJ_id_smime_aa_ets_RevocationRefs */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1613] OBJ_id_smime_aa_ets_certValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1624] OBJ_id_smime_aa_ets_revocationValues */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1635] OBJ_id_smime_aa_ets_escTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1646] OBJ_id_smime_aa_ets_certCRLTimestamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1657] OBJ_id_smime_aa_ets_archiveTimeStamp */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1668] OBJ_id_smime_aa_signatureType */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1679] OBJ_id_smime_aa_dvcs_dvc */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1690] OBJ_id_smime_alg_ESDHwith3DES */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1701] OBJ_id_smime_alg_ESDHwithRC2 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1712] OBJ_id_smime_alg_3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1723] OBJ_id_smime_alg_RC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1734] OBJ_id_smime_alg_ESDH */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1745] OBJ_id_smime_alg_CMS3DESwrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1756] OBJ_id_smime_alg_CMSRC2wrap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1767] OBJ_id_smime_cd_ldap */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1778] OBJ_id_smime_spq_ets_sqt_uri */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1789] OBJ_id_smime_spq_ets_sqt_unotice */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1800] OBJ_id_smime_cti_ets_proofOfOrigin */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1811] OBJ_id_smime_cti_ets_proofOfReceipt */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1822] OBJ_id_smime_cti_ets_proofOfDelivery */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1833] OBJ_id_smime_cti_ets_proofOfSender */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1844] OBJ_id_smime_cti_ets_proofOfApproval */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1855] OBJ_id_smime_cti_ets_proofOfCreation */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1866] OBJ_md4 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1874] OBJ_id_pkix_mod */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1881] OBJ_id_qt */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1888] OBJ_id_it */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1895] OBJ_id_pkip */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1902] OBJ_id_alg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1909] OBJ_id_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1916] OBJ_id_on */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1923] OBJ_id_pda */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1930] OBJ_id_aca */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1937] OBJ_id_qcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1944] OBJ_id_cct */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1951] OBJ_id_pkix1_explicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1959] OBJ_id_pkix1_implicit_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1967] OBJ_id_pkix1_explicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1975] OBJ_id_pkix1_implicit_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1983] OBJ_id_mod_crmf */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1991] OBJ_id_mod_cmc */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [1999] OBJ_id_mod_kea_profile_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2007] OBJ_id_mod_kea_profile_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2015] OBJ_id_mod_cmp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2023] OBJ_id_mod_qualified_cert_88 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2031] OBJ_id_mod_qualified_cert_93 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2039] OBJ_id_mod_attribute_cert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2047] OBJ_id_mod_timestamp_protocol */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2055] OBJ_id_mod_ocsp */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2063] OBJ_id_mod_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2071] OBJ_id_mod_cmp2000 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2079] OBJ_biometricInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2087] OBJ_qcStatements */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2095] OBJ_ac_auditEntity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2103] OBJ_ac_targeting */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2111] OBJ_aaControls */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2119] OBJ_sbgp_ipAddrBlock */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2127] OBJ_sbgp_autonomousSysNum */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2135] OBJ_sbgp_routerIdentifier */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2143] OBJ_textNotice */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2151] OBJ_ipsecEndSystem */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2159] OBJ_ipsecTunnel */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2167] OBJ_ipsecUser */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2175] OBJ_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2183] OBJ_id_it_caProtEncCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2191] OBJ_id_it_signKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2199] OBJ_id_it_encKeyPairTypes */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2207] OBJ_id_it_preferredSymmAlg */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2215] OBJ_id_it_caKeyUpdateInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2223] OBJ_id_it_currentCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2231] OBJ_id_it_unsupportedOIDs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2239] OBJ_id_it_subscriptionRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2247] OBJ_id_it_subscriptionResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2255] OBJ_id_it_keyPairParamReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2263] OBJ_id_it_keyPairParamRep */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2271] OBJ_id_it_revPassphrase */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2279] OBJ_id_it_implicitConfirm */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2287] OBJ_id_it_confirmWaitTime */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2295] OBJ_id_it_origPKIMessage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2303] OBJ_id_regCtrl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2311] OBJ_id_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2319] OBJ_id_regCtrl_regToken */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2328] OBJ_id_regCtrl_authenticator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2337] OBJ_id_regCtrl_pkiPublicationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2346] OBJ_id_regCtrl_pkiArchiveOptions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2355] OBJ_id_regCtrl_oldCertID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2364] OBJ_id_regCtrl_protocolEncrKey */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2373] OBJ_id_regInfo_utf8Pairs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2382] OBJ_id_regInfo_certReq */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2391] OBJ_id_alg_des40 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2399] OBJ_id_alg_noSignature */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2407] OBJ_id_alg_dh_sig_hmac_sha1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2415] OBJ_id_alg_dh_pop */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2423] OBJ_id_cmc_statusInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2431] OBJ_id_cmc_identification */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2439] OBJ_id_cmc_identityProof */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2447] OBJ_id_cmc_dataReturn */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2455] OBJ_id_cmc_transactionId */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2463] OBJ_id_cmc_senderNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2471] OBJ_id_cmc_recipientNonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2479] OBJ_id_cmc_addExtensions */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2487] OBJ_id_cmc_encryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2495] OBJ_id_cmc_decryptedPOP */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2503] OBJ_id_cmc_lraPOPWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2511] OBJ_id_cmc_getCert */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2519] OBJ_id_cmc_getCRL */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2527] OBJ_id_cmc_revokeRequest */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2535] OBJ_id_cmc_regInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2543] OBJ_id_cmc_responseInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2551] OBJ_id_cmc_queryPending */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2559] OBJ_id_cmc_popLinkRandom */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2567] OBJ_id_cmc_popLinkWitness */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2575] OBJ_id_cmc_confirmCertAcceptance */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2583] OBJ_id_on_personalData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2591] OBJ_id_pda_dateOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2599] OBJ_id_pda_placeOfBirth */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2607] OBJ_id_pda_gender */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2615] OBJ_id_pda_countryOfCitizenship */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2623] OBJ_id_pda_countryOfResidence */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2631] OBJ_id_aca_authenticationInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2639] OBJ_id_aca_accessIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2647] OBJ_id_aca_chargingIdentity */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2655] OBJ_id_aca_group */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2663] OBJ_id_aca_role */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2671] OBJ_id_qcs_pkixQCSyntax_v1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2679] OBJ_id_cct_crs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2687] OBJ_id_cct_PKIData */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2695] OBJ_id_cct_PKIResponse */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2703] OBJ_ad_timeStamping */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2711] OBJ_ad_dvcs */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2719] OBJ_id_pkix_OCSP_basic */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2728] OBJ_id_pkix_OCSP_Nonce */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2737] OBJ_id_pkix_OCSP_CrlID */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2746] OBJ_id_pkix_OCSP_acceptableResponses */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2755] OBJ_id_pkix_OCSP_noCheck */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2764] OBJ_id_pkix_OCSP_archiveCutoff */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2773] OBJ_id_pkix_OCSP_serviceLocator */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2782] OBJ_id_pkix_OCSP_extendedStatus */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2791] OBJ_id_pkix_OCSP_valid */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2800] OBJ_id_pkix_OCSP_path */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2809] OBJ_id_pkix_OCSP_trustRoot */ +0x2B,0x0E,0x03,0x02, /* [2818] OBJ_algorithm */ +0x2B,0x0E,0x03,0x02,0x0B, /* [2822] OBJ_rsaSignature */ +0x55,0x08, /* [2827] OBJ_X500algorithms */ +0x2B, /* [2829] OBJ_org */ +0x2B,0x06, /* [2830] OBJ_dod */ +0x2B,0x06,0x01, /* [2832] OBJ_iana */ +0x2B,0x06,0x01,0x01, /* [2835] OBJ_Directory */ +0x2B,0x06,0x01,0x02, /* [2839] OBJ_Management */ +0x2B,0x06,0x01,0x03, /* [2843] OBJ_Experimental */ +0x2B,0x06,0x01,0x04, /* [2847] OBJ_Private */ +0x2B,0x06,0x01,0x05, /* [2851] OBJ_Security */ +0x2B,0x06,0x01,0x06, /* [2855] OBJ_SNMPv2 */ +0x2B,0x06,0x01,0x07, /* [2859] OBJ_Mail */ +0x2B,0x06,0x01,0x04,0x01, /* [2863] OBJ_Enterprises */ +0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2868] OBJ_dcObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2877] OBJ_domainComponent */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2887] OBJ_Domain */ +0x55,0x01,0x05, /* [2897] OBJ_selected_attribute_types */ +0x55,0x01,0x05,0x37, /* [2900] OBJ_clearance */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2904] OBJ_md4WithRSAEncryption */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2913] OBJ_ac_proxying */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2921] OBJ_sinfo_access */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2929] OBJ_id_aca_encAttrs */ +0x55,0x04,0x48, /* [2937] OBJ_role */ +0x55,0x1D,0x24, /* [2940] OBJ_policy_constraints */ +0x55,0x1D,0x37, /* [2943] OBJ_target_information */ +0x55,0x1D,0x38, /* [2946] OBJ_no_rev_avail */ +0x2A,0x86,0x48,0xCE,0x3D, /* [2949] OBJ_ansi_X9_62 */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2954] OBJ_X9_62_prime_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2961] OBJ_X9_62_characteristic_two_field */ +0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2968] OBJ_X9_62_id_ecPublicKey */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2975] OBJ_X9_62_prime192v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2983] OBJ_X9_62_prime192v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2991] OBJ_X9_62_prime192v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [2999] OBJ_X9_62_prime239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3007] OBJ_X9_62_prime239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3015] OBJ_X9_62_prime239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3023] OBJ_X9_62_prime256v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3031] OBJ_ecdsa_with_SHA1 */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3038] OBJ_ms_csp_name */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3047] OBJ_aes_128_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3056] OBJ_aes_128_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3065] OBJ_aes_128_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3074] OBJ_aes_128_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3083] OBJ_aes_192_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3092] OBJ_aes_192_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3101] OBJ_aes_192_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3110] OBJ_aes_192_cfb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3119] OBJ_aes_256_ecb */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3128] OBJ_aes_256_cbc */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3137] OBJ_aes_256_ofb128 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3146] OBJ_aes_256_cfb128 */ +0x55,0x1D,0x17, /* [3155] OBJ_hold_instruction_code */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3158] OBJ_hold_instruction_none */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3165] OBJ_hold_instruction_call_issuer */ +0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3172] OBJ_hold_instruction_reject */ +0x09, /* [3179] OBJ_data */ +0x09,0x92,0x26, /* [3180] OBJ_pss */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3183] OBJ_ucl */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3190] OBJ_pilot */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3198] OBJ_pilotAttributeType */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3207] OBJ_pilotAttributeSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3216] OBJ_pilotObjectClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3225] OBJ_pilotGroups */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3234] OBJ_iA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3244] OBJ_caseIgnoreIA5StringSyntax */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3254] OBJ_pilotObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3264] OBJ_pilotPerson */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3274] OBJ_account */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3284] OBJ_document */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3294] OBJ_room */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3304] OBJ_documentSeries */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3314] OBJ_rFC822localPart */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3324] OBJ_dNSDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3334] OBJ_domainRelatedObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3344] OBJ_friendlyCountry */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3354] OBJ_simpleSecurityObject */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3364] OBJ_pilotOrganization */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3374] OBJ_pilotDSA */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3384] OBJ_qualityLabelledData */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3394] OBJ_userId */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3404] OBJ_textEncodedORAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3414] OBJ_rfc822Mailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3424] OBJ_info */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3434] OBJ_favouriteDrink */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3444] OBJ_roomNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3454] OBJ_photo */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3464] OBJ_userClass */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3474] OBJ_host */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3484] OBJ_manager */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3494] OBJ_documentIdentifier */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3504] OBJ_documentTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3514] OBJ_documentVersion */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3524] OBJ_documentAuthor */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3534] OBJ_documentLocation */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3544] OBJ_homeTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3554] OBJ_secretary */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3564] OBJ_otherMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3574] OBJ_lastModifiedTime */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3584] OBJ_lastModifiedBy */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3594] OBJ_aRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3604] OBJ_pilotAttributeType27 */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3614] OBJ_mXRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3624] OBJ_nSRecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3634] OBJ_sOARecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3644] OBJ_cNAMERecord */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3654] OBJ_associatedDomain */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3664] OBJ_associatedName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3674] OBJ_homePostalAddress */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3684] OBJ_personalTitle */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3694] OBJ_mobileTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3704] OBJ_pagerTelephoneNumber */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3714] OBJ_friendlyCountryName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3724] OBJ_organizationalStatus */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3734] OBJ_janetMailbox */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3744] OBJ_mailPreferenceOption */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3754] OBJ_buildingName */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3764] OBJ_dSAQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3774] OBJ_singleLevelQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3784] OBJ_subtreeMinimumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3794] OBJ_subtreeMaximumQuality */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3804] OBJ_personalSignature */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3814] OBJ_dITRedirect */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3824] OBJ_audio */ +0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3834] OBJ_documentPublisher */ +0x55,0x04,0x2D, /* [3844] OBJ_x500UniqueIdentifier */ +0x2B,0x06,0x01,0x07,0x01, /* [3847] OBJ_mime_mhs */ +0x2B,0x06,0x01,0x07,0x01,0x01, /* [3852] OBJ_mime_mhs_headings */ +0x2B,0x06,0x01,0x07,0x01,0x02, /* [3858] OBJ_mime_mhs_bodies */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3864] OBJ_id_hex_partial_message */ +0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3871] OBJ_id_hex_multipart_message */ +0x55,0x04,0x2C, /* [3878] OBJ_generationQualifier */ +0x55,0x04,0x41, /* [3881] OBJ_pseudonym */ +0x67,0x2A, /* [3884] OBJ_id_set */ +0x67,0x2A,0x00, /* [3886] OBJ_set_ctype */ +0x67,0x2A,0x01, /* [3889] OBJ_set_msgExt */ +0x67,0x2A,0x03, /* [3892] OBJ_set_attr */ +0x67,0x2A,0x05, /* [3895] OBJ_set_policy */ +0x67,0x2A,0x07, /* [3898] OBJ_set_certExt */ +0x67,0x2A,0x08, /* [3901] OBJ_set_brand */ +0x67,0x2A,0x00,0x00, /* [3904] OBJ_setct_PANData */ +0x67,0x2A,0x00,0x01, /* [3908] OBJ_setct_PANToken */ +0x67,0x2A,0x00,0x02, /* [3912] OBJ_setct_PANOnly */ +0x67,0x2A,0x00,0x03, /* [3916] OBJ_setct_OIData */ +0x67,0x2A,0x00,0x04, /* [3920] OBJ_setct_PI */ +0x67,0x2A,0x00,0x05, /* [3924] OBJ_setct_PIData */ +0x67,0x2A,0x00,0x06, /* [3928] OBJ_setct_PIDataUnsigned */ +0x67,0x2A,0x00,0x07, /* [3932] OBJ_setct_HODInput */ +0x67,0x2A,0x00,0x08, /* [3936] OBJ_setct_AuthResBaggage */ +0x67,0x2A,0x00,0x09, /* [3940] OBJ_setct_AuthRevReqBaggage */ +0x67,0x2A,0x00,0x0A, /* [3944] OBJ_setct_AuthRevResBaggage */ +0x67,0x2A,0x00,0x0B, /* [3948] OBJ_setct_CapTokenSeq */ +0x67,0x2A,0x00,0x0C, /* [3952] OBJ_setct_PInitResData */ +0x67,0x2A,0x00,0x0D, /* [3956] OBJ_setct_PI_TBS */ +0x67,0x2A,0x00,0x0E, /* [3960] OBJ_setct_PResData */ +0x67,0x2A,0x00,0x10, /* [3964] OBJ_setct_AuthReqTBS */ +0x67,0x2A,0x00,0x11, /* [3968] OBJ_setct_AuthResTBS */ +0x67,0x2A,0x00,0x12, /* [3972] OBJ_setct_AuthResTBSX */ +0x67,0x2A,0x00,0x13, /* [3976] OBJ_setct_AuthTokenTBS */ +0x67,0x2A,0x00,0x14, /* [3980] OBJ_setct_CapTokenData */ +0x67,0x2A,0x00,0x15, /* [3984] OBJ_setct_CapTokenTBS */ +0x67,0x2A,0x00,0x16, /* [3988] OBJ_setct_AcqCardCodeMsg */ +0x67,0x2A,0x00,0x17, /* [3992] OBJ_setct_AuthRevReqTBS */ +0x67,0x2A,0x00,0x18, /* [3996] OBJ_setct_AuthRevResData */ +0x67,0x2A,0x00,0x19, /* [4000] OBJ_setct_AuthRevResTBS */ +0x67,0x2A,0x00,0x1A, /* [4004] OBJ_setct_CapReqTBS */ +0x67,0x2A,0x00,0x1B, /* [4008] OBJ_setct_CapReqTBSX */ +0x67,0x2A,0x00,0x1C, /* [4012] OBJ_setct_CapResData */ +0x67,0x2A,0x00,0x1D, /* [4016] OBJ_setct_CapRevReqTBS */ +0x67,0x2A,0x00,0x1E, /* [4020] OBJ_setct_CapRevReqTBSX */ +0x67,0x2A,0x00,0x1F, /* [4024] OBJ_setct_CapRevResData */ +0x67,0x2A,0x00,0x20, /* [4028] OBJ_setct_CredReqTBS */ +0x67,0x2A,0x00,0x21, /* [4032] OBJ_setct_CredReqTBSX */ +0x67,0x2A,0x00,0x22, /* [4036] OBJ_setct_CredResData */ +0x67,0x2A,0x00,0x23, /* [4040] OBJ_setct_CredRevReqTBS */ +0x67,0x2A,0x00,0x24, /* [4044] OBJ_setct_CredRevReqTBSX */ +0x67,0x2A,0x00,0x25, /* [4048] OBJ_setct_CredRevResData */ +0x67,0x2A,0x00,0x26, /* [4052] OBJ_setct_PCertReqData */ +0x67,0x2A,0x00,0x27, /* [4056] OBJ_setct_PCertResTBS */ +0x67,0x2A,0x00,0x28, /* [4060] OBJ_setct_BatchAdminReqData */ +0x67,0x2A,0x00,0x29, /* [4064] OBJ_setct_BatchAdminResData */ +0x67,0x2A,0x00,0x2A, /* [4068] OBJ_setct_CardCInitResTBS */ +0x67,0x2A,0x00,0x2B, /* [4072] OBJ_setct_MeAqCInitResTBS */ +0x67,0x2A,0x00,0x2C, /* [4076] OBJ_setct_RegFormResTBS */ +0x67,0x2A,0x00,0x2D, /* [4080] OBJ_setct_CertReqData */ +0x67,0x2A,0x00,0x2E, /* [4084] OBJ_setct_CertReqTBS */ +0x67,0x2A,0x00,0x2F, /* [4088] OBJ_setct_CertResData */ +0x67,0x2A,0x00,0x30, /* [4092] OBJ_setct_CertInqReqTBS */ +0x67,0x2A,0x00,0x31, /* [4096] OBJ_setct_ErrorTBS */ +0x67,0x2A,0x00,0x32, /* [4100] OBJ_setct_PIDualSignedTBE */ +0x67,0x2A,0x00,0x33, /* [4104] OBJ_setct_PIUnsignedTBE */ +0x67,0x2A,0x00,0x34, /* [4108] OBJ_setct_AuthReqTBE */ +0x67,0x2A,0x00,0x35, /* [4112] OBJ_setct_AuthResTBE */ +0x67,0x2A,0x00,0x36, /* [4116] OBJ_setct_AuthResTBEX */ +0x67,0x2A,0x00,0x37, /* [4120] OBJ_setct_AuthTokenTBE */ +0x67,0x2A,0x00,0x38, /* [4124] OBJ_setct_CapTokenTBE */ +0x67,0x2A,0x00,0x39, /* [4128] OBJ_setct_CapTokenTBEX */ +0x67,0x2A,0x00,0x3A, /* [4132] OBJ_setct_AcqCardCodeMsgTBE */ +0x67,0x2A,0x00,0x3B, /* [4136] OBJ_setct_AuthRevReqTBE */ +0x67,0x2A,0x00,0x3C, /* [4140] OBJ_setct_AuthRevResTBE */ +0x67,0x2A,0x00,0x3D, /* [4144] OBJ_setct_AuthRevResTBEB */ +0x67,0x2A,0x00,0x3E, /* [4148] OBJ_setct_CapReqTBE */ +0x67,0x2A,0x00,0x3F, /* [4152] OBJ_setct_CapReqTBEX */ +0x67,0x2A,0x00,0x40, /* [4156] OBJ_setct_CapResTBE */ +0x67,0x2A,0x00,0x41, /* [4160] OBJ_setct_CapRevReqTBE */ +0x67,0x2A,0x00,0x42, /* [4164] OBJ_setct_CapRevReqTBEX */ +0x67,0x2A,0x00,0x43, /* [4168] OBJ_setct_CapRevResTBE */ +0x67,0x2A,0x00,0x44, /* [4172] OBJ_setct_CredReqTBE */ +0x67,0x2A,0x00,0x45, /* [4176] OBJ_setct_CredReqTBEX */ +0x67,0x2A,0x00,0x46, /* [4180] OBJ_setct_CredResTBE */ +0x67,0x2A,0x00,0x47, /* [4184] OBJ_setct_CredRevReqTBE */ +0x67,0x2A,0x00,0x48, /* [4188] OBJ_setct_CredRevReqTBEX */ +0x67,0x2A,0x00,0x49, /* [4192] OBJ_setct_CredRevResTBE */ +0x67,0x2A,0x00,0x4A, /* [4196] OBJ_setct_BatchAdminReqTBE */ +0x67,0x2A,0x00,0x4B, /* [4200] OBJ_setct_BatchAdminResTBE */ +0x67,0x2A,0x00,0x4C, /* [4204] OBJ_setct_RegFormReqTBE */ +0x67,0x2A,0x00,0x4D, /* [4208] OBJ_setct_CertReqTBE */ +0x67,0x2A,0x00,0x4E, /* [4212] OBJ_setct_CertReqTBEX */ +0x67,0x2A,0x00,0x4F, /* [4216] OBJ_setct_CertResTBE */ +0x67,0x2A,0x00,0x50, /* [4220] OBJ_setct_CRLNotificationTBS */ +0x67,0x2A,0x00,0x51, /* [4224] OBJ_setct_CRLNotificationResTBS */ +0x67,0x2A,0x00,0x52, /* [4228] OBJ_setct_BCIDistributionTBS */ +0x67,0x2A,0x01,0x01, /* [4232] OBJ_setext_genCrypt */ +0x67,0x2A,0x01,0x03, /* [4236] OBJ_setext_miAuth */ +0x67,0x2A,0x01,0x04, /* [4240] OBJ_setext_pinSecure */ +0x67,0x2A,0x01,0x05, /* [4244] OBJ_setext_pinAny */ +0x67,0x2A,0x01,0x07, /* [4248] OBJ_setext_track2 */ +0x67,0x2A,0x01,0x08, /* [4252] OBJ_setext_cv */ +0x67,0x2A,0x05,0x00, /* [4256] OBJ_set_policy_root */ +0x67,0x2A,0x07,0x00, /* [4260] OBJ_setCext_hashedRoot */ +0x67,0x2A,0x07,0x01, /* [4264] OBJ_setCext_certType */ +0x67,0x2A,0x07,0x02, /* [4268] OBJ_setCext_merchData */ +0x67,0x2A,0x07,0x03, /* [4272] OBJ_setCext_cCertRequired */ +0x67,0x2A,0x07,0x04, /* [4276] OBJ_setCext_tunneling */ +0x67,0x2A,0x07,0x05, /* [4280] OBJ_setCext_setExt */ +0x67,0x2A,0x07,0x06, /* [4284] OBJ_setCext_setQualf */ +0x67,0x2A,0x07,0x07, /* [4288] OBJ_setCext_PGWYcapabilities */ +0x67,0x2A,0x07,0x08, /* [4292] OBJ_setCext_TokenIdentifier */ +0x67,0x2A,0x07,0x09, /* [4296] OBJ_setCext_Track2Data */ +0x67,0x2A,0x07,0x0A, /* [4300] OBJ_setCext_TokenType */ +0x67,0x2A,0x07,0x0B, /* [4304] OBJ_setCext_IssuerCapabilities */ +0x67,0x2A,0x03,0x00, /* [4308] OBJ_setAttr_Cert */ +0x67,0x2A,0x03,0x01, /* [4312] OBJ_setAttr_PGWYcap */ +0x67,0x2A,0x03,0x02, /* [4316] OBJ_setAttr_TokenType */ +0x67,0x2A,0x03,0x03, /* [4320] OBJ_setAttr_IssCap */ +0x67,0x2A,0x03,0x00,0x00, /* [4324] OBJ_set_rootKeyThumb */ +0x67,0x2A,0x03,0x00,0x01, /* [4329] OBJ_set_addPolicy */ +0x67,0x2A,0x03,0x02,0x01, /* [4334] OBJ_setAttr_Token_EMV */ +0x67,0x2A,0x03,0x02,0x02, /* [4339] OBJ_setAttr_Token_B0Prime */ +0x67,0x2A,0x03,0x03,0x03, /* [4344] OBJ_setAttr_IssCap_CVM */ +0x67,0x2A,0x03,0x03,0x04, /* [4349] OBJ_setAttr_IssCap_T2 */ +0x67,0x2A,0x03,0x03,0x05, /* [4354] OBJ_setAttr_IssCap_Sig */ +0x67,0x2A,0x03,0x03,0x03,0x01, /* [4359] OBJ_setAttr_GenCryptgrm */ +0x67,0x2A,0x03,0x03,0x04,0x01, /* [4365] OBJ_setAttr_T2Enc */ +0x67,0x2A,0x03,0x03,0x04,0x02, /* [4371] OBJ_setAttr_T2cleartxt */ +0x67,0x2A,0x03,0x03,0x05,0x01, /* [4377] OBJ_setAttr_TokICCsig */ +0x67,0x2A,0x03,0x03,0x05,0x02, /* [4383] OBJ_setAttr_SecDevSig */ +0x67,0x2A,0x08,0x01, /* [4389] OBJ_set_brand_IATA_ATA */ +0x67,0x2A,0x08,0x1E, /* [4393] OBJ_set_brand_Diners */ +0x67,0x2A,0x08,0x22, /* [4397] OBJ_set_brand_AmericanExpress */ +0x67,0x2A,0x08,0x23, /* [4401] OBJ_set_brand_JCB */ +0x67,0x2A,0x08,0x04, /* [4405] OBJ_set_brand_Visa */ +0x67,0x2A,0x08,0x05, /* [4409] OBJ_set_brand_MasterCard */ +0x67,0x2A,0x08,0xAE,0x7B, /* [4413] OBJ_set_brand_Novus */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4418] OBJ_des_cdmf */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4426] OBJ_rsaOAEPEncryptionSET */ +0x67, /* [4435] OBJ_international_organizations */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4436] OBJ_ms_smartcard_login */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4446] OBJ_ms_upn */ +0x55,0x04,0x09, /* [4456] OBJ_streetAddress */ +0x55,0x04,0x11, /* [4459] OBJ_postalCode */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4462] OBJ_id_ppl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4469] OBJ_proxyCertInfo */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4477] OBJ_id_ppl_anyLanguage */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4485] OBJ_id_ppl_inheritAll */ +0x55,0x1D,0x1E, /* [4493] OBJ_name_constraints */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4496] OBJ_Independent */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4504] OBJ_sha256WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4513] OBJ_sha384WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4522] OBJ_sha512WithRSAEncryption */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4531] OBJ_sha224WithRSAEncryption */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4540] OBJ_sha256 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4549] OBJ_sha384 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4558] OBJ_sha512 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4567] OBJ_sha224 */ +0x2B, /* [4576] OBJ_identified_organization */ +0x2B,0x81,0x04, /* [4577] OBJ_certicom_arc */ +0x67,0x2B, /* [4580] OBJ_wap */ +0x67,0x2B,0x01, /* [4582] OBJ_wap_wsg */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4585] OBJ_X9_62_id_characteristic_two_basis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4593] OBJ_X9_62_onBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4602] OBJ_X9_62_tpBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4611] OBJ_X9_62_ppBasis */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4620] OBJ_X9_62_c2pnb163v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4628] OBJ_X9_62_c2pnb163v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4636] OBJ_X9_62_c2pnb163v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4644] OBJ_X9_62_c2pnb176v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4652] OBJ_X9_62_c2tnb191v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4660] OBJ_X9_62_c2tnb191v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4668] OBJ_X9_62_c2tnb191v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4676] OBJ_X9_62_c2onb191v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4684] OBJ_X9_62_c2onb191v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4692] OBJ_X9_62_c2pnb208w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4700] OBJ_X9_62_c2tnb239v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4708] OBJ_X9_62_c2tnb239v2 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4716] OBJ_X9_62_c2tnb239v3 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4724] OBJ_X9_62_c2onb239v4 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4732] OBJ_X9_62_c2onb239v5 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4740] OBJ_X9_62_c2pnb272w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4748] OBJ_X9_62_c2pnb304w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4756] OBJ_X9_62_c2tnb359v1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4764] OBJ_X9_62_c2pnb368w1 */ +0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4772] OBJ_X9_62_c2tnb431r1 */ +0x2B,0x81,0x04,0x00,0x06, /* [4780] OBJ_secp112r1 */ +0x2B,0x81,0x04,0x00,0x07, /* [4785] OBJ_secp112r2 */ +0x2B,0x81,0x04,0x00,0x1C, /* [4790] OBJ_secp128r1 */ +0x2B,0x81,0x04,0x00,0x1D, /* [4795] OBJ_secp128r2 */ +0x2B,0x81,0x04,0x00,0x09, /* [4800] OBJ_secp160k1 */ +0x2B,0x81,0x04,0x00,0x08, /* [4805] OBJ_secp160r1 */ +0x2B,0x81,0x04,0x00,0x1E, /* [4810] OBJ_secp160r2 */ +0x2B,0x81,0x04,0x00,0x1F, /* [4815] OBJ_secp192k1 */ +0x2B,0x81,0x04,0x00,0x20, /* [4820] OBJ_secp224k1 */ +0x2B,0x81,0x04,0x00,0x21, /* [4825] OBJ_secp224r1 */ +0x2B,0x81,0x04,0x00,0x0A, /* [4830] OBJ_secp256k1 */ +0x2B,0x81,0x04,0x00,0x22, /* [4835] OBJ_secp384r1 */ +0x2B,0x81,0x04,0x00,0x23, /* [4840] OBJ_secp521r1 */ +0x2B,0x81,0x04,0x00,0x04, /* [4845] OBJ_sect113r1 */ +0x2B,0x81,0x04,0x00,0x05, /* [4850] OBJ_sect113r2 */ +0x2B,0x81,0x04,0x00,0x16, /* [4855] OBJ_sect131r1 */ +0x2B,0x81,0x04,0x00,0x17, /* [4860] OBJ_sect131r2 */ +0x2B,0x81,0x04,0x00,0x01, /* [4865] OBJ_sect163k1 */ +0x2B,0x81,0x04,0x00,0x02, /* [4870] OBJ_sect163r1 */ +0x2B,0x81,0x04,0x00,0x0F, /* [4875] OBJ_sect163r2 */ +0x2B,0x81,0x04,0x00,0x18, /* [4880] OBJ_sect193r1 */ +0x2B,0x81,0x04,0x00,0x19, /* [4885] OBJ_sect193r2 */ +0x2B,0x81,0x04,0x00,0x1A, /* [4890] OBJ_sect233k1 */ +0x2B,0x81,0x04,0x00,0x1B, /* [4895] OBJ_sect233r1 */ +0x2B,0x81,0x04,0x00,0x03, /* [4900] OBJ_sect239k1 */ +0x2B,0x81,0x04,0x00,0x10, /* [4905] OBJ_sect283k1 */ +0x2B,0x81,0x04,0x00,0x11, /* [4910] OBJ_sect283r1 */ +0x2B,0x81,0x04,0x00,0x24, /* [4915] OBJ_sect409k1 */ +0x2B,0x81,0x04,0x00,0x25, /* [4920] OBJ_sect409r1 */ +0x2B,0x81,0x04,0x00,0x26, /* [4925] OBJ_sect571k1 */ +0x2B,0x81,0x04,0x00,0x27, /* [4930] OBJ_sect571r1 */ +0x67,0x2B,0x01,0x04,0x01, /* [4935] OBJ_wap_wsg_idm_ecid_wtls1 */ +0x67,0x2B,0x01,0x04,0x03, /* [4940] OBJ_wap_wsg_idm_ecid_wtls3 */ +0x67,0x2B,0x01,0x04,0x04, /* [4945] OBJ_wap_wsg_idm_ecid_wtls4 */ +0x67,0x2B,0x01,0x04,0x05, /* [4950] OBJ_wap_wsg_idm_ecid_wtls5 */ +0x67,0x2B,0x01,0x04,0x06, /* [4955] OBJ_wap_wsg_idm_ecid_wtls6 */ +0x67,0x2B,0x01,0x04,0x07, /* [4960] OBJ_wap_wsg_idm_ecid_wtls7 */ +0x67,0x2B,0x01,0x04,0x08, /* [4965] OBJ_wap_wsg_idm_ecid_wtls8 */ +0x67,0x2B,0x01,0x04,0x09, /* [4970] OBJ_wap_wsg_idm_ecid_wtls9 */ +0x67,0x2B,0x01,0x04,0x0A, /* [4975] OBJ_wap_wsg_idm_ecid_wtls10 */ +0x67,0x2B,0x01,0x04,0x0B, /* [4980] OBJ_wap_wsg_idm_ecid_wtls11 */ +0x67,0x2B,0x01,0x04,0x0C, /* [4985] OBJ_wap_wsg_idm_ecid_wtls12 */ +0x55,0x1D,0x20,0x00, /* [4990] OBJ_any_policy */ +0x55,0x1D,0x21, /* [4994] OBJ_policy_mappings */ +0x55,0x1D,0x36, /* [4997] OBJ_inhibit_any_policy */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5000] OBJ_camellia_128_cbc */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5011] OBJ_camellia_192_cbc */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5022] OBJ_camellia_256_cbc */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5033] OBJ_camellia_128_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5041] OBJ_camellia_192_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5049] OBJ_camellia_256_ecb */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5057] OBJ_camellia_128_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5065] OBJ_camellia_192_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5073] OBJ_camellia_256_cfb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5081] OBJ_camellia_128_ofb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5089] OBJ_camellia_192_ofb128 */ +0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5097] OBJ_camellia_256_ofb128 */ +0x55,0x1D,0x09, /* [5105] OBJ_subject_directory_attributes */ +0x55,0x1D,0x1C, /* [5108] OBJ_issuing_distribution_point */ +0x55,0x1D,0x1D, /* [5111] OBJ_certificate_issuer */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5114] OBJ_kisa */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5120] OBJ_seed_ecb */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5128] OBJ_seed_cbc */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5136] OBJ_seed_ofb128 */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5144] OBJ_seed_cfb128 */ +0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5152] OBJ_hmac_md5 */ +0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5160] OBJ_hmac_sha1 */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5168] OBJ_id_PasswordBasedMAC */ +0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5177] OBJ_id_DHBasedMac */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5186] OBJ_id_it_suppLangTags */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5194] OBJ_caRepository */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5202] OBJ_id_smime_ct_compressedData */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5213] OBJ_id_ct_asciiTextWithCRLF */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5224] OBJ_id_aes128_wrap */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5233] OBJ_id_aes192_wrap */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5242] OBJ_id_aes256_wrap */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5251] OBJ_ecdsa_with_Recommended */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5258] OBJ_ecdsa_with_Specified */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5265] OBJ_ecdsa_with_SHA224 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5273] OBJ_ecdsa_with_SHA256 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5281] OBJ_ecdsa_with_SHA384 */ +0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5289] OBJ_ecdsa_with_SHA512 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06, /* [5297] OBJ_hmacWithMD5 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08, /* [5305] OBJ_hmacWithSHA224 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09, /* [5313] OBJ_hmacWithSHA256 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A, /* [5321] OBJ_hmacWithSHA384 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B, /* [5329] OBJ_hmacWithSHA512 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5337] OBJ_dsa_with_SHA224 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5346] OBJ_dsa_with_SHA256 */ +0x28,0xCF,0x06,0x03,0x00,0x37, /* [5355] OBJ_whirlpool */ +0x2A,0x85,0x03,0x02,0x02, /* [5361] OBJ_cryptopro */ +0x2A,0x85,0x03,0x02,0x09, /* [5366] OBJ_cryptocom */ +0x2A,0x85,0x03,0x02,0x02,0x03, /* [5371] OBJ_id_GostR3411_94_with_GostR3410_2001 */ +0x2A,0x85,0x03,0x02,0x02,0x04, /* [5377] OBJ_id_GostR3411_94_with_GostR3410_94 */ +0x2A,0x85,0x03,0x02,0x02,0x09, /* [5383] OBJ_id_GostR3411_94 */ +0x2A,0x85,0x03,0x02,0x02,0x0A, /* [5389] OBJ_id_HMACGostR3411_94 */ +0x2A,0x85,0x03,0x02,0x02,0x13, /* [5395] OBJ_id_GostR3410_2001 */ +0x2A,0x85,0x03,0x02,0x02,0x14, /* [5401] OBJ_id_GostR3410_94 */ +0x2A,0x85,0x03,0x02,0x02,0x15, /* [5407] OBJ_id_Gost28147_89 */ +0x2A,0x85,0x03,0x02,0x02,0x16, /* [5413] OBJ_id_Gost28147_89_MAC */ +0x2A,0x85,0x03,0x02,0x02,0x17, /* [5419] OBJ_id_GostR3411_94_prf */ +0x2A,0x85,0x03,0x02,0x02,0x62, /* [5425] OBJ_id_GostR3410_2001DH */ +0x2A,0x85,0x03,0x02,0x02,0x63, /* [5431] OBJ_id_GostR3410_94DH */ +0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5437] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */ +0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5444] OBJ_id_Gost28147_89_None_KeyMeshing */ +0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5451] OBJ_id_GostR3411_94_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5458] OBJ_id_GostR3411_94_CryptoProParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5465] OBJ_id_Gost28147_89_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5472] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5479] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5486] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5493] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5500] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5507] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5514] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5521] OBJ_id_GostR3410_94_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5528] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5535] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5542] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5549] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5556] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5563] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5570] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5577] OBJ_id_GostR3410_2001_TestParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5584] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5591] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5598] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5605] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5612] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5619] OBJ_id_GostR3410_94_a */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5626] OBJ_id_GostR3410_94_aBis */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5633] OBJ_id_GostR3410_94_b */ +0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5640] OBJ_id_GostR3410_94_bBis */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5647] OBJ_id_Gost28147_89_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5655] OBJ_id_GostR3410_94_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5663] OBJ_id_GostR3410_2001_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5671] OBJ_id_GostR3411_94_with_GostR3410_94_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5679] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */ +0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5687] OBJ_id_GostR3410_2001_ParamSet_cc */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5695] OBJ_LocalKeySet */ +0x55,0x1D,0x2E, /* [5704] OBJ_freshest_crl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5707] OBJ_id_on_permanentIdentifier */ +0x55,0x04,0x0E, /* [5715] OBJ_searchGuide */ +0x55,0x04,0x0F, /* [5718] OBJ_businessCategory */ +0x55,0x04,0x10, /* [5721] OBJ_postalAddress */ +0x55,0x04,0x12, /* [5724] OBJ_postOfficeBox */ +0x55,0x04,0x13, /* [5727] OBJ_physicalDeliveryOfficeName */ +0x55,0x04,0x14, /* [5730] OBJ_telephoneNumber */ +0x55,0x04,0x15, /* [5733] OBJ_telexNumber */ +0x55,0x04,0x16, /* [5736] OBJ_teletexTerminalIdentifier */ +0x55,0x04,0x17, /* [5739] OBJ_facsimileTelephoneNumber */ +0x55,0x04,0x18, /* [5742] OBJ_x121Address */ +0x55,0x04,0x19, /* [5745] OBJ_internationaliSDNNumber */ +0x55,0x04,0x1A, /* [5748] OBJ_registeredAddress */ +0x55,0x04,0x1B, /* [5751] OBJ_destinationIndicator */ +0x55,0x04,0x1C, /* [5754] OBJ_preferredDeliveryMethod */ +0x55,0x04,0x1D, /* [5757] OBJ_presentationAddress */ +0x55,0x04,0x1E, /* [5760] OBJ_supportedApplicationContext */ +0x55,0x04,0x1F, /* [5763] OBJ_member */ +0x55,0x04,0x20, /* [5766] OBJ_owner */ +0x55,0x04,0x21, /* [5769] OBJ_roleOccupant */ +0x55,0x04,0x22, /* [5772] OBJ_seeAlso */ +0x55,0x04,0x23, /* [5775] OBJ_userPassword */ +0x55,0x04,0x24, /* [5778] OBJ_userCertificate */ +0x55,0x04,0x25, /* [5781] OBJ_cACertificate */ +0x55,0x04,0x26, /* [5784] OBJ_authorityRevocationList */ +0x55,0x04,0x27, /* [5787] OBJ_certificateRevocationList */ +0x55,0x04,0x28, /* [5790] OBJ_crossCertificatePair */ +0x55,0x04,0x2F, /* [5793] OBJ_enhancedSearchGuide */ +0x55,0x04,0x30, /* [5796] OBJ_protocolInformation */ +0x55,0x04,0x31, /* [5799] OBJ_distinguishedName */ +0x55,0x04,0x32, /* [5802] OBJ_uniqueMember */ +0x55,0x04,0x33, /* [5805] OBJ_houseIdentifier */ +0x55,0x04,0x34, /* [5808] OBJ_supportedAlgorithms */ +0x55,0x04,0x35, /* [5811] OBJ_deltaRevocationList */ +0x55,0x04,0x36, /* [5814] OBJ_dmdName */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5817] OBJ_id_alg_PWRI_KEK */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5828] OBJ_aes_128_gcm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5837] OBJ_aes_128_ccm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5846] OBJ_id_aes128_wrap_pad */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5855] OBJ_aes_192_gcm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5864] OBJ_aes_192_ccm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5873] OBJ_id_aes192_wrap_pad */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5882] OBJ_aes_256_gcm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5891] OBJ_aes_256_ccm */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5900] OBJ_id_aes256_wrap_pad */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5909] OBJ_id_camellia128_wrap */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5920] OBJ_id_camellia192_wrap */ +0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5931] OBJ_id_camellia256_wrap */ +0x55,0x1D,0x25,0x00, /* [5942] OBJ_anyExtendedKeyUsage */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5946] OBJ_mgf1 */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5955] OBJ_rsassaPss */ +0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5964] OBJ_rsaesOaep */ }; static const ASN1_OBJECT nid_objs[NUM_NID]={ -{"UNDEF","undefined",NID_undef,1,&(lvalues[0]),0}, -{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[1]),0}, -{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[7]),0}, -{"MD2","md2",NID_md2,8,&(lvalues[14]),0}, -{"MD5","md5",NID_md5,8,&(lvalues[22]),0}, -{"RC4","rc4",NID_rc4,8,&(lvalues[30]),0}, -{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[38]),0}, +{"UNDEF","undefined",NID_undef,0,NULL,0}, +{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[0]),0}, +{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[6]),0}, +{"MD2","md2",NID_md2,8,&(lvalues[13]),0}, +{"MD5","md5",NID_md5,8,&(lvalues[21]),0}, +{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0}, +{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0}, {"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9, - &(lvalues[47]),0}, + &(lvalues[46]),0}, {"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9, - &(lvalues[56]),0}, + &(lvalues[55]),0}, {"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9, - &(lvalues[65]),0}, + &(lvalues[64]),0}, {"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9, - &(lvalues[74]),0}, -{"X500","directory services (X.500)",NID_X500,1,&(lvalues[83]),0}, -{"X509","X509",NID_X509,2,&(lvalues[84]),0}, -{"CN","commonName",NID_commonName,3,&(lvalues[86]),0}, -{"C","countryName",NID_countryName,3,&(lvalues[89]),0}, -{"L","localityName",NID_localityName,3,&(lvalues[92]),0}, -{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[95]),0}, -{"O","organizationName",NID_organizationName,3,&(lvalues[98]),0}, + &(lvalues[73]),0}, +{"X500","directory services (X.500)",NID_X500,1,&(lvalues[82]),0}, +{"X509","X509",NID_X509,2,&(lvalues[83]),0}, +{"CN","commonName",NID_commonName,3,&(lvalues[85]),0}, +{"C","countryName",NID_countryName,3,&(lvalues[88]),0}, +{"L","localityName",NID_localityName,3,&(lvalues[91]),0}, +{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0}, +{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0}, {"OU","organizationalUnitName",NID_organizationalUnitName,3, - &(lvalues[101]),0}, -{"RSA","rsa",NID_rsa,4,&(lvalues[104]),0}, -{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[108]),0}, -{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[116]),0}, + &(lvalues[100]),0}, +{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0}, +{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0}, +{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0}, {"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9, - &(lvalues[125]),0}, + &(lvalues[124]),0}, {"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9, - &(lvalues[134]),0}, + &(lvalues[133]),0}, {"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData", - NID_pkcs7_signedAndEnveloped,9,&(lvalues[143]),0}, + NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0}, {"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9, - &(lvalues[152]),0}, + &(lvalues[151]),0}, {"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9, - &(lvalues[161]),0}, -{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[170]),0}, + &(lvalues[160]),0}, +{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0}, {"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9, - &(lvalues[178]),0}, -{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[187]),0}, -{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0}, -{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0}, -{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[202]),0}, + &(lvalues[177]),0}, +{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0}, +{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0}, +{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0}, +{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[201]),0}, {"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL,0}, -{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0}, +{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[206]),0}, {"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL,0}, {"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL,0}, -{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[218]),0}, +{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[217]),0}, {"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL,0}, {"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL,0}, {"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL,0}, -{"SHA","sha",NID_sha,5,&(lvalues[226]),0}, +{"SHA","sha",NID_sha,5,&(lvalues[225]),0}, {"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5, - &(lvalues[231]),0}, + &(lvalues[230]),0}, {"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL,0}, -{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[236]),0}, -{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[244]),0}, +{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[235]),0}, +{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[243]),0}, {"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL,0}, -{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[249]),0}, +{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[248]),0}, {"emailAddress","emailAddress",NID_pkcs9_emailAddress,9, - &(lvalues[257]),0}, + &(lvalues[256]),0}, {"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9, - &(lvalues[266]),0}, -{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[275]),0}, + &(lvalues[265]),0}, +{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[274]),0}, {"messageDigest","messageDigest",NID_pkcs9_messageDigest,9, - &(lvalues[284]),0}, -{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[293]),0}, + &(lvalues[283]),0}, +{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[292]),0}, {"countersignature","countersignature",NID_pkcs9_countersignature,9, - &(lvalues[302]),0}, + &(lvalues[301]),0}, {"challengePassword","challengePassword",NID_pkcs9_challengePassword, - 9,&(lvalues[311]),0}, + 9,&(lvalues[310]),0}, {"unstructuredAddress","unstructuredAddress", - NID_pkcs9_unstructuredAddress,9,&(lvalues[320]),0}, + NID_pkcs9_unstructuredAddress,9,&(lvalues[319]),0}, {"extendedCertificateAttributes","extendedCertificateAttributes", - NID_pkcs9_extCertAttributes,9,&(lvalues[329]),0}, + NID_pkcs9_extCertAttributes,9,&(lvalues[328]),0}, {"Netscape","Netscape Communications Corp.",NID_netscape,7, - &(lvalues[338]),0}, + &(lvalues[337]),0}, {"nsCertExt","Netscape Certificate Extension", - NID_netscape_cert_extension,8,&(lvalues[345]),0}, + NID_netscape_cert_extension,8,&(lvalues[344]),0}, {"nsDataType","Netscape Data Type",NID_netscape_data_type,8, - &(lvalues[353]),0}, + &(lvalues[352]),0}, {"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL,0}, {"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL,0}, {"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL,0}, {"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL,0}, -{"SHA1","sha1",NID_sha1,5,&(lvalues[361]),0}, +{"SHA1","sha1",NID_sha1,5,&(lvalues[360]),0}, {"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9, - &(lvalues[366]),0}, -{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[375]),0}, -{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[380]),0}, + &(lvalues[365]),0}, +{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[374]),0}, +{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[379]),0}, {"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC, - 9,&(lvalues[385]),0}, -{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[394]),0}, -{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[403]),0}, + 9,&(lvalues[384]),0}, +{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[393]),0}, +{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[402]),0}, {"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9, - &(lvalues[408]),0}, + &(lvalues[407]),0}, {"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9, - &(lvalues[417]),0}, + &(lvalues[416]),0}, {"nsRevocationUrl","Netscape Revocation Url", - NID_netscape_revocation_url,9,&(lvalues[426]),0}, + NID_netscape_revocation_url,9,&(lvalues[425]),0}, {"nsCaRevocationUrl","Netscape CA Revocation Url", - NID_netscape_ca_revocation_url,9,&(lvalues[435]),0}, + NID_netscape_ca_revocation_url,9,&(lvalues[434]),0}, {"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9, - &(lvalues[444]),0}, + &(lvalues[443]),0}, {"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url, - 9,&(lvalues[453]),0}, + 9,&(lvalues[452]),0}, {"nsSslServerName","Netscape SSL Server Name", - NID_netscape_ssl_server_name,9,&(lvalues[462]),0}, -{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0}, + NID_netscape_ssl_server_name,9,&(lvalues[461]),0}, +{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[470]),0}, {"nsCertSequence","Netscape Certificate Sequence", - NID_netscape_cert_sequence,9,&(lvalues[480]),0}, + NID_netscape_cert_sequence,9,&(lvalues[479]),0}, {"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL,0}, -{"id-ce","id-ce",NID_id_ce,2,&(lvalues[489]),0}, +{"id-ce","id-ce",NID_id_ce,2,&(lvalues[488]),0}, {"subjectKeyIdentifier","X509v3 Subject Key Identifier", - NID_subject_key_identifier,3,&(lvalues[491]),0}, -{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[494]),0}, + NID_subject_key_identifier,3,&(lvalues[490]),0}, +{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[493]),0}, {"privateKeyUsagePeriod","X509v3 Private Key Usage Period", - NID_private_key_usage_period,3,&(lvalues[497]),0}, + NID_private_key_usage_period,3,&(lvalues[496]),0}, {"subjectAltName","X509v3 Subject Alternative Name", - NID_subject_alt_name,3,&(lvalues[500]),0}, + NID_subject_alt_name,3,&(lvalues[499]),0}, {"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name, - 3,&(lvalues[503]),0}, + 3,&(lvalues[502]),0}, {"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints, - 3,&(lvalues[506]),0}, -{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[509]),0}, + 3,&(lvalues[505]),0}, +{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[508]),0}, {"certificatePolicies","X509v3 Certificate Policies", - NID_certificate_policies,3,&(lvalues[512]),0}, + NID_certificate_policies,3,&(lvalues[511]),0}, {"authorityKeyIdentifier","X509v3 Authority Key Identifier", - NID_authority_key_identifier,3,&(lvalues[515]),0}, -{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[518]),0}, + NID_authority_key_identifier,3,&(lvalues[514]),0}, +{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[517]),0}, {"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL,0}, {"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL,0}, {"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL,0}, -{"MDC2","mdc2",NID_mdc2,4,&(lvalues[527]),0}, -{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0}, +{"MDC2","mdc2",NID_mdc2,4,&(lvalues[526]),0}, +{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[530]),0}, {"RC4-40","rc4-40",NID_rc4_40,0,NULL,0}, {"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL,0}, -{"GN","givenName",NID_givenName,3,&(lvalues[535]),0}, -{"SN","surname",NID_surname,3,&(lvalues[538]),0}, -{"initials","initials",NID_initials,3,&(lvalues[541]),0}, +{"GN","givenName",NID_givenName,3,&(lvalues[534]),0}, +{"SN","surname",NID_surname,3,&(lvalues[537]),0}, +{"initials","initials",NID_initials,3,&(lvalues[540]),0}, {NULL,NULL,NID_undef,0,NULL,0}, {"crlDistributionPoints","X509v3 CRL Distribution Points", - NID_crl_distribution_points,3,&(lvalues[544]),0}, -{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[547]),0}, -{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[552]),0}, -{"title","title",NID_title,3,&(lvalues[555]),0}, -{"description","description",NID_description,3,&(lvalues[558]),0}, -{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[561]),0}, + NID_crl_distribution_points,3,&(lvalues[543]),0}, +{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[546]),0}, +{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[551]),0}, +{"title","title",NID_title,3,&(lvalues[554]),0}, +{"description","description",NID_description,3,&(lvalues[557]),0}, +{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[560]),0}, {"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL,0}, {"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL,0}, {"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL,0}, {"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC", - NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[570]),0}, -{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[579]),0}, + NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[569]),0}, +{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[578]),0}, {"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL,0}, -{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[586]),0}, -{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[591]),0}, -{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[598]),0}, +{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[585]),0}, +{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[590]),0}, +{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[597]),0}, {NULL,NULL,NID_undef,0,NULL,0}, {"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6, - &(lvalues[603]),0}, -{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[609]),0}, + &(lvalues[602]),0}, +{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[608]),0}, {"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL,0}, {"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL,0}, {"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL,0}, -{"RLE","run length compression",NID_rle_compression,6,&(lvalues[617]),0}, -{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[623]),0}, +{"RLE","run length compression",NID_rle_compression,6,&(lvalues[616]),0}, +{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[622]),0}, {"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3, - &(lvalues[634]),0}, -{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[637]),0}, -{"id-kp","id-kp",NID_id_kp,7,&(lvalues[643]),0}, + &(lvalues[633]),0}, +{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[636]),0}, +{"id-kp","id-kp",NID_id_kp,7,&(lvalues[642]),0}, {"serverAuth","TLS Web Server Authentication",NID_server_auth,8, - &(lvalues[650]),0}, + &(lvalues[649]),0}, {"clientAuth","TLS Web Client Authentication",NID_client_auth,8, - &(lvalues[658]),0}, -{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[666]),0}, + &(lvalues[657]),0}, +{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[665]),0}, {"emailProtection","E-mail Protection",NID_email_protect,8, - &(lvalues[674]),0}, -{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[682]),0}, + &(lvalues[673]),0}, +{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[681]),0}, {"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10, - &(lvalues[690]),0}, + &(lvalues[689]),0}, {"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10, - &(lvalues[700]),0}, + &(lvalues[699]),0}, {"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10, - &(lvalues[710]),0}, -{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[720]),0}, + &(lvalues[709]),0}, +{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[719]),0}, {"msEFS","Microsoft Encrypted File System",NID_ms_efs,10, - &(lvalues[730]),0}, -{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[740]),0}, + &(lvalues[729]),0}, +{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[739]),0}, {"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3, - &(lvalues[749]),0}, -{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[752]),0}, + &(lvalues[748]),0}, +{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[751]),0}, {"invalidityDate","Invalidity Date",NID_invalidity_date,3, - &(lvalues[755]),0}, -{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[758]),0}, + &(lvalues[754]),0}, +{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[757]),0}, {"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4", - NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[763]),0}, + NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[762]),0}, {"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4", - NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[773]),0}, + NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[772]),0}, {"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC", - NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[783]),0}, + NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[782]),0}, {"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC", - NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[793]),0}, + NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[792]),0}, {"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC", - NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[803]),0}, + NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[802]),0}, {"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC", - NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[813]),0}, -{"keyBag","keyBag",NID_keyBag,11,&(lvalues[823]),0}, + NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[812]),0}, +{"keyBag","keyBag",NID_keyBag,11,&(lvalues[822]),0}, {"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag, - 11,&(lvalues[834]),0}, -{"certBag","certBag",NID_certBag,11,&(lvalues[845]),0}, -{"crlBag","crlBag",NID_crlBag,11,&(lvalues[856]),0}, -{"secretBag","secretBag",NID_secretBag,11,&(lvalues[867]),0}, + 11,&(lvalues[833]),0}, +{"certBag","certBag",NID_certBag,11,&(lvalues[844]),0}, +{"crlBag","crlBag",NID_crlBag,11,&(lvalues[855]),0}, +{"secretBag","secretBag",NID_secretBag,11,&(lvalues[866]),0}, {"safeContentsBag","safeContentsBag",NID_safeContentsBag,11, - &(lvalues[878]),0}, -{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[889]),0}, -{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[898]),0}, + &(lvalues[877]),0}, +{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[888]),0}, +{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[897]),0}, {"x509Certificate","x509Certificate",NID_x509Certificate,10, - &(lvalues[907]),0}, + &(lvalues[906]),0}, {"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10, - &(lvalues[917]),0}, -{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[927]),0}, -{"PBES2","PBES2",NID_pbes2,9,&(lvalues[937]),0}, -{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[946]),0}, -{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[955]),0}, -{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[963]),0}, + &(lvalues[916]),0}, +{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[926]),0}, +{"PBES2","PBES2",NID_pbes2,9,&(lvalues[936]),0}, +{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[945]),0}, +{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[954]),0}, +{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[962]),0}, {"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8, - &(lvalues[971]),0}, + &(lvalues[970]),0}, {"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL,0}, {"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9, - &(lvalues[979]),0}, + &(lvalues[978]),0}, {"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9, - &(lvalues[988]),0}, + &(lvalues[987]),0}, {"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9, - &(lvalues[997]),0}, + &(lvalues[996]),0}, {"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9, - &(lvalues[1006]),0}, + &(lvalues[1005]),0}, {"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10, - &(lvalues[1015]),0}, -{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1025]),0}, -{"name","name",NID_name,3,&(lvalues[1034]),0}, -{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1037]),0}, -{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1040]),0}, -{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1047]),0}, + &(lvalues[1014]),0}, +{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1024]),0}, +{"name","name",NID_name,3,&(lvalues[1033]),0}, +{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1036]),0}, +{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1039]),0}, +{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1046]),0}, {"authorityInfoAccess","Authority Information Access",NID_info_access, - 8,&(lvalues[1054]),0}, -{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1062]),0}, -{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1070]),0}, -{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1078]),0}, -{"ISO","iso",NID_iso,1,&(lvalues[1086]),0}, -{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1087]),0}, -{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1088]),0}, -{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1091]),0}, -{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1096]),0}, -{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1102]),0}, -{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1110]),0}, -{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1118]),0}, -{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1127]),0}, -{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1137]),0}, -{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1147]),0}, -{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1157]),0}, -{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1167]),0}, -{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1177]),0}, -{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1187]),0}, + 8,&(lvalues[1053]),0}, +{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1061]),0}, +{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1069]),0}, +{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1077]),0}, +{"ISO","iso",NID_iso,0,NULL,0}, +{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1085]),0}, +{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1086]),0}, +{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1089]),0}, +{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1094]),0}, +{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1100]),0}, +{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1108]),0}, +{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1116]),0}, +{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1125]),0}, +{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1135]),0}, +{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1145]),0}, +{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1155]),0}, +{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1165]),0}, +{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1175]),0}, +{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1185]),0}, {"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11, - &(lvalues[1197]),0}, + &(lvalues[1195]),0}, {"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11, - &(lvalues[1208]),0}, + &(lvalues[1206]),0}, {"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11, - &(lvalues[1219]),0}, + &(lvalues[1217]),0}, {"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3, - 11,&(lvalues[1230]),0}, + 11,&(lvalues[1228]),0}, {"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88", - NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1241]),0}, + NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1239]),0}, {"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97", - NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1252]),0}, + NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1250]),0}, {"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88", - NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1263]),0}, + NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1261]),0}, {"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97", - NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1274]),0}, + NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1272]),0}, {"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt, - 11,&(lvalues[1285]),0}, + 11,&(lvalues[1283]),0}, {"id-smime-ct-authData","id-smime-ct-authData", - NID_id_smime_ct_authData,11,&(lvalues[1296]),0}, + NID_id_smime_ct_authData,11,&(lvalues[1294]),0}, {"id-smime-ct-publishCert","id-smime-ct-publishCert", - NID_id_smime_ct_publishCert,11,&(lvalues[1307]),0}, + NID_id_smime_ct_publishCert,11,&(lvalues[1305]),0}, {"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo, - 11,&(lvalues[1318]),0}, + 11,&(lvalues[1316]),0}, {"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo, - 11,&(lvalues[1329]),0}, + 11,&(lvalues[1327]),0}, {"id-smime-ct-contentInfo","id-smime-ct-contentInfo", - NID_id_smime_ct_contentInfo,11,&(lvalues[1340]),0}, + NID_id_smime_ct_contentInfo,11,&(lvalues[1338]),0}, {"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData", - NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1351]),0}, + NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1349]),0}, {"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData", - NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1362]),0}, + NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1360]),0}, {"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest", - NID_id_smime_aa_receiptRequest,11,&(lvalues[1373]),0}, + NID_id_smime_aa_receiptRequest,11,&(lvalues[1371]),0}, {"id-smime-aa-securityLabel","id-smime-aa-securityLabel", - NID_id_smime_aa_securityLabel,11,&(lvalues[1384]),0}, + NID_id_smime_aa_securityLabel,11,&(lvalues[1382]),0}, {"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory", - NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1395]),0}, + NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1393]),0}, {"id-smime-aa-contentHint","id-smime-aa-contentHint", - NID_id_smime_aa_contentHint,11,&(lvalues[1406]),0}, + NID_id_smime_aa_contentHint,11,&(lvalues[1404]),0}, {"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest", - NID_id_smime_aa_msgSigDigest,11,&(lvalues[1417]),0}, + NID_id_smime_aa_msgSigDigest,11,&(lvalues[1415]),0}, {"id-smime-aa-encapContentType","id-smime-aa-encapContentType", - NID_id_smime_aa_encapContentType,11,&(lvalues[1428]),0}, + NID_id_smime_aa_encapContentType,11,&(lvalues[1426]),0}, {"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier", - NID_id_smime_aa_contentIdentifier,11,&(lvalues[1439]),0}, + NID_id_smime_aa_contentIdentifier,11,&(lvalues[1437]),0}, {"id-smime-aa-macValue","id-smime-aa-macValue", - NID_id_smime_aa_macValue,11,&(lvalues[1450]),0}, + NID_id_smime_aa_macValue,11,&(lvalues[1448]),0}, {"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels", - NID_id_smime_aa_equivalentLabels,11,&(lvalues[1461]),0}, + NID_id_smime_aa_equivalentLabels,11,&(lvalues[1459]),0}, {"id-smime-aa-contentReference","id-smime-aa-contentReference", - NID_id_smime_aa_contentReference,11,&(lvalues[1472]),0}, + NID_id_smime_aa_contentReference,11,&(lvalues[1470]),0}, {"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref", - NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1483]),0}, + NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1481]),0}, {"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate", - NID_id_smime_aa_signingCertificate,11,&(lvalues[1494]),0}, + NID_id_smime_aa_signingCertificate,11,&(lvalues[1492]),0}, {"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts", - NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1505]),0}, + NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1503]),0}, {"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken", - NID_id_smime_aa_timeStampToken,11,&(lvalues[1516]),0}, + NID_id_smime_aa_timeStampToken,11,&(lvalues[1514]),0}, {"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId", - NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1527]),0}, + NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1525]),0}, {"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType", - NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1538]),0}, + NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1536]),0}, {"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation", - NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1549]),0}, + NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1547]),0}, {"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr", - NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1560]),0}, + NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1558]),0}, {"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert", - NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1571]),0}, + NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1569]),0}, {"id-smime-aa-ets-contentTimestamp", "id-smime-aa-ets-contentTimestamp", - NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1582]),0}, + NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1580]),0}, {"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs", - NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1593]),0}, + NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1591]),0}, {"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs", - NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1604]),0}, + NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1602]),0}, {"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues", - NID_id_smime_aa_ets_certValues,11,&(lvalues[1615]),0}, + NID_id_smime_aa_ets_certValues,11,&(lvalues[1613]),0}, {"id-smime-aa-ets-revocationValues", "id-smime-aa-ets-revocationValues", - NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1626]),0}, + NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1624]),0}, {"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp", - NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1637]),0}, + NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1635]),0}, {"id-smime-aa-ets-certCRLTimestamp", "id-smime-aa-ets-certCRLTimestamp", - NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1648]),0}, + NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1646]),0}, {"id-smime-aa-ets-archiveTimeStamp", "id-smime-aa-ets-archiveTimeStamp", - NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1659]),0}, + NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1657]),0}, {"id-smime-aa-signatureType","id-smime-aa-signatureType", - NID_id_smime_aa_signatureType,11,&(lvalues[1670]),0}, + NID_id_smime_aa_signatureType,11,&(lvalues[1668]),0}, {"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc", - NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1681]),0}, + NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1679]),0}, {"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES", - NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1692]),0}, + NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1690]),0}, {"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2", - NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1703]),0}, + NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1701]),0}, {"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap", - NID_id_smime_alg_3DESwrap,11,&(lvalues[1714]),0}, + NID_id_smime_alg_3DESwrap,11,&(lvalues[1712]),0}, {"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap", - NID_id_smime_alg_RC2wrap,11,&(lvalues[1725]),0}, + NID_id_smime_alg_RC2wrap,11,&(lvalues[1723]),0}, {"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11, - &(lvalues[1736]),0}, + &(lvalues[1734]),0}, {"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap", - NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1747]),0}, + NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1745]),0}, {"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap", - NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1758]),0}, + NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1756]),0}, {"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11, - &(lvalues[1769]),0}, + &(lvalues[1767]),0}, {"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri", - NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1780]),0}, + NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1778]),0}, {"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice", - NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1791]),0}, + NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1789]),0}, {"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin", - NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1802]),0}, + NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1800]),0}, {"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt", - NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1813]),0}, + NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1811]),0}, {"id-smime-cti-ets-proofOfDelivery", "id-smime-cti-ets-proofOfDelivery", - NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1824]),0}, + NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1822]),0}, {"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender", - NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1835]),0}, + NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1833]),0}, {"id-smime-cti-ets-proofOfApproval", "id-smime-cti-ets-proofOfApproval", - NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1846]),0}, + NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1844]),0}, {"id-smime-cti-ets-proofOfCreation", "id-smime-cti-ets-proofOfCreation", - NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1857]),0}, -{"MD4","md4",NID_md4,8,&(lvalues[1868]),0}, -{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1876]),0}, -{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1883]),0}, -{"id-it","id-it",NID_id_it,7,&(lvalues[1890]),0}, -{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1897]),0}, -{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1904]),0}, -{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1911]),0}, -{"id-on","id-on",NID_id_on,7,&(lvalues[1918]),0}, -{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1925]),0}, -{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1932]),0}, -{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1939]),0}, -{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1946]),0}, + NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1855]),0}, +{"MD4","md4",NID_md4,8,&(lvalues[1866]),0}, +{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1874]),0}, +{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1881]),0}, +{"id-it","id-it",NID_id_it,7,&(lvalues[1888]),0}, +{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1895]),0}, +{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1902]),0}, +{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1909]),0}, +{"id-on","id-on",NID_id_on,7,&(lvalues[1916]),0}, +{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1923]),0}, +{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1930]),0}, +{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1937]),0}, +{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1944]),0}, {"id-pkix1-explicit-88","id-pkix1-explicit-88", - NID_id_pkix1_explicit_88,8,&(lvalues[1953]),0}, + NID_id_pkix1_explicit_88,8,&(lvalues[1951]),0}, {"id-pkix1-implicit-88","id-pkix1-implicit-88", - NID_id_pkix1_implicit_88,8,&(lvalues[1961]),0}, + NID_id_pkix1_implicit_88,8,&(lvalues[1959]),0}, {"id-pkix1-explicit-93","id-pkix1-explicit-93", - NID_id_pkix1_explicit_93,8,&(lvalues[1969]),0}, + NID_id_pkix1_explicit_93,8,&(lvalues[1967]),0}, {"id-pkix1-implicit-93","id-pkix1-implicit-93", - NID_id_pkix1_implicit_93,8,&(lvalues[1977]),0}, -{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1985]),0}, -{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1993]),0}, + NID_id_pkix1_implicit_93,8,&(lvalues[1975]),0}, +{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1983]),0}, +{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1991]),0}, {"id-mod-kea-profile-88","id-mod-kea-profile-88", - NID_id_mod_kea_profile_88,8,&(lvalues[2001]),0}, + NID_id_mod_kea_profile_88,8,&(lvalues[1999]),0}, {"id-mod-kea-profile-93","id-mod-kea-profile-93", - NID_id_mod_kea_profile_93,8,&(lvalues[2009]),0}, -{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2017]),0}, + NID_id_mod_kea_profile_93,8,&(lvalues[2007]),0}, +{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2015]),0}, {"id-mod-qualified-cert-88","id-mod-qualified-cert-88", - NID_id_mod_qualified_cert_88,8,&(lvalues[2025]),0}, + NID_id_mod_qualified_cert_88,8,&(lvalues[2023]),0}, {"id-mod-qualified-cert-93","id-mod-qualified-cert-93", - NID_id_mod_qualified_cert_93,8,&(lvalues[2033]),0}, + NID_id_mod_qualified_cert_93,8,&(lvalues[2031]),0}, {"id-mod-attribute-cert","id-mod-attribute-cert", - NID_id_mod_attribute_cert,8,&(lvalues[2041]),0}, + NID_id_mod_attribute_cert,8,&(lvalues[2039]),0}, {"id-mod-timestamp-protocol","id-mod-timestamp-protocol", - NID_id_mod_timestamp_protocol,8,&(lvalues[2049]),0}, -{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2057]),0}, -{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2065]),0}, + NID_id_mod_timestamp_protocol,8,&(lvalues[2047]),0}, +{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2055]),0}, +{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2063]),0}, {"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8, - &(lvalues[2073]),0}, -{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2081]),0}, -{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2089]),0}, + &(lvalues[2071]),0}, +{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2079]),0}, +{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2087]),0}, {"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8, - &(lvalues[2097]),0}, -{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2105]),0}, -{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2113]),0}, + &(lvalues[2095]),0}, +{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2103]),0}, +{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2111]),0}, {"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8, - &(lvalues[2121]),0}, + &(lvalues[2119]),0}, {"sbgp-autonomousSysNum","sbgp-autonomousSysNum", - NID_sbgp_autonomousSysNum,8,&(lvalues[2129]),0}, + NID_sbgp_autonomousSysNum,8,&(lvalues[2127]),0}, {"sbgp-routerIdentifier","sbgp-routerIdentifier", - NID_sbgp_routerIdentifier,8,&(lvalues[2137]),0}, -{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2145]),0}, + NID_sbgp_routerIdentifier,8,&(lvalues[2135]),0}, +{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2143]),0}, {"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8, - &(lvalues[2153]),0}, -{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2161]),0}, -{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2169]),0}, -{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2177]),0}, + &(lvalues[2151]),0}, +{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2159]),0}, +{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2167]),0}, +{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2175]),0}, {"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert, - 8,&(lvalues[2185]),0}, + 8,&(lvalues[2183]),0}, {"id-it-signKeyPairTypes","id-it-signKeyPairTypes", - NID_id_it_signKeyPairTypes,8,&(lvalues[2193]),0}, + NID_id_it_signKeyPairTypes,8,&(lvalues[2191]),0}, {"id-it-encKeyPairTypes","id-it-encKeyPairTypes", - NID_id_it_encKeyPairTypes,8,&(lvalues[2201]),0}, + NID_id_it_encKeyPairTypes,8,&(lvalues[2199]),0}, {"id-it-preferredSymmAlg","id-it-preferredSymmAlg", - NID_id_it_preferredSymmAlg,8,&(lvalues[2209]),0}, + NID_id_it_preferredSymmAlg,8,&(lvalues[2207]),0}, {"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo", - NID_id_it_caKeyUpdateInfo,8,&(lvalues[2217]),0}, + NID_id_it_caKeyUpdateInfo,8,&(lvalues[2215]),0}, {"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8, - &(lvalues[2225]),0}, + &(lvalues[2223]),0}, {"id-it-unsupportedOIDs","id-it-unsupportedOIDs", - NID_id_it_unsupportedOIDs,8,&(lvalues[2233]),0}, + NID_id_it_unsupportedOIDs,8,&(lvalues[2231]),0}, {"id-it-subscriptionRequest","id-it-subscriptionRequest", - NID_id_it_subscriptionRequest,8,&(lvalues[2241]),0}, + NID_id_it_subscriptionRequest,8,&(lvalues[2239]),0}, {"id-it-subscriptionResponse","id-it-subscriptionResponse", - NID_id_it_subscriptionResponse,8,&(lvalues[2249]),0}, + NID_id_it_subscriptionResponse,8,&(lvalues[2247]),0}, {"id-it-keyPairParamReq","id-it-keyPairParamReq", - NID_id_it_keyPairParamReq,8,&(lvalues[2257]),0}, + NID_id_it_keyPairParamReq,8,&(lvalues[2255]),0}, {"id-it-keyPairParamRep","id-it-keyPairParamRep", - NID_id_it_keyPairParamRep,8,&(lvalues[2265]),0}, + NID_id_it_keyPairParamRep,8,&(lvalues[2263]),0}, {"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase, - 8,&(lvalues[2273]),0}, + 8,&(lvalues[2271]),0}, {"id-it-implicitConfirm","id-it-implicitConfirm", - NID_id_it_implicitConfirm,8,&(lvalues[2281]),0}, + NID_id_it_implicitConfirm,8,&(lvalues[2279]),0}, {"id-it-confirmWaitTime","id-it-confirmWaitTime", - NID_id_it_confirmWaitTime,8,&(lvalues[2289]),0}, + NID_id_it_confirmWaitTime,8,&(lvalues[2287]),0}, {"id-it-origPKIMessage","id-it-origPKIMessage", - NID_id_it_origPKIMessage,8,&(lvalues[2297]),0}, -{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2305]),0}, -{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2313]),0}, + NID_id_it_origPKIMessage,8,&(lvalues[2295]),0}, +{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2303]),0}, +{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2311]),0}, {"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken, - 9,&(lvalues[2321]),0}, + 9,&(lvalues[2319]),0}, {"id-regCtrl-authenticator","id-regCtrl-authenticator", - NID_id_regCtrl_authenticator,9,&(lvalues[2330]),0}, + NID_id_regCtrl_authenticator,9,&(lvalues[2328]),0}, {"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo", - NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2339]),0}, + NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2337]),0}, {"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions", - NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2348]),0}, + NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2346]),0}, {"id-regCtrl-oldCertID","id-regCtrl-oldCertID", - NID_id_regCtrl_oldCertID,9,&(lvalues[2357]),0}, + NID_id_regCtrl_oldCertID,9,&(lvalues[2355]),0}, {"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey", - NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2366]),0}, + NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2364]),0}, {"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs", - NID_id_regInfo_utf8Pairs,9,&(lvalues[2375]),0}, + NID_id_regInfo_utf8Pairs,9,&(lvalues[2373]),0}, {"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9, - &(lvalues[2384]),0}, -{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2393]),0}, + &(lvalues[2382]),0}, +{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2391]),0}, {"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8, - &(lvalues[2401]),0}, + &(lvalues[2399]),0}, {"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1", - NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2409]),0}, -{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2417]),0}, + NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2407]),0}, +{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2415]),0}, {"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8, - &(lvalues[2425]),0}, + &(lvalues[2423]),0}, {"id-cmc-identification","id-cmc-identification", - NID_id_cmc_identification,8,&(lvalues[2433]),0}, + NID_id_cmc_identification,8,&(lvalues[2431]),0}, {"id-cmc-identityProof","id-cmc-identityProof", - NID_id_cmc_identityProof,8,&(lvalues[2441]),0}, + NID_id_cmc_identityProof,8,&(lvalues[2439]),0}, {"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8, - &(lvalues[2449]),0}, + &(lvalues[2447]),0}, {"id-cmc-transactionId","id-cmc-transactionId", - NID_id_cmc_transactionId,8,&(lvalues[2457]),0}, + NID_id_cmc_transactionId,8,&(lvalues[2455]),0}, {"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8, - &(lvalues[2465]),0}, + &(lvalues[2463]),0}, {"id-cmc-recipientNonce","id-cmc-recipientNonce", - NID_id_cmc_recipientNonce,8,&(lvalues[2473]),0}, + NID_id_cmc_recipientNonce,8,&(lvalues[2471]),0}, {"id-cmc-addExtensions","id-cmc-addExtensions", - NID_id_cmc_addExtensions,8,&(lvalues[2481]),0}, + NID_id_cmc_addExtensions,8,&(lvalues[2479]),0}, {"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP, - 8,&(lvalues[2489]),0}, + 8,&(lvalues[2487]),0}, {"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP, - 8,&(lvalues[2497]),0}, + 8,&(lvalues[2495]),0}, {"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness", - NID_id_cmc_lraPOPWitness,8,&(lvalues[2505]),0}, + NID_id_cmc_lraPOPWitness,8,&(lvalues[2503]),0}, {"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8, - &(lvalues[2513]),0}, -{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2521]),0}, + &(lvalues[2511]),0}, +{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2519]),0}, {"id-cmc-revokeRequest","id-cmc-revokeRequest", - NID_id_cmc_revokeRequest,8,&(lvalues[2529]),0}, + NID_id_cmc_revokeRequest,8,&(lvalues[2527]),0}, {"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8, - &(lvalues[2537]),0}, + &(lvalues[2535]),0}, {"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo, - 8,&(lvalues[2545]),0}, + 8,&(lvalues[2543]),0}, {"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending, - 8,&(lvalues[2553]),0}, + 8,&(lvalues[2551]),0}, {"id-cmc-popLinkRandom","id-cmc-popLinkRandom", - NID_id_cmc_popLinkRandom,8,&(lvalues[2561]),0}, + NID_id_cmc_popLinkRandom,8,&(lvalues[2559]),0}, {"id-cmc-popLinkWitness","id-cmc-popLinkWitness", - NID_id_cmc_popLinkWitness,8,&(lvalues[2569]),0}, + NID_id_cmc_popLinkWitness,8,&(lvalues[2567]),0}, {"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance", - NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2577]),0}, + NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2575]),0}, {"id-on-personalData","id-on-personalData",NID_id_on_personalData,8, - &(lvalues[2585]),0}, + &(lvalues[2583]),0}, {"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8, - &(lvalues[2593]),0}, + &(lvalues[2591]),0}, {"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth, - 8,&(lvalues[2601]),0}, + 8,&(lvalues[2599]),0}, {NULL,NULL,NID_undef,0,NULL,0}, -{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2609]),0}, +{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2607]),0}, {"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship", - NID_id_pda_countryOfCitizenship,8,&(lvalues[2617]),0}, + NID_id_pda_countryOfCitizenship,8,&(lvalues[2615]),0}, {"id-pda-countryOfResidence","id-pda-countryOfResidence", - NID_id_pda_countryOfResidence,8,&(lvalues[2625]),0}, + NID_id_pda_countryOfResidence,8,&(lvalues[2623]),0}, {"id-aca-authenticationInfo","id-aca-authenticationInfo", - NID_id_aca_authenticationInfo,8,&(lvalues[2633]),0}, + NID_id_aca_authenticationInfo,8,&(lvalues[2631]),0}, {"id-aca-accessIdentity","id-aca-accessIdentity", - NID_id_aca_accessIdentity,8,&(lvalues[2641]),0}, + NID_id_aca_accessIdentity,8,&(lvalues[2639]),0}, {"id-aca-chargingIdentity","id-aca-chargingIdentity", - NID_id_aca_chargingIdentity,8,&(lvalues[2649]),0}, -{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2657]),0}, -{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2665]),0}, + NID_id_aca_chargingIdentity,8,&(lvalues[2647]),0}, +{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2655]),0}, +{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2663]),0}, {"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1", - NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2673]),0}, -{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2681]),0}, + NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2671]),0}, +{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2679]),0}, {"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8, - &(lvalues[2689]),0}, + &(lvalues[2687]),0}, {"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8, - &(lvalues[2697]),0}, + &(lvalues[2695]),0}, {"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8, - &(lvalues[2705]),0}, -{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2713]),0}, + &(lvalues[2703]),0}, +{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2711]),0}, {"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9, - &(lvalues[2721]),0}, -{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2730]),0}, -{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2739]),0}, + &(lvalues[2719]),0}, +{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2728]),0}, +{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2737]),0}, {"acceptableResponses","Acceptable OCSP Responses", - NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2748]),0}, -{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2757]),0}, + NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2746]),0}, +{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2755]),0}, {"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff, - 9,&(lvalues[2766]),0}, + 9,&(lvalues[2764]),0}, {"serviceLocator","OCSP Service Locator", - NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2775]),0}, + NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2773]),0}, {"extendedStatus","Extended OCSP Status", - NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2784]),0}, -{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2793]),0}, -{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2802]),0}, + NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2782]),0}, +{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2791]),0}, +{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2800]),0}, {"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9, - &(lvalues[2811]),0}, -{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2820]),0}, -{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2824]),0}, + &(lvalues[2809]),0}, +{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2818]),0}, +{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2822]),0}, {"X500algorithms","directory services - algorithms", - NID_X500algorithms,2,&(lvalues[2829]),0}, -{"ORG","org",NID_org,1,&(lvalues[2831]),0}, -{"DOD","dod",NID_dod,2,&(lvalues[2832]),0}, -{"IANA","iana",NID_iana,3,&(lvalues[2834]),0}, -{"directory","Directory",NID_Directory,4,&(lvalues[2837]),0}, -{"mgmt","Management",NID_Management,4,&(lvalues[2841]),0}, -{"experimental","Experimental",NID_Experimental,4,&(lvalues[2845]),0}, -{"private","Private",NID_Private,4,&(lvalues[2849]),0}, -{"security","Security",NID_Security,4,&(lvalues[2853]),0}, -{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2857]),0}, -{"Mail","Mail",NID_Mail,4,&(lvalues[2861]),0}, -{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2865]),0}, -{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2870]),0}, -{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2879]),0}, -{"domain","Domain",NID_Domain,10,&(lvalues[2889]),0}, -{"NULL","NULL",NID_joint_iso_ccitt,1,&(lvalues[2899]),0}, + NID_X500algorithms,2,&(lvalues[2827]),0}, +{"ORG","org",NID_org,1,&(lvalues[2829]),0}, +{"DOD","dod",NID_dod,2,&(lvalues[2830]),0}, +{"IANA","iana",NID_iana,3,&(lvalues[2832]),0}, +{"directory","Directory",NID_Directory,4,&(lvalues[2835]),0}, +{"mgmt","Management",NID_Management,4,&(lvalues[2839]),0}, +{"experimental","Experimental",NID_Experimental,4,&(lvalues[2843]),0}, +{"private","Private",NID_Private,4,&(lvalues[2847]),0}, +{"security","Security",NID_Security,4,&(lvalues[2851]),0}, +{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2855]),0}, +{"Mail","Mail",NID_Mail,4,&(lvalues[2859]),0}, +{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2863]),0}, +{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2868]),0}, +{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2877]),0}, +{"domain","Domain",NID_Domain,10,&(lvalues[2887]),0}, +{"NULL","NULL",NID_joint_iso_ccitt,0,NULL,0}, {"selected-attribute-types","Selected Attribute Types", - NID_selected_attribute_types,3,&(lvalues[2900]),0}, -{"clearance","clearance",NID_clearance,4,&(lvalues[2903]),0}, + NID_selected_attribute_types,3,&(lvalues[2897]),0}, +{"clearance","clearance",NID_clearance,4,&(lvalues[2900]),0}, {"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9, - &(lvalues[2907]),0}, -{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2916]),0}, + &(lvalues[2904]),0}, +{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2913]),0}, {"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8, - &(lvalues[2924]),0}, + &(lvalues[2921]),0}, {"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8, - &(lvalues[2932]),0}, -{"role","role",NID_role,3,&(lvalues[2940]),0}, + &(lvalues[2929]),0}, +{"role","role",NID_role,3,&(lvalues[2937]),0}, {"policyConstraints","X509v3 Policy Constraints", - NID_policy_constraints,3,&(lvalues[2943]),0}, + NID_policy_constraints,3,&(lvalues[2940]),0}, {"targetInformation","X509v3 AC Targeting",NID_target_information,3, - &(lvalues[2946]),0}, + &(lvalues[2943]),0}, {"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3, - &(lvalues[2949]),0}, -{"NULL","NULL",NID_ccitt,1,&(lvalues[2952]),0}, -{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2953]),0}, -{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2958]),0}, + &(lvalues[2946]),0}, +{"NULL","NULL",NID_ccitt,0,NULL,0}, +{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2949]),0}, +{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2954]),0}, {"characteristic-two-field","characteristic-two-field", - NID_X9_62_characteristic_two_field,7,&(lvalues[2965]),0}, + NID_X9_62_characteristic_two_field,7,&(lvalues[2961]),0}, {"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7, - &(lvalues[2972]),0}, -{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2979]),0}, -{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2987]),0}, -{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2995]),0}, -{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[3003]),0}, -{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3011]),0}, -{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3019]),0}, -{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3027]),0}, + &(lvalues[2968]),0}, +{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2975]),0}, +{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2983]),0}, +{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2991]),0}, +{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2999]),0}, +{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3007]),0}, +{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3015]),0}, +{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3023]),0}, {"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7, - &(lvalues[3035]),0}, -{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3042]),0}, -{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3051]),0}, -{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3060]),0}, -{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3069]),0}, -{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3078]),0}, -{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3087]),0}, -{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3096]),0}, -{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3105]),0}, -{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3114]),0}, -{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3123]),0}, -{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3132]),0}, -{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3141]),0}, -{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3150]),0}, + &(lvalues[3031]),0}, +{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3038]),0}, +{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3047]),0}, +{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3056]),0}, +{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3065]),0}, +{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3074]),0}, +{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3083]),0}, +{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3092]),0}, +{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3101]),0}, +{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3110]),0}, +{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3119]),0}, +{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3128]),0}, +{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3137]),0}, +{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3146]),0}, {"holdInstructionCode","Hold Instruction Code", - NID_hold_instruction_code,3,&(lvalues[3159]),0}, + NID_hold_instruction_code,3,&(lvalues[3155]),0}, {"holdInstructionNone","Hold Instruction None", - NID_hold_instruction_none,7,&(lvalues[3162]),0}, + NID_hold_instruction_none,7,&(lvalues[3158]),0}, {"holdInstructionCallIssuer","Hold Instruction Call Issuer", - NID_hold_instruction_call_issuer,7,&(lvalues[3169]),0}, + NID_hold_instruction_call_issuer,7,&(lvalues[3165]),0}, {"holdInstructionReject","Hold Instruction Reject", - NID_hold_instruction_reject,7,&(lvalues[3176]),0}, -{"data","data",NID_data,1,&(lvalues[3183]),0}, -{"pss","pss",NID_pss,3,&(lvalues[3184]),0}, -{"ucl","ucl",NID_ucl,7,&(lvalues[3187]),0}, -{"pilot","pilot",NID_pilot,8,&(lvalues[3194]),0}, + NID_hold_instruction_reject,7,&(lvalues[3172]),0}, +{"data","data",NID_data,1,&(lvalues[3179]),0}, +{"pss","pss",NID_pss,3,&(lvalues[3180]),0}, +{"ucl","ucl",NID_ucl,7,&(lvalues[3183]),0}, +{"pilot","pilot",NID_pilot,8,&(lvalues[3190]),0}, {"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9, - &(lvalues[3202]),0}, + &(lvalues[3198]),0}, {"pilotAttributeSyntax","pilotAttributeSyntax", - NID_pilotAttributeSyntax,9,&(lvalues[3211]),0}, + NID_pilotAttributeSyntax,9,&(lvalues[3207]),0}, {"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9, - &(lvalues[3220]),0}, -{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3229]),0}, + &(lvalues[3216]),0}, +{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3225]),0}, {"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10, - &(lvalues[3238]),0}, + &(lvalues[3234]),0}, {"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax", - NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3248]),0}, -{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3258]),0}, -{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3268]),0}, -{"account","account",NID_account,10,&(lvalues[3278]),0}, -{"document","document",NID_document,10,&(lvalues[3288]),0}, -{"room","room",NID_room,10,&(lvalues[3298]),0}, + NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3244]),0}, +{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3254]),0}, +{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3264]),0}, +{"account","account",NID_account,10,&(lvalues[3274]),0}, +{"document","document",NID_document,10,&(lvalues[3284]),0}, +{"room","room",NID_room,10,&(lvalues[3294]),0}, {"documentSeries","documentSeries",NID_documentSeries,10, - &(lvalues[3308]),0}, + &(lvalues[3304]),0}, {"rFC822localPart","rFC822localPart",NID_rFC822localPart,10, - &(lvalues[3318]),0}, -{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3328]),0}, + &(lvalues[3314]),0}, +{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3324]),0}, {"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject, - 10,&(lvalues[3338]),0}, + 10,&(lvalues[3334]),0}, {"friendlyCountry","friendlyCountry",NID_friendlyCountry,10, - &(lvalues[3348]),0}, + &(lvalues[3344]),0}, {"simpleSecurityObject","simpleSecurityObject", - NID_simpleSecurityObject,10,&(lvalues[3358]),0}, + NID_simpleSecurityObject,10,&(lvalues[3354]),0}, {"pilotOrganization","pilotOrganization",NID_pilotOrganization,10, - &(lvalues[3368]),0}, -{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3378]),0}, + &(lvalues[3364]),0}, +{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3374]),0}, {"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData, - 10,&(lvalues[3388]),0}, -{"UID","userId",NID_userId,10,&(lvalues[3398]),0}, + 10,&(lvalues[3384]),0}, +{"UID","userId",NID_userId,10,&(lvalues[3394]),0}, {"textEncodedORAddress","textEncodedORAddress", - NID_textEncodedORAddress,10,&(lvalues[3408]),0}, -{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3418]),0}, -{"info","info",NID_info,10,&(lvalues[3428]),0}, + NID_textEncodedORAddress,10,&(lvalues[3404]),0}, +{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3414]),0}, +{"info","info",NID_info,10,&(lvalues[3424]),0}, {"favouriteDrink","favouriteDrink",NID_favouriteDrink,10, - &(lvalues[3438]),0}, -{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3448]),0}, -{"photo","photo",NID_photo,10,&(lvalues[3458]),0}, -{"userClass","userClass",NID_userClass,10,&(lvalues[3468]),0}, -{"host","host",NID_host,10,&(lvalues[3478]),0}, -{"manager","manager",NID_manager,10,&(lvalues[3488]),0}, + &(lvalues[3434]),0}, +{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3444]),0}, +{"photo","photo",NID_photo,10,&(lvalues[3454]),0}, +{"userClass","userClass",NID_userClass,10,&(lvalues[3464]),0}, +{"host","host",NID_host,10,&(lvalues[3474]),0}, +{"manager","manager",NID_manager,10,&(lvalues[3484]),0}, {"documentIdentifier","documentIdentifier",NID_documentIdentifier,10, - &(lvalues[3498]),0}, -{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3508]),0}, + &(lvalues[3494]),0}, +{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3504]),0}, {"documentVersion","documentVersion",NID_documentVersion,10, - &(lvalues[3518]),0}, + &(lvalues[3514]),0}, {"documentAuthor","documentAuthor",NID_documentAuthor,10, - &(lvalues[3528]),0}, + &(lvalues[3524]),0}, {"documentLocation","documentLocation",NID_documentLocation,10, - &(lvalues[3538]),0}, + &(lvalues[3534]),0}, {"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber, - 10,&(lvalues[3548]),0}, -{"secretary","secretary",NID_secretary,10,&(lvalues[3558]),0}, -{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3568]),0}, + 10,&(lvalues[3544]),0}, +{"secretary","secretary",NID_secretary,10,&(lvalues[3554]),0}, +{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3564]),0}, {"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10, - &(lvalues[3578]),0}, + &(lvalues[3574]),0}, {"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10, - &(lvalues[3588]),0}, -{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3598]),0}, + &(lvalues[3584]),0}, +{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3594]),0}, {"pilotAttributeType27","pilotAttributeType27", - NID_pilotAttributeType27,10,&(lvalues[3608]),0}, -{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3618]),0}, -{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3628]),0}, -{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3638]),0}, -{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3648]),0}, + NID_pilotAttributeType27,10,&(lvalues[3604]),0}, +{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3614]),0}, +{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3624]),0}, +{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3634]),0}, +{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3644]),0}, {"associatedDomain","associatedDomain",NID_associatedDomain,10, - &(lvalues[3658]),0}, + &(lvalues[3654]),0}, {"associatedName","associatedName",NID_associatedName,10, - &(lvalues[3668]),0}, + &(lvalues[3664]),0}, {"homePostalAddress","homePostalAddress",NID_homePostalAddress,10, - &(lvalues[3678]),0}, -{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3688]),0}, + &(lvalues[3674]),0}, +{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3684]),0}, {"mobileTelephoneNumber","mobileTelephoneNumber", - NID_mobileTelephoneNumber,10,&(lvalues[3698]),0}, + NID_mobileTelephoneNumber,10,&(lvalues[3694]),0}, {"pagerTelephoneNumber","pagerTelephoneNumber", - NID_pagerTelephoneNumber,10,&(lvalues[3708]),0}, + NID_pagerTelephoneNumber,10,&(lvalues[3704]),0}, {"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName, - 10,&(lvalues[3718]),0}, + 10,&(lvalues[3714]),0}, {"organizationalStatus","organizationalStatus", - NID_organizationalStatus,10,&(lvalues[3728]),0}, -{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3738]),0}, + NID_organizationalStatus,10,&(lvalues[3724]),0}, +{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3734]),0}, {"mailPreferenceOption","mailPreferenceOption", - NID_mailPreferenceOption,10,&(lvalues[3748]),0}, -{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3758]),0}, -{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3768]),0}, + NID_mailPreferenceOption,10,&(lvalues[3744]),0}, +{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3754]),0}, +{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3764]),0}, {"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10, - &(lvalues[3778]),0}, + &(lvalues[3774]),0}, {"subtreeMinimumQuality","subtreeMinimumQuality", - NID_subtreeMinimumQuality,10,&(lvalues[3788]),0}, + NID_subtreeMinimumQuality,10,&(lvalues[3784]),0}, {"subtreeMaximumQuality","subtreeMaximumQuality", - NID_subtreeMaximumQuality,10,&(lvalues[3798]),0}, + NID_subtreeMaximumQuality,10,&(lvalues[3794]),0}, {"personalSignature","personalSignature",NID_personalSignature,10, - &(lvalues[3808]),0}, -{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3818]),0}, -{"audio","audio",NID_audio,10,&(lvalues[3828]),0}, + &(lvalues[3804]),0}, +{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3814]),0}, +{"audio","audio",NID_audio,10,&(lvalues[3824]),0}, {"documentPublisher","documentPublisher",NID_documentPublisher,10, - &(lvalues[3838]),0}, + &(lvalues[3834]),0}, {"x500UniqueIdentifier","x500UniqueIdentifier", - NID_x500UniqueIdentifier,3,&(lvalues[3848]),0}, -{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3851]),0}, + NID_x500UniqueIdentifier,3,&(lvalues[3844]),0}, +{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3847]),0}, {"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6, - &(lvalues[3856]),0}, + &(lvalues[3852]),0}, {"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6, - &(lvalues[3862]),0}, + &(lvalues[3858]),0}, {"id-hex-partial-message","id-hex-partial-message", - NID_id_hex_partial_message,7,&(lvalues[3868]),0}, + NID_id_hex_partial_message,7,&(lvalues[3864]),0}, {"id-hex-multipart-message","id-hex-multipart-message", - NID_id_hex_multipart_message,7,&(lvalues[3875]),0}, + NID_id_hex_multipart_message,7,&(lvalues[3871]),0}, {"generationQualifier","generationQualifier",NID_generationQualifier, - 3,&(lvalues[3882]),0}, -{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3885]),0}, + 3,&(lvalues[3878]),0}, +{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3881]),0}, {NULL,NULL,NID_undef,0,NULL,0}, {"id-set","Secure Electronic Transactions",NID_id_set,2, - &(lvalues[3888]),0}, -{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3890]),0}, -{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3893]),0}, -{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3896]),0}, -{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3899]),0}, + &(lvalues[3884]),0}, +{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3886]),0}, +{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3889]),0}, +{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3892]),0}, +{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3895]),0}, {"set-certExt","certificate extensions",NID_set_certExt,3, - &(lvalues[3902]),0}, -{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3905]),0}, -{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3908]),0}, + &(lvalues[3898]),0}, +{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3901]),0}, +{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3904]),0}, {"setct-PANToken","setct-PANToken",NID_setct_PANToken,4, - &(lvalues[3912]),0}, -{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3916]),0}, -{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3920]),0}, -{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3924]),0}, -{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3928]),0}, + &(lvalues[3908]),0}, +{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3912]),0}, +{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3916]),0}, +{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3920]),0}, +{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3924]),0}, {"setct-PIDataUnsigned","setct-PIDataUnsigned", - NID_setct_PIDataUnsigned,4,&(lvalues[3932]),0}, + NID_setct_PIDataUnsigned,4,&(lvalues[3928]),0}, {"setct-HODInput","setct-HODInput",NID_setct_HODInput,4, - &(lvalues[3936]),0}, + &(lvalues[3932]),0}, {"setct-AuthResBaggage","setct-AuthResBaggage", - NID_setct_AuthResBaggage,4,&(lvalues[3940]),0}, + NID_setct_AuthResBaggage,4,&(lvalues[3936]),0}, {"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage", - NID_setct_AuthRevReqBaggage,4,&(lvalues[3944]),0}, + NID_setct_AuthRevReqBaggage,4,&(lvalues[3940]),0}, {"setct-AuthRevResBaggage","setct-AuthRevResBaggage", - NID_setct_AuthRevResBaggage,4,&(lvalues[3948]),0}, + NID_setct_AuthRevResBaggage,4,&(lvalues[3944]),0}, {"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4, - &(lvalues[3952]),0}, + &(lvalues[3948]),0}, {"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4, - &(lvalues[3956]),0}, -{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3960]),0}, + &(lvalues[3952]),0}, +{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3956]),0}, {"setct-PResData","setct-PResData",NID_setct_PResData,4, - &(lvalues[3964]),0}, + &(lvalues[3960]),0}, {"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4, - &(lvalues[3968]),0}, + &(lvalues[3964]),0}, {"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4, - &(lvalues[3972]),0}, + &(lvalues[3968]),0}, {"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4, - &(lvalues[3976]),0}, + &(lvalues[3972]),0}, {"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4, - &(lvalues[3980]),0}, + &(lvalues[3976]),0}, {"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4, - &(lvalues[3984]),0}, + &(lvalues[3980]),0}, {"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4, - &(lvalues[3988]),0}, + &(lvalues[3984]),0}, {"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg", - NID_setct_AcqCardCodeMsg,4,&(lvalues[3992]),0}, + NID_setct_AcqCardCodeMsg,4,&(lvalues[3988]),0}, {"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS, - 4,&(lvalues[3996]),0}, + 4,&(lvalues[3992]),0}, {"setct-AuthRevResData","setct-AuthRevResData", - NID_setct_AuthRevResData,4,&(lvalues[4000]),0}, + NID_setct_AuthRevResData,4,&(lvalues[3996]),0}, {"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS, - 4,&(lvalues[4004]),0}, + 4,&(lvalues[4000]),0}, {"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4, - &(lvalues[4008]),0}, + &(lvalues[4004]),0}, {"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4, - &(lvalues[4012]),0}, + &(lvalues[4008]),0}, {"setct-CapResData","setct-CapResData",NID_setct_CapResData,4, - &(lvalues[4016]),0}, + &(lvalues[4012]),0}, {"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4, - &(lvalues[4020]),0}, + &(lvalues[4016]),0}, {"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX, - 4,&(lvalues[4024]),0}, + 4,&(lvalues[4020]),0}, {"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData, - 4,&(lvalues[4028]),0}, + 4,&(lvalues[4024]),0}, {"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4, - &(lvalues[4032]),0}, + &(lvalues[4028]),0}, {"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4, - &(lvalues[4036]),0}, + &(lvalues[4032]),0}, {"setct-CredResData","setct-CredResData",NID_setct_CredResData,4, - &(lvalues[4040]),0}, + &(lvalues[4036]),0}, {"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS, - 4,&(lvalues[4044]),0}, + 4,&(lvalues[4040]),0}, {"setct-CredRevReqTBSX","setct-CredRevReqTBSX", - NID_setct_CredRevReqTBSX,4,&(lvalues[4048]),0}, + NID_setct_CredRevReqTBSX,4,&(lvalues[4044]),0}, {"setct-CredRevResData","setct-CredRevResData", - NID_setct_CredRevResData,4,&(lvalues[4052]),0}, + NID_setct_CredRevResData,4,&(lvalues[4048]),0}, {"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4, - &(lvalues[4056]),0}, + &(lvalues[4052]),0}, {"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4, - &(lvalues[4060]),0}, + &(lvalues[4056]),0}, {"setct-BatchAdminReqData","setct-BatchAdminReqData", - NID_setct_BatchAdminReqData,4,&(lvalues[4064]),0}, + NID_setct_BatchAdminReqData,4,&(lvalues[4060]),0}, {"setct-BatchAdminResData","setct-BatchAdminResData", - NID_setct_BatchAdminResData,4,&(lvalues[4068]),0}, + NID_setct_BatchAdminResData,4,&(lvalues[4064]),0}, {"setct-CardCInitResTBS","setct-CardCInitResTBS", - NID_setct_CardCInitResTBS,4,&(lvalues[4072]),0}, + NID_setct_CardCInitResTBS,4,&(lvalues[4068]),0}, {"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS", - NID_setct_MeAqCInitResTBS,4,&(lvalues[4076]),0}, + NID_setct_MeAqCInitResTBS,4,&(lvalues[4072]),0}, {"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS, - 4,&(lvalues[4080]),0}, + 4,&(lvalues[4076]),0}, {"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4, - &(lvalues[4084]),0}, + &(lvalues[4080]),0}, {"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4, - &(lvalues[4088]),0}, + &(lvalues[4084]),0}, {"setct-CertResData","setct-CertResData",NID_setct_CertResData,4, - &(lvalues[4092]),0}, + &(lvalues[4088]),0}, {"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS, - 4,&(lvalues[4096]),0}, + 4,&(lvalues[4092]),0}, {"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4, - &(lvalues[4100]),0}, + &(lvalues[4096]),0}, {"setct-PIDualSignedTBE","setct-PIDualSignedTBE", - NID_setct_PIDualSignedTBE,4,&(lvalues[4104]),0}, + NID_setct_PIDualSignedTBE,4,&(lvalues[4100]),0}, {"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE, - 4,&(lvalues[4108]),0}, + 4,&(lvalues[4104]),0}, {"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4, - &(lvalues[4112]),0}, + &(lvalues[4108]),0}, {"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4, - &(lvalues[4116]),0}, + &(lvalues[4112]),0}, {"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4, - &(lvalues[4120]),0}, + &(lvalues[4116]),0}, {"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4, - &(lvalues[4124]),0}, + &(lvalues[4120]),0}, {"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4, - &(lvalues[4128]),0}, + &(lvalues[4124]),0}, {"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4, - &(lvalues[4132]),0}, + &(lvalues[4128]),0}, {"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE", - NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4136]),0}, + NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4132]),0}, {"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE, - 4,&(lvalues[4140]),0}, + 4,&(lvalues[4136]),0}, {"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE, - 4,&(lvalues[4144]),0}, + 4,&(lvalues[4140]),0}, {"setct-AuthRevResTBEB","setct-AuthRevResTBEB", - NID_setct_AuthRevResTBEB,4,&(lvalues[4148]),0}, + NID_setct_AuthRevResTBEB,4,&(lvalues[4144]),0}, {"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4, - &(lvalues[4152]),0}, + &(lvalues[4148]),0}, {"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4, - &(lvalues[4156]),0}, + &(lvalues[4152]),0}, {"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4, - &(lvalues[4160]),0}, + &(lvalues[4156]),0}, {"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4, - &(lvalues[4164]),0}, + &(lvalues[4160]),0}, {"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX, - 4,&(lvalues[4168]),0}, + 4,&(lvalues[4164]),0}, {"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4, - &(lvalues[4172]),0}, + &(lvalues[4168]),0}, {"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4, - &(lvalues[4176]),0}, + &(lvalues[4172]),0}, {"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4, - &(lvalues[4180]),0}, + &(lvalues[4176]),0}, {"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4, - &(lvalues[4184]),0}, + &(lvalues[4180]),0}, {"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE, - 4,&(lvalues[4188]),0}, + 4,&(lvalues[4184]),0}, {"setct-CredRevReqTBEX","setct-CredRevReqTBEX", - NID_setct_CredRevReqTBEX,4,&(lvalues[4192]),0}, + NID_setct_CredRevReqTBEX,4,&(lvalues[4188]),0}, {"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE, - 4,&(lvalues[4196]),0}, + 4,&(lvalues[4192]),0}, {"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE", - NID_setct_BatchAdminReqTBE,4,&(lvalues[4200]),0}, + NID_setct_BatchAdminReqTBE,4,&(lvalues[4196]),0}, {"setct-BatchAdminResTBE","setct-BatchAdminResTBE", - NID_setct_BatchAdminResTBE,4,&(lvalues[4204]),0}, + NID_setct_BatchAdminResTBE,4,&(lvalues[4200]),0}, {"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE, - 4,&(lvalues[4208]),0}, + 4,&(lvalues[4204]),0}, {"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4, - &(lvalues[4212]),0}, + &(lvalues[4208]),0}, {"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4, - &(lvalues[4216]),0}, + &(lvalues[4212]),0}, {"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4, - &(lvalues[4220]),0}, + &(lvalues[4216]),0}, {"setct-CRLNotificationTBS","setct-CRLNotificationTBS", - NID_setct_CRLNotificationTBS,4,&(lvalues[4224]),0}, + NID_setct_CRLNotificationTBS,4,&(lvalues[4220]),0}, {"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS", - NID_setct_CRLNotificationResTBS,4,&(lvalues[4228]),0}, + NID_setct_CRLNotificationResTBS,4,&(lvalues[4224]),0}, {"setct-BCIDistributionTBS","setct-BCIDistributionTBS", - NID_setct_BCIDistributionTBS,4,&(lvalues[4232]),0}, + NID_setct_BCIDistributionTBS,4,&(lvalues[4228]),0}, {"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4, - &(lvalues[4236]),0}, + &(lvalues[4232]),0}, {"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4, - &(lvalues[4240]),0}, + &(lvalues[4236]),0}, {"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4, - &(lvalues[4244]),0}, -{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4248]),0}, -{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4252]),0}, + &(lvalues[4240]),0}, +{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4244]),0}, +{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4248]),0}, {"setext-cv","additional verification",NID_setext_cv,4, - &(lvalues[4256]),0}, + &(lvalues[4252]),0}, {"set-policy-root","set-policy-root",NID_set_policy_root,4, - &(lvalues[4260]),0}, + &(lvalues[4256]),0}, {"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4, - &(lvalues[4264]),0}, + &(lvalues[4260]),0}, {"setCext-certType","setCext-certType",NID_setCext_certType,4, - &(lvalues[4268]),0}, + &(lvalues[4264]),0}, {"setCext-merchData","setCext-merchData",NID_setCext_merchData,4, - &(lvalues[4272]),0}, + &(lvalues[4268]),0}, {"setCext-cCertRequired","setCext-cCertRequired", - NID_setCext_cCertRequired,4,&(lvalues[4276]),0}, + NID_setCext_cCertRequired,4,&(lvalues[4272]),0}, {"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4, - &(lvalues[4280]),0}, + &(lvalues[4276]),0}, {"setCext-setExt","setCext-setExt",NID_setCext_setExt,4, - &(lvalues[4284]),0}, + &(lvalues[4280]),0}, {"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4, - &(lvalues[4288]),0}, + &(lvalues[4284]),0}, {"setCext-PGWYcapabilities","setCext-PGWYcapabilities", - NID_setCext_PGWYcapabilities,4,&(lvalues[4292]),0}, + NID_setCext_PGWYcapabilities,4,&(lvalues[4288]),0}, {"setCext-TokenIdentifier","setCext-TokenIdentifier", - NID_setCext_TokenIdentifier,4,&(lvalues[4296]),0}, + NID_setCext_TokenIdentifier,4,&(lvalues[4292]),0}, {"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4, - &(lvalues[4300]),0}, + &(lvalues[4296]),0}, {"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4, - &(lvalues[4304]),0}, + &(lvalues[4300]),0}, {"setCext-IssuerCapabilities","setCext-IssuerCapabilities", - NID_setCext_IssuerCapabilities,4,&(lvalues[4308]),0}, -{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4312]),0}, + NID_setCext_IssuerCapabilities,4,&(lvalues[4304]),0}, +{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4308]),0}, {"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap, - 4,&(lvalues[4316]),0}, + 4,&(lvalues[4312]),0}, {"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4, - &(lvalues[4320]),0}, + &(lvalues[4316]),0}, {"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4, - &(lvalues[4324]),0}, + &(lvalues[4320]),0}, {"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5, - &(lvalues[4328]),0}, -{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4333]),0}, + &(lvalues[4324]),0}, +{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4329]),0}, {"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5, - &(lvalues[4338]),0}, + &(lvalues[4334]),0}, {"setAttr-Token-B0Prime","setAttr-Token-B0Prime", - NID_setAttr_Token_B0Prime,5,&(lvalues[4343]),0}, + NID_setAttr_Token_B0Prime,5,&(lvalues[4339]),0}, {"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5, - &(lvalues[4348]),0}, + &(lvalues[4344]),0}, {"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5, - &(lvalues[4353]),0}, + &(lvalues[4349]),0}, {"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5, - &(lvalues[4358]),0}, + &(lvalues[4354]),0}, {"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm, - 6,&(lvalues[4363]),0}, + 6,&(lvalues[4359]),0}, {"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6, - &(lvalues[4369]),0}, + &(lvalues[4365]),0}, {"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6, - &(lvalues[4375]),0}, + &(lvalues[4371]),0}, {"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6, - &(lvalues[4381]),0}, + &(lvalues[4377]),0}, {"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig, - 6,&(lvalues[4387]),0}, + 6,&(lvalues[4383]),0}, {"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4, - &(lvalues[4393]),0}, + &(lvalues[4389]),0}, {"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4, - &(lvalues[4397]),0}, + &(lvalues[4393]),0}, {"set-brand-AmericanExpress","set-brand-AmericanExpress", - NID_set_brand_AmericanExpress,4,&(lvalues[4401]),0}, -{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4405]),0}, + NID_set_brand_AmericanExpress,4,&(lvalues[4397]),0}, +{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4401]),0}, {"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4, - &(lvalues[4409]),0}, + &(lvalues[4405]),0}, {"set-brand-MasterCard","set-brand-MasterCard", - NID_set_brand_MasterCard,4,&(lvalues[4413]),0}, + NID_set_brand_MasterCard,4,&(lvalues[4409]),0}, {"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5, - &(lvalues[4417]),0}, -{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4422]),0}, + &(lvalues[4413]),0}, +{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4418]),0}, {"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET", - NID_rsaOAEPEncryptionSET,9,&(lvalues[4430]),0}, -{"ITU-T","itu-t",NID_itu_t,1,&(lvalues[4439]),0}, -{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,1, - &(lvalues[4440]),0}, + NID_rsaOAEPEncryptionSET,9,&(lvalues[4426]),0}, +{"ITU-T","itu-t",NID_itu_t,0,NULL,0}, +{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,0,NULL,0}, {"international-organizations","International Organizations", - NID_international_organizations,1,&(lvalues[4441]),0}, + NID_international_organizations,1,&(lvalues[4435]),0}, {"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login, - 10,&(lvalues[4442]),0}, + 10,&(lvalues[4436]),0}, {"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10, - &(lvalues[4452]),0}, + &(lvalues[4446]),0}, {"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL,0}, {"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL,0}, {"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL,0}, @@ -1979,138 +1972,138 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ {"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL,0}, {"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL,0}, {"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL,0}, -{"street","streetAddress",NID_streetAddress,3,&(lvalues[4462]),0}, -{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4465]),0}, -{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4468]),0}, +{"street","streetAddress",NID_streetAddress,3,&(lvalues[4456]),0}, +{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4459]),0}, +{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4462]),0}, {"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8, - &(lvalues[4475]),0}, + &(lvalues[4469]),0}, {"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8, - &(lvalues[4483]),0}, + &(lvalues[4477]),0}, {"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8, - &(lvalues[4491]),0}, + &(lvalues[4485]),0}, {"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3, - &(lvalues[4499]),0}, -{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4502]),0}, + &(lvalues[4493]),0}, +{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4496]),0}, {"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9, - &(lvalues[4510]),0}, + &(lvalues[4504]),0}, {"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9, - &(lvalues[4519]),0}, + &(lvalues[4513]),0}, {"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9, - &(lvalues[4528]),0}, + &(lvalues[4522]),0}, {"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9, - &(lvalues[4537]),0}, -{"SHA256","sha256",NID_sha256,9,&(lvalues[4546]),0}, -{"SHA384","sha384",NID_sha384,9,&(lvalues[4555]),0}, -{"SHA512","sha512",NID_sha512,9,&(lvalues[4564]),0}, -{"SHA224","sha224",NID_sha224,9,&(lvalues[4573]),0}, + &(lvalues[4531]),0}, +{"SHA256","sha256",NID_sha256,9,&(lvalues[4540]),0}, +{"SHA384","sha384",NID_sha384,9,&(lvalues[4549]),0}, +{"SHA512","sha512",NID_sha512,9,&(lvalues[4558]),0}, +{"SHA224","sha224",NID_sha224,9,&(lvalues[4567]),0}, {"identified-organization","identified-organization", - NID_identified_organization,1,&(lvalues[4582]),0}, -{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4583]),0}, -{"wap","wap",NID_wap,2,&(lvalues[4586]),0}, -{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4588]),0}, + NID_identified_organization,1,&(lvalues[4576]),0}, +{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4577]),0}, +{"wap","wap",NID_wap,2,&(lvalues[4580]),0}, +{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4582]),0}, {"id-characteristic-two-basis","id-characteristic-two-basis", - NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4591]),0}, -{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4599]),0}, -{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4608]),0}, -{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4617]),0}, -{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4626]),0}, -{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4634]),0}, -{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4642]),0}, -{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4650]),0}, -{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4658]),0}, -{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4666]),0}, -{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4674]),0}, -{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4682]),0}, -{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4690]),0}, -{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4698]),0}, -{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4706]),0}, -{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4714]),0}, -{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4722]),0}, -{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4730]),0}, -{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4738]),0}, -{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4746]),0}, -{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4754]),0}, -{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4762]),0}, -{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4770]),0}, -{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4778]),0}, -{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4786]),0}, -{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4791]),0}, -{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4796]),0}, -{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4801]),0}, -{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4806]),0}, -{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4811]),0}, -{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4816]),0}, -{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4821]),0}, -{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4826]),0}, -{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4831]),0}, -{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4836]),0}, -{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4841]),0}, -{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4846]),0}, -{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4851]),0}, -{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4856]),0}, -{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4861]),0}, -{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4866]),0}, -{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4871]),0}, -{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4876]),0}, -{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4881]),0}, -{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4886]),0}, -{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4891]),0}, -{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4896]),0}, -{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4901]),0}, -{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4906]),0}, -{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4911]),0}, -{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4916]),0}, -{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4921]),0}, -{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4926]),0}, -{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4931]),0}, -{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4936]),0}, + NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4585]),0}, +{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4593]),0}, +{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4602]),0}, +{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4611]),0}, +{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4620]),0}, +{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4628]),0}, +{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4636]),0}, +{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4644]),0}, +{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4652]),0}, +{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4660]),0}, +{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4668]),0}, +{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4676]),0}, +{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4684]),0}, +{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4692]),0}, +{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4700]),0}, +{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4708]),0}, +{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4716]),0}, +{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4724]),0}, +{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4732]),0}, +{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4740]),0}, +{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4748]),0}, +{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4756]),0}, +{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4764]),0}, +{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4772]),0}, +{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4780]),0}, +{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4785]),0}, +{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4790]),0}, +{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4795]),0}, +{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4800]),0}, +{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4805]),0}, +{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4810]),0}, +{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4815]),0}, +{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4820]),0}, +{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4825]),0}, +{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4830]),0}, +{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4835]),0}, +{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4840]),0}, +{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4845]),0}, +{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4850]),0}, +{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4855]),0}, +{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4860]),0}, +{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4865]),0}, +{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4870]),0}, +{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4875]),0}, +{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4880]),0}, +{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4885]),0}, +{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4890]),0}, +{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4895]),0}, +{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4900]),0}, +{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4905]),0}, +{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4910]),0}, +{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4915]),0}, +{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4920]),0}, +{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4925]),0}, +{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4930]),0}, {"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1", - NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4941]),0}, + NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4935]),0}, {"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3", - NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4946]),0}, + NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4940]),0}, {"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4", - NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4951]),0}, + NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4945]),0}, {"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5", - NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4956]),0}, + NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4950]),0}, {"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6", - NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4961]),0}, + NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4955]),0}, {"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7", - NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4966]),0}, + NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4960]),0}, {"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8", - NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4971]),0}, + NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4965]),0}, {"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9", - NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4976]),0}, + NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4970]),0}, {"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10", - NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4981]),0}, + NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4975]),0}, {"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11", - NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4986]),0}, + NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4980]),0}, {"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12", - NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4991]),0}, -{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4996]),0}, + NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4985]),0}, +{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4990]),0}, {"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3, - &(lvalues[5000]),0}, + &(lvalues[4994]),0}, {"inhibitAnyPolicy","X509v3 Inhibit Any Policy", - NID_inhibit_any_policy,3,&(lvalues[5003]),0}, + NID_inhibit_any_policy,3,&(lvalues[4997]),0}, {"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0}, {"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0}, {"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11, - &(lvalues[5006]),0}, + &(lvalues[5000]),0}, {"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11, - &(lvalues[5017]),0}, + &(lvalues[5011]),0}, {"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11, - &(lvalues[5028]),0}, + &(lvalues[5022]),0}, {"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8, - &(lvalues[5039]),0}, + &(lvalues[5033]),0}, {"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8, - &(lvalues[5047]),0}, + &(lvalues[5041]),0}, {"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8, - &(lvalues[5055]),0}, + &(lvalues[5049]),0}, {"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8, - &(lvalues[5063]),0}, + &(lvalues[5057]),0}, {"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8, - &(lvalues[5071]),0}, + &(lvalues[5065]),0}, {"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8, - &(lvalues[5079]),0}, + &(lvalues[5073]),0}, {"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0}, {"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0}, {"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0}, @@ -2118,284 +2111,284 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ {"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0}, {"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0}, {"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8, - &(lvalues[5087]),0}, + &(lvalues[5081]),0}, {"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8, - &(lvalues[5095]),0}, + &(lvalues[5089]),0}, {"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8, - &(lvalues[5103]),0}, + &(lvalues[5097]),0}, {"subjectDirectoryAttributes","X509v3 Subject Directory Attributes", - NID_subject_directory_attributes,3,&(lvalues[5111]),0}, + NID_subject_directory_attributes,3,&(lvalues[5105]),0}, {"issuingDistributionPoint","X509v3 Issuing Distrubution Point", - NID_issuing_distribution_point,3,&(lvalues[5114]),0}, + NID_issuing_distribution_point,3,&(lvalues[5108]),0}, {"certificateIssuer","X509v3 Certificate Issuer", - NID_certificate_issuer,3,&(lvalues[5117]),0}, + NID_certificate_issuer,3,&(lvalues[5111]),0}, {NULL,NULL,NID_undef,0,NULL,0}, -{"KISA","kisa",NID_kisa,6,&(lvalues[5120]),0}, +{"KISA","kisa",NID_kisa,6,&(lvalues[5114]),0}, {NULL,NULL,NID_undef,0,NULL,0}, {NULL,NULL,NID_undef,0,NULL,0}, -{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5126]),0}, -{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5134]),0}, -{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5142]),0}, -{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5150]),0}, -{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5158]),0}, -{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5166]),0}, +{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5120]),0}, +{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5128]),0}, +{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5136]),0}, +{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5144]),0}, +{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5152]),0}, +{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5160]),0}, {"id-PasswordBasedMAC","password based MAC",NID_id_PasswordBasedMAC,9, - &(lvalues[5174]),0}, + &(lvalues[5168]),0}, {"id-DHBasedMac","Diffie-Hellman based MAC",NID_id_DHBasedMac,9, - &(lvalues[5183]),0}, + &(lvalues[5177]),0}, {"id-it-suppLangTags","id-it-suppLangTags",NID_id_it_suppLangTags,8, - &(lvalues[5192]),0}, -{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5200]),0}, + &(lvalues[5186]),0}, +{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5194]),0}, {"id-smime-ct-compressedData","id-smime-ct-compressedData", - NID_id_smime_ct_compressedData,11,&(lvalues[5208]),0}, + NID_id_smime_ct_compressedData,11,&(lvalues[5202]),0}, {"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF", - NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5219]),0}, + NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5213]),0}, {"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9, - &(lvalues[5230]),0}, + &(lvalues[5224]),0}, {"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9, - &(lvalues[5239]),0}, + &(lvalues[5233]),0}, {"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9, - &(lvalues[5248]),0}, + &(lvalues[5242]),0}, {"ecdsa-with-Recommended","ecdsa-with-Recommended", - NID_ecdsa_with_Recommended,7,&(lvalues[5257]),0}, + NID_ecdsa_with_Recommended,7,&(lvalues[5251]),0}, {"ecdsa-with-Specified","ecdsa-with-Specified", - NID_ecdsa_with_Specified,7,&(lvalues[5264]),0}, + NID_ecdsa_with_Specified,7,&(lvalues[5258]),0}, {"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8, - &(lvalues[5271]),0}, + &(lvalues[5265]),0}, {"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8, - &(lvalues[5279]),0}, + &(lvalues[5273]),0}, {"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8, - &(lvalues[5287]),0}, + &(lvalues[5281]),0}, {"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8, - &(lvalues[5295]),0}, -{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5303]),0}, + &(lvalues[5289]),0}, +{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5297]),0}, {"hmacWithSHA224","hmacWithSHA224",NID_hmacWithSHA224,8, - &(lvalues[5311]),0}, + &(lvalues[5305]),0}, {"hmacWithSHA256","hmacWithSHA256",NID_hmacWithSHA256,8, - &(lvalues[5319]),0}, + &(lvalues[5313]),0}, {"hmacWithSHA384","hmacWithSHA384",NID_hmacWithSHA384,8, - &(lvalues[5327]),0}, + &(lvalues[5321]),0}, {"hmacWithSHA512","hmacWithSHA512",NID_hmacWithSHA512,8, - &(lvalues[5335]),0}, + &(lvalues[5329]),0}, {"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9, - &(lvalues[5343]),0}, + &(lvalues[5337]),0}, {"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9, - &(lvalues[5352]),0}, -{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5361]),0}, -{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5367]),0}, -{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5372]),0}, + &(lvalues[5346]),0}, +{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5355]),0}, +{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5361]),0}, +{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5366]),0}, {"id-GostR3411-94-with-GostR3410-2001", "GOST R 34.11-94 with GOST R 34.10-2001", - NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5377]),0}, + NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5371]),0}, {"id-GostR3411-94-with-GostR3410-94", "GOST R 34.11-94 with GOST R 34.10-94", - NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5383]),0}, -{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5389]),0}, + NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5377]),0}, +{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5383]),0}, {"id-HMACGostR3411-94","HMAC GOST 34.11-94",NID_id_HMACGostR3411_94,6, - &(lvalues[5395]),0}, + &(lvalues[5389]),0}, {"gost2001","GOST R 34.10-2001",NID_id_GostR3410_2001,6, - &(lvalues[5401]),0}, -{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5407]),0}, -{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5413]),0}, + &(lvalues[5395]),0}, +{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5401]),0}, +{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5407]),0}, {"gost89-cnt","gost89-cnt",NID_gost89_cnt,0,NULL,0}, {"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6, - &(lvalues[5419]),0}, + &(lvalues[5413]),0}, {"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6, - &(lvalues[5425]),0}, + &(lvalues[5419]),0}, {"id-GostR3410-2001DH","GOST R 34.10-2001 DH",NID_id_GostR3410_2001DH, - 6,&(lvalues[5431]),0}, + 6,&(lvalues[5425]),0}, {"id-GostR3410-94DH","GOST R 34.10-94 DH",NID_id_GostR3410_94DH,6, - &(lvalues[5437]),0}, + &(lvalues[5431]),0}, {"id-Gost28147-89-CryptoPro-KeyMeshing", "id-Gost28147-89-CryptoPro-KeyMeshing", - NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5443]),0}, + NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5437]),0}, {"id-Gost28147-89-None-KeyMeshing","id-Gost28147-89-None-KeyMeshing", - NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5450]),0}, + NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5444]),0}, {"id-GostR3411-94-TestParamSet","id-GostR3411-94-TestParamSet", - NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5457]),0}, + NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5451]),0}, {"id-GostR3411-94-CryptoProParamSet", "id-GostR3411-94-CryptoProParamSet", - NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5464]),0}, + NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5458]),0}, {"id-Gost28147-89-TestParamSet","id-Gost28147-89-TestParamSet", - NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5471]),0}, + NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5465]),0}, {"id-Gost28147-89-CryptoPro-A-ParamSet", "id-Gost28147-89-CryptoPro-A-ParamSet", - NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5478]),0}, + NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5472]),0}, {"id-Gost28147-89-CryptoPro-B-ParamSet", "id-Gost28147-89-CryptoPro-B-ParamSet", - NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5485]),0}, + NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5479]),0}, {"id-Gost28147-89-CryptoPro-C-ParamSet", "id-Gost28147-89-CryptoPro-C-ParamSet", - NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5492]),0}, + NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5486]),0}, {"id-Gost28147-89-CryptoPro-D-ParamSet", "id-Gost28147-89-CryptoPro-D-ParamSet", - NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5499]),0}, + NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5493]),0}, {"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet", "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet", - NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5506]), + NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5500]), 0}, {"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet", "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet", - NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5513]), + NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5507]), 0}, {"id-Gost28147-89-CryptoPro-RIC-1-ParamSet", "id-Gost28147-89-CryptoPro-RIC-1-ParamSet", - NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5520]),0}, + NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5514]),0}, {"id-GostR3410-94-TestParamSet","id-GostR3410-94-TestParamSet", - NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5527]),0}, + NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5521]),0}, {"id-GostR3410-94-CryptoPro-A-ParamSet", "id-GostR3410-94-CryptoPro-A-ParamSet", - NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5534]),0}, + NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5528]),0}, {"id-GostR3410-94-CryptoPro-B-ParamSet", "id-GostR3410-94-CryptoPro-B-ParamSet", - NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5541]),0}, + NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5535]),0}, {"id-GostR3410-94-CryptoPro-C-ParamSet", "id-GostR3410-94-CryptoPro-C-ParamSet", - NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5548]),0}, + NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5542]),0}, {"id-GostR3410-94-CryptoPro-D-ParamSet", "id-GostR3410-94-CryptoPro-D-ParamSet", - NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5555]),0}, + NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5549]),0}, {"id-GostR3410-94-CryptoPro-XchA-ParamSet", "id-GostR3410-94-CryptoPro-XchA-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5562]),0}, + NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5556]),0}, {"id-GostR3410-94-CryptoPro-XchB-ParamSet", "id-GostR3410-94-CryptoPro-XchB-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5569]),0}, + NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5563]),0}, {"id-GostR3410-94-CryptoPro-XchC-ParamSet", "id-GostR3410-94-CryptoPro-XchC-ParamSet", - NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5576]),0}, + NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5570]),0}, {"id-GostR3410-2001-TestParamSet","id-GostR3410-2001-TestParamSet", - NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5583]),0}, + NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5577]),0}, {"id-GostR3410-2001-CryptoPro-A-ParamSet", "id-GostR3410-2001-CryptoPro-A-ParamSet", - NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5590]),0}, + NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5584]),0}, {"id-GostR3410-2001-CryptoPro-B-ParamSet", "id-GostR3410-2001-CryptoPro-B-ParamSet", - NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5597]),0}, + NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5591]),0}, {"id-GostR3410-2001-CryptoPro-C-ParamSet", "id-GostR3410-2001-CryptoPro-C-ParamSet", - NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5604]),0}, + NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5598]),0}, {"id-GostR3410-2001-CryptoPro-XchA-ParamSet", "id-GostR3410-2001-CryptoPro-XchA-ParamSet", - NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5611]),0}, + NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5605]),0}, {"id-GostR3410-2001-CryptoPro-XchB-ParamSet", "id-GostR3410-2001-CryptoPro-XchB-ParamSet", - NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5618]),0}, + NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5612]),0}, {"id-GostR3410-94-a","id-GostR3410-94-a",NID_id_GostR3410_94_a,7, - &(lvalues[5625]),0}, + &(lvalues[5619]),0}, {"id-GostR3410-94-aBis","id-GostR3410-94-aBis", - NID_id_GostR3410_94_aBis,7,&(lvalues[5632]),0}, + NID_id_GostR3410_94_aBis,7,&(lvalues[5626]),0}, {"id-GostR3410-94-b","id-GostR3410-94-b",NID_id_GostR3410_94_b,7, - &(lvalues[5639]),0}, + &(lvalues[5633]),0}, {"id-GostR3410-94-bBis","id-GostR3410-94-bBis", - NID_id_GostR3410_94_bBis,7,&(lvalues[5646]),0}, + NID_id_GostR3410_94_bBis,7,&(lvalues[5640]),0}, {"id-Gost28147-89-cc","GOST 28147-89 Cryptocom ParamSet", - NID_id_Gost28147_89_cc,8,&(lvalues[5653]),0}, + NID_id_Gost28147_89_cc,8,&(lvalues[5647]),0}, {"gost94cc","GOST 34.10-94 Cryptocom",NID_id_GostR3410_94_cc,8, - &(lvalues[5661]),0}, + &(lvalues[5655]),0}, {"gost2001cc","GOST 34.10-2001 Cryptocom",NID_id_GostR3410_2001_cc,8, - &(lvalues[5669]),0}, + &(lvalues[5663]),0}, {"id-GostR3411-94-with-GostR3410-94-cc", "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom", - NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5677]),0}, + NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5671]),0}, {"id-GostR3411-94-with-GostR3410-2001-cc", "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom", - NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5685]),0}, + NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5679]),0}, {"id-GostR3410-2001-ParamSet-cc", "GOST R 3410-2001 Parameter Set Cryptocom", - NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5693]),0}, + NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5687]),0}, {"HMAC","hmac",NID_hmac,0,NULL,0}, {"LocalKeySet","Microsoft Local Key set",NID_LocalKeySet,9, - &(lvalues[5701]),0}, + &(lvalues[5695]),0}, {"freshestCRL","X509v3 Freshest CRL",NID_freshest_crl,3, - &(lvalues[5710]),0}, + &(lvalues[5704]),0}, {"id-on-permanentIdentifier","Permanent Identifier", - NID_id_on_permanentIdentifier,8,&(lvalues[5713]),0}, -{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5721]),0}, + NID_id_on_permanentIdentifier,8,&(lvalues[5707]),0}, +{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5715]),0}, {"businessCategory","businessCategory",NID_businessCategory,3, - &(lvalues[5724]),0}, -{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5727]),0}, -{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5730]),0}, + &(lvalues[5718]),0}, +{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5721]),0}, +{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5724]),0}, {"physicalDeliveryOfficeName","physicalDeliveryOfficeName", - NID_physicalDeliveryOfficeName,3,&(lvalues[5733]),0}, + NID_physicalDeliveryOfficeName,3,&(lvalues[5727]),0}, {"telephoneNumber","telephoneNumber",NID_telephoneNumber,3, - &(lvalues[5736]),0}, -{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5739]),0}, + &(lvalues[5730]),0}, +{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5733]),0}, {"teletexTerminalIdentifier","teletexTerminalIdentifier", - NID_teletexTerminalIdentifier,3,&(lvalues[5742]),0}, + NID_teletexTerminalIdentifier,3,&(lvalues[5736]),0}, {"facsimileTelephoneNumber","facsimileTelephoneNumber", - NID_facsimileTelephoneNumber,3,&(lvalues[5745]),0}, -{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5748]),0}, + NID_facsimileTelephoneNumber,3,&(lvalues[5739]),0}, +{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5742]),0}, {"internationaliSDNNumber","internationaliSDNNumber", - NID_internationaliSDNNumber,3,&(lvalues[5751]),0}, + NID_internationaliSDNNumber,3,&(lvalues[5745]),0}, {"registeredAddress","registeredAddress",NID_registeredAddress,3, - &(lvalues[5754]),0}, + &(lvalues[5748]),0}, {"destinationIndicator","destinationIndicator", - NID_destinationIndicator,3,&(lvalues[5757]),0}, + NID_destinationIndicator,3,&(lvalues[5751]),0}, {"preferredDeliveryMethod","preferredDeliveryMethod", - NID_preferredDeliveryMethod,3,&(lvalues[5760]),0}, + NID_preferredDeliveryMethod,3,&(lvalues[5754]),0}, {"presentationAddress","presentationAddress",NID_presentationAddress, - 3,&(lvalues[5763]),0}, + 3,&(lvalues[5757]),0}, {"supportedApplicationContext","supportedApplicationContext", - NID_supportedApplicationContext,3,&(lvalues[5766]),0}, -{"member","member",NID_member,3,&(lvalues[5769]),0}, -{"owner","owner",NID_owner,3,&(lvalues[5772]),0}, -{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5775]),0}, -{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5778]),0}, -{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5781]),0}, + NID_supportedApplicationContext,3,&(lvalues[5760]),0}, +{"member","member",NID_member,3,&(lvalues[5763]),0}, +{"owner","owner",NID_owner,3,&(lvalues[5766]),0}, +{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5769]),0}, +{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5772]),0}, +{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5775]),0}, {"userCertificate","userCertificate",NID_userCertificate,3, - &(lvalues[5784]),0}, -{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5787]),0}, + &(lvalues[5778]),0}, +{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5781]),0}, {"authorityRevocationList","authorityRevocationList", - NID_authorityRevocationList,3,&(lvalues[5790]),0}, + NID_authorityRevocationList,3,&(lvalues[5784]),0}, {"certificateRevocationList","certificateRevocationList", - NID_certificateRevocationList,3,&(lvalues[5793]),0}, + NID_certificateRevocationList,3,&(lvalues[5787]),0}, {"crossCertificatePair","crossCertificatePair", - NID_crossCertificatePair,3,&(lvalues[5796]),0}, + NID_crossCertificatePair,3,&(lvalues[5790]),0}, {"enhancedSearchGuide","enhancedSearchGuide",NID_enhancedSearchGuide, - 3,&(lvalues[5799]),0}, + 3,&(lvalues[5793]),0}, {"protocolInformation","protocolInformation",NID_protocolInformation, - 3,&(lvalues[5802]),0}, + 3,&(lvalues[5796]),0}, {"distinguishedName","distinguishedName",NID_distinguishedName,3, - &(lvalues[5805]),0}, -{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5808]),0}, + &(lvalues[5799]),0}, +{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5802]),0}, {"houseIdentifier","houseIdentifier",NID_houseIdentifier,3, - &(lvalues[5811]),0}, + &(lvalues[5805]),0}, {"supportedAlgorithms","supportedAlgorithms",NID_supportedAlgorithms, - 3,&(lvalues[5814]),0}, + 3,&(lvalues[5808]),0}, {"deltaRevocationList","deltaRevocationList",NID_deltaRevocationList, - 3,&(lvalues[5817]),0}, -{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5820]),0}, + 3,&(lvalues[5811]),0}, +{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5814]),0}, {"id-alg-PWRI-KEK","id-alg-PWRI-KEK",NID_id_alg_PWRI_KEK,11, - &(lvalues[5823]),0}, + &(lvalues[5817]),0}, {"CMAC","cmac",NID_cmac,0,NULL,0}, -{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5834]),0}, -{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5843]),0}, +{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5828]),0}, +{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5837]),0}, {"id-aes128-wrap-pad","id-aes128-wrap-pad",NID_id_aes128_wrap_pad,9, - &(lvalues[5852]),0}, -{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5861]),0}, -{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5870]),0}, + &(lvalues[5846]),0}, +{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5855]),0}, +{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5864]),0}, {"id-aes192-wrap-pad","id-aes192-wrap-pad",NID_id_aes192_wrap_pad,9, - &(lvalues[5879]),0}, -{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5888]),0}, -{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5897]),0}, + &(lvalues[5873]),0}, +{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5882]),0}, +{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5891]),0}, {"id-aes256-wrap-pad","id-aes256-wrap-pad",NID_id_aes256_wrap_pad,9, - &(lvalues[5906]),0}, + &(lvalues[5900]),0}, {"AES-128-CTR","aes-128-ctr",NID_aes_128_ctr,0,NULL,0}, {"AES-192-CTR","aes-192-ctr",NID_aes_192_ctr,0,NULL,0}, {"AES-256-CTR","aes-256-ctr",NID_aes_256_ctr,0,NULL,0}, {"id-camellia128-wrap","id-camellia128-wrap",NID_id_camellia128_wrap, - 11,&(lvalues[5915]),0}, + 11,&(lvalues[5909]),0}, {"id-camellia192-wrap","id-camellia192-wrap",NID_id_camellia192_wrap, - 11,&(lvalues[5926]),0}, + 11,&(lvalues[5920]),0}, {"id-camellia256-wrap","id-camellia256-wrap",NID_id_camellia256_wrap, - 11,&(lvalues[5937]),0}, + 11,&(lvalues[5931]),0}, {"anyExtendedKeyUsage","Any Extended Key Usage", - NID_anyExtendedKeyUsage,4,&(lvalues[5948]),0}, -{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5952]),0}, -{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5961]),0}, + NID_anyExtendedKeyUsage,4,&(lvalues[5942]),0}, +{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5946]),0}, +{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5955]),0}, {"AES-128-XTS","aes-128-xts",NID_aes_128_xts,0,NULL,0}, {"AES-256-XTS","aes-256-xts",NID_aes_256_xts,0,NULL,0}, {"RC4-HMAC-MD5","rc4-hmac-md5",NID_rc4_hmac_md5,0,NULL,0}, @@ -2405,7 +2398,7 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ NID_aes_192_cbc_hmac_sha1,0,NULL,0}, {"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1", NID_aes_256_cbc_hmac_sha1,0,NULL,0}, -{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5970]),0}, +{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, }; static const unsigned int sn_objs[NUM_SN]={ @@ -4242,15 +4235,15 @@ static const unsigned int ln_objs[NUM_LN]={ static const unsigned int obj_objs[NUM_OBJ]={ 0, /* OBJ_undef 0 */ +181, /* OBJ_iso 1 */ 393, /* OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t */ 404, /* OBJ_ccitt OBJ_itu_t */ 645, /* OBJ_itu_t 0 */ +646, /* OBJ_joint_iso_itu_t 2 */ 434, /* OBJ_data 0 9 */ -181, /* OBJ_iso 1 */ 182, /* OBJ_member_body 1 2 */ 379, /* OBJ_org 1 3 */ 676, /* OBJ_identified_organization 1 3 */ -646, /* OBJ_joint_iso_itu_t 2 */ 11, /* OBJ_X500 2 5 */ 647, /* OBJ_international_organizations 2 23 */ 380, /* OBJ_dod 1 3 6 */ diff --git a/app/openssl/crypto/objects/obj_dat.pl b/app/openssl/crypto/objects/obj_dat.pl index c67f71c3..86bcefb9 100644 --- a/app/openssl/crypto/objects/obj_dat.pl +++ b/app/openssl/crypto/objects/obj_dat.pl @@ -115,7 +115,7 @@ for ($i=0; $i<$n; $i++) $out.="\"$sn\""; $out.=","."\"$ln\""; $out.=",NID_$nid{$i},"; - if (defined($obj{$nid{$i}})) + if (defined($obj{$nid{$i}}) && $objd{$obj{$nid{$i}}} =~ /,/) { $v=$objd{$obj{$nid{$i}}}; $v =~ s/L//g; diff --git a/app/openssl/crypto/ocsp/ocsp_ht.c b/app/openssl/crypto/ocsp/ocsp_ht.c index af5fc166..09eb855d 100644 --- a/app/openssl/crypto/ocsp/ocsp_ht.c +++ b/app/openssl/crypto/ocsp/ocsp_ht.c @@ -158,6 +158,8 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, OCSP_REQ_CTX *rctx; rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX)); + if (!rctx) + return NULL; rctx->state = OHS_ERROR; rctx->mem = BIO_new(BIO_s_mem()); rctx->io = io; @@ -167,18 +169,21 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, else rctx->iobuflen = OCSP_MAX_LINE_LEN; rctx->iobuf = OPENSSL_malloc(rctx->iobuflen); - if (!rctx->iobuf) - return 0; + if (!rctx->mem || !rctx->iobuf) + goto err; if (!path) path = "/"; if (BIO_printf(rctx->mem, post_hdr, path) <= 0) - return 0; + goto err; if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) - return 0; + goto err; return rctx; + err: + OCSP_REQ_CTX_free(rctx); + return NULL; } /* Parse the HTTP response. This will look like this: @@ -490,6 +495,9 @@ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req) ctx = OCSP_sendreq_new(b, path, req, -1); + if (!ctx) + return NULL; + do { rv = OCSP_sendreq_nbio(&resp, ctx); diff --git a/app/openssl/crypto/ocsp/ocsp_lib.c b/app/openssl/crypto/ocsp/ocsp_lib.c index a94dc838..5061c057 100644 --- a/app/openssl/crypto/ocsp/ocsp_lib.c +++ b/app/openssl/crypto/ocsp/ocsp_lib.c @@ -222,8 +222,19 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss if (!*ppath) goto mem_err; + p = host; + if(host[0] == '[') + { + /* ipv6 literal */ + host++; + p = strchr(host, ']'); + if(!p) goto parse_err; + *p = '\0'; + p++; + } + /* Look for optional ':' for port number */ - if ((p = strchr(host, ':'))) + if ((p = strchr(p, ':'))) { *p = 0; port = p + 1; diff --git a/app/openssl/crypto/ocsp/ocsp_vfy.c b/app/openssl/crypto/ocsp/ocsp_vfy.c index 27671830..fc0d4cc0 100644 --- a/app/openssl/crypto/ocsp/ocsp_vfy.c +++ b/app/openssl/crypto/ocsp/ocsp_vfy.c @@ -436,8 +436,11 @@ static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, X509_NAME *nm if(!(flags & OCSP_NOINTERN)) { signer = X509_find_by_subject(req->optionalSignature->certs, nm); - *psigner = signer; - return 1; + if (signer) + { + *psigner = signer; + return 1; + } } signer = X509_find_by_subject(certs, nm); diff --git a/app/openssl/crypto/opensslconf-32.h b/app/openssl/crypto/opensslconf-32.h index caf6f1b8..b5b3dd2b 100644 --- a/app/openssl/crypto/opensslconf-32.h +++ b/app/openssl/crypto/opensslconf-32.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslconf-64.h b/app/openssl/crypto/opensslconf-64.h index 88fb0419..30e7ad86 100644 --- a/app/openssl/crypto/opensslconf-64.h +++ b/app/openssl/crypto/opensslconf-64.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslconf-static-32.h b/app/openssl/crypto/opensslconf-static-32.h index caf6f1b8..b5b3dd2b 100644 --- a/app/openssl/crypto/opensslconf-static-32.h +++ b/app/openssl/crypto/opensslconf-static-32.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslconf-static-64.h b/app/openssl/crypto/opensslconf-static-64.h index 88fb0419..30e7ad86 100644 --- a/app/openssl/crypto/opensslconf-static-64.h +++ b/app/openssl/crypto/opensslconf-static-64.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslconf-static-trusty.h b/app/openssl/crypto/opensslconf-static-trusty.h index 06f9f982..bff5910c 100644 --- a/app/openssl/crypto/opensslconf-static-trusty.h +++ b/app/openssl/crypto/opensslconf-static-trusty.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -137,6 +140,9 @@ #ifndef OPENSSL_NO_UI # define OPENSSL_NO_UI #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -287,6 +293,9 @@ # if defined(OPENSSL_NO_UI) && !defined(NO_UI) # define NO_UI # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -446,3 +455,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslconf-trusty.h b/app/openssl/crypto/opensslconf-trusty.h index 06f9f982..bff5910c 100644 --- a/app/openssl/crypto/opensslconf-trusty.h +++ b/app/openssl/crypto/opensslconf-trusty.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -137,6 +140,9 @@ #ifndef OPENSSL_NO_UI # define OPENSSL_NO_UI #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -287,6 +293,9 @@ # if defined(OPENSSL_NO_UI) && !defined(NO_UI) # define NO_UI # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -446,3 +455,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/crypto/opensslv.h b/app/openssl/crypto/opensslv.h index c3b6acec..f375967e 100644 --- a/app/openssl/crypto/opensslv.h +++ b/app/openssl/crypto/opensslv.h @@ -1,6 +1,10 @@ #ifndef HEADER_OPENSSLV_H #define HEADER_OPENSSLV_H +#ifdef __cplusplus +extern "C" { +#endif + /* Numeric release version identifier: * MNNFFPPS: major minor fix patch status * The status nibble has one of the values 0 for development, 1 to e for betas @@ -25,11 +29,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x1000108fL +#define OPENSSL_VERSION_NUMBER 0x100010afL #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h-fips 5 Jun 2014" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1j-fips 15 Oct 2014" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h 5 Jun 2014" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1j 15 Oct 2014" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT @@ -86,4 +90,7 @@ #define SHLIB_VERSION_NUMBER "1.0.0" +#ifdef __cplusplus +} +#endif #endif /* HEADER_OPENSSLV_H */ diff --git a/app/openssl/crypto/ossl_typ.h b/app/openssl/crypto/ossl_typ.h index ea9227f6..12cdd43b 100644 --- a/app/openssl/crypto/ossl_typ.h +++ b/app/openssl/crypto/ossl_typ.h @@ -55,6 +55,10 @@ #ifndef HEADER_OPENSSL_TYPES_H #define HEADER_OPENSSL_TYPES_H +#ifdef __cplusplus +extern "C" { +#endif + #include #ifdef NO_ASN1_TYPEDEFS @@ -199,4 +203,7 @@ typedef struct ocsp_req_ctx_st OCSP_REQ_CTX; typedef struct ocsp_response_st OCSP_RESPONSE; typedef struct ocsp_responder_id_st OCSP_RESPID; +#ifdef __cplusplus +} +#endif #endif /* def HEADER_OPENSSL_TYPES_H */ diff --git a/app/openssl/crypto/pem/pvkfmt.c b/app/openssl/crypto/pem/pvkfmt.c index b1bf71a5..ae89f828 100644 --- a/app/openssl/crypto/pem/pvkfmt.c +++ b/app/openssl/crypto/pem/pvkfmt.c @@ -759,6 +759,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, /* Copy BLOBHEADER across, decrypt rest */ memcpy(enctmp, p, 8); p += 8; + if (keylen < 8) + { + PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT); + return NULL; + } inlen = keylen - 8; q = enctmp + 8; if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) diff --git a/app/openssl/crypto/pkcs7/bio_ber.c b/app/openssl/crypto/pkcs7/bio_ber.c deleted file mode 100644 index 31973fcd..00000000 --- a/app/openssl/crypto/pkcs7/bio_ber.c +++ /dev/null @@ -1,466 +0,0 @@ -/* crypto/evp/bio_ber.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -static int ber_write(BIO *h,char *buf,int num); -static int ber_read(BIO *h,char *buf,int size); -/*static int ber_puts(BIO *h,char *str); */ -/*static int ber_gets(BIO *h,char *str,int size); */ -static long ber_ctrl(BIO *h,int cmd,long arg1,char *arg2); -static int ber_new(BIO *h); -static int ber_free(BIO *data); -static long ber_callback_ctrl(BIO *h,int cmd,void *(*fp)()); -#define BER_BUF_SIZE (32) - -/* This is used to hold the state of the BER objects being read. */ -typedef struct ber_struct - { - int tag; - int class; - long length; - int inf; - int num_left; - int depth; - } BER_CTX; - -typedef struct bio_ber_struct - { - int tag; - int class; - long length; - int inf; - - /* most of the following are used when doing non-blocking IO */ - /* reading */ - long num_left; /* number of bytes still to read/write in block */ - int depth; /* used with indefinite encoding. */ - int finished; /* No more read data */ - - /* writting */ - char *w_addr; - int w_offset; - int w_left; - - int buf_len; - int buf_off; - unsigned char buf[BER_BUF_SIZE]; - } BIO_BER_CTX; - -static BIO_METHOD methods_ber= - { - BIO_TYPE_CIPHER,"cipher", - ber_write, - ber_read, - NULL, /* ber_puts, */ - NULL, /* ber_gets, */ - ber_ctrl, - ber_new, - ber_free, - ber_callback_ctrl, - }; - -BIO_METHOD *BIO_f_ber(void) - { - return(&methods_ber); - } - -static int ber_new(BIO *bi) - { - BIO_BER_CTX *ctx; - - ctx=(BIO_BER_CTX *)OPENSSL_malloc(sizeof(BIO_BER_CTX)); - if (ctx == NULL) return(0); - - memset((char *)ctx,0,sizeof(BIO_BER_CTX)); - - bi->init=0; - bi->ptr=(char *)ctx; - bi->flags=0; - return(1); - } - -static int ber_free(BIO *a) - { - BIO_BER_CTX *b; - - if (a == NULL) return(0); - b=(BIO_BER_CTX *)a->ptr; - OPENSSL_cleanse(a->ptr,sizeof(BIO_BER_CTX)); - OPENSSL_free(a->ptr); - a->ptr=NULL; - a->init=0; - a->flags=0; - return(1); - } - -int bio_ber_get_header(BIO *bio, BIO_BER_CTX *ctx) - { - char buf[64]; - int i,j,n; - int ret; - unsigned char *p; - unsigned long length - int tag; - int class; - long max; - - BIO_clear_retry_flags(b); - - /* Pack the buffer down if there is a hole at the front */ - if (ctx->buf_off != 0) - { - p=ctx->buf; - j=ctx->buf_off; - n=ctx->buf_len-j; - for (i=0; ibuf_len-j; - ctx->buf_off=0; - } - - /* If there is more room, read some more data */ - i=BER_BUF_SIZE-ctx->buf_len; - if (i) - { - i=BIO_read(bio->next_bio,&(ctx->buf[ctx->buf_len]),i); - if (i <= 0) - { - BIO_copy_next_retry(b); - return(i); - } - else - ctx->buf_len+=i; - } - - max=ctx->buf_len; - p=ctx->buf; - ret=ASN1_get_object(&p,&length,&tag,&class,max); - - if (ret & 0x80) - { - if ((ctx->buf_len < BER_BUF_SIZE) && - (ERR_GET_REASON(ERR_peek_error()) == ASN1_R_TOO_LONG)) - { - ERR_clear_error(); /* clear the error */ - BIO_set_retry_read(b); - } - return(-1); - } - - /* We have no error, we have a header, so make use of it */ - - if ((ctx->tag >= 0) && (ctx->tag != tag)) - { - BIOerr(BIO_F_BIO_BER_GET_HEADER,BIO_R_TAG_MISMATCH); - sprintf(buf,"tag=%d, got %d",ctx->tag,tag); - ERR_add_error_data(1,buf); - return(-1); - } - if (ret & 0x01) - if (ret & V_ASN1_CONSTRUCTED) - } - -static int ber_read(BIO *b, char *out, int outl) - { - int ret=0,i,n; - BIO_BER_CTX *ctx; - - BIO_clear_retry_flags(b); - - if (out == NULL) return(0); - ctx=(BIO_BER_CTX *)b->ptr; - - if ((ctx == NULL) || (b->next_bio == NULL)) return(0); - - if (ctx->finished) return(0); - -again: - /* First see if we are half way through reading a block */ - if (ctx->num_left > 0) - { - if (ctx->num_left < outl) - n=ctx->num_left; - else - n=outl; - i=BIO_read(b->next_bio,out,n); - if (i <= 0) - { - BIO_copy_next_retry(b); - return(i); - } - ctx->num_left-=i; - outl-=i; - ret+=i; - if (ctx->num_left <= 0) - { - ctx->depth--; - if (ctx->depth <= 0) - ctx->finished=1; - } - if (outl <= 0) - return(ret); - else - goto again; - } - else /* we need to read another BER header */ - { - } - } - -static int ber_write(BIO *b, char *in, int inl) - { - int ret=0,n,i; - BIO_ENC_CTX *ctx; - - ctx=(BIO_ENC_CTX *)b->ptr; - ret=inl; - - BIO_clear_retry_flags(b); - n=ctx->buf_len-ctx->buf_off; - while (n > 0) - { - i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); - if (i <= 0) - { - BIO_copy_next_retry(b); - return(i); - } - ctx->buf_off+=i; - n-=i; - } - /* at this point all pending data has been written */ - - if ((in == NULL) || (inl <= 0)) return(0); - - ctx->buf_off=0; - while (inl > 0) - { - n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl; - EVP_CipherUpdate(&(ctx->cipher), - (unsigned char *)ctx->buf,&ctx->buf_len, - (unsigned char *)in,n); - inl-=n; - in+=n; - - ctx->buf_off=0; - n=ctx->buf_len; - while (n > 0) - { - i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); - if (i <= 0) - { - BIO_copy_next_retry(b); - return(i); - } - n-=i; - ctx->buf_off+=i; - } - ctx->buf_len=0; - ctx->buf_off=0; - } - BIO_copy_next_retry(b); - return(ret); - } - -static long ber_ctrl(BIO *b, int cmd, long num, char *ptr) - { - BIO *dbio; - BIO_ENC_CTX *ctx,*dctx; - long ret=1; - int i; - - ctx=(BIO_ENC_CTX *)b->ptr; - - switch (cmd) - { - case BIO_CTRL_RESET: - ctx->ok=1; - ctx->finished=0; - EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL, - ctx->cipher.berrypt); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_EOF: /* More to read */ - if (ctx->cont <= 0) - ret=1; - else - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_WPENDING: - ret=ctx->buf_len-ctx->buf_off; - if (ret <= 0) - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_PENDING: /* More to read in buffer */ - ret=ctx->buf_len-ctx->buf_off; - if (ret <= 0) - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_FLUSH: - /* do a final write */ -again: - while (ctx->buf_len != ctx->buf_off) - { - i=ber_write(b,NULL,0); - if (i < 0) - { - ret=i; - break; - } - } - - if (!ctx->finished) - { - ctx->finished=1; - ctx->buf_off=0; - ret=EVP_CipherFinal_ex(&(ctx->cipher), - (unsigned char *)ctx->buf, - &(ctx->buf_len)); - ctx->ok=(int)ret; - if (ret <= 0) break; - - /* push out the bytes */ - goto again; - } - - /* Finally flush the underlying BIO */ - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_C_GET_CIPHER_STATUS: - ret=(long)ctx->ok; - break; - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - BIO_copy_next_retry(b); - break; - - case BIO_CTRL_DUP: - dbio=(BIO *)ptr; - dctx=(BIO_ENC_CTX *)dbio->ptr; - memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher)); - dbio->init=1; - break; - default: - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - } - return(ret); - } - -static long ber_callback_ctrl(BIO *b, int cmd, void *(*fp)()) - { - long ret=1; - - if (b->next_bio == NULL) return(0); - switch (cmd) - { - default: - ret=BIO_callback_ctrl(b->next_bio,cmd,fp); - break; - } - return(ret); - } - -/* -void BIO_set_cipher_ctx(b,c) -BIO *b; -EVP_CIPHER_ctx *c; - { - if (b == NULL) return; - - if ((b->callback != NULL) && - (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0)) - return; - - b->init=1; - ctx=(BIO_ENC_CTX *)b->ptr; - memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX)); - - if (b->callback != NULL) - b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L); - } -*/ - -void BIO_set_cipher(BIO *b, EVP_CIPHER *c, unsigned char *k, unsigned char *i, - int e) - { - BIO_ENC_CTX *ctx; - - if (b == NULL) return; - - if ((b->callback != NULL) && - (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0)) - return; - - b->init=1; - ctx=(BIO_ENC_CTX *)b->ptr; - EVP_CipherInit_ex(&(ctx->cipher),c,NULL,k,i,e); - - if (b->callback != NULL) - b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L); - } - diff --git a/app/openssl/crypto/pkcs7/dec.c b/app/openssl/crypto/pkcs7/dec.c deleted file mode 100644 index 6752ec56..00000000 --- a/app/openssl/crypto/pkcs7/dec.c +++ /dev/null @@ -1,248 +0,0 @@ -/* crypto/pkcs7/verify.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include -#include -#include -#include -#include -#include -#include -#include - -int verify_callback(int ok, X509_STORE_CTX *ctx); - -BIO *bio_err=NULL; - -int main(argc,argv) -int argc; -char *argv[]; - { - char *keyfile=NULL; - BIO *in; - EVP_PKEY *pkey; - X509 *x509; - PKCS7 *p7; - PKCS7_SIGNER_INFO *si; - X509_STORE_CTX cert_ctx; - X509_STORE *cert_store=NULL; - BIO *data,*detached=NULL,*p7bio=NULL; - char buf[1024*4]; - unsigned char *pp; - int i,printit=0; - STACK_OF(PKCS7_SIGNER_INFO) *sk; - - OpenSSL_add_all_algorithms(); - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - - data=BIO_new(BIO_s_file()); - pp=NULL; - while (argc > 1) - { - argc--; - argv++; - if (strcmp(argv[0],"-p") == 0) - { - printit=1; - } - else if ((strcmp(argv[0],"-k") == 0) && (argc >= 2)) { - keyfile = argv[1]; - argc-=1; - argv+=1; - } else if ((strcmp(argv[0],"-d") == 0) && (argc >= 2)) - { - detached=BIO_new(BIO_s_file()); - if (!BIO_read_filename(detached,argv[1])) - goto err; - argc-=1; - argv+=1; - } - else break; - } - - if (!BIO_read_filename(data,argv[0])) goto err; - - if(!keyfile) { - fprintf(stderr, "No private key file specified\n"); - goto err; - } - - if ((in=BIO_new_file(keyfile,"r")) == NULL) goto err; - if ((x509=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) goto err; - BIO_reset(in); - if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,NULL)) == NULL) - goto err; - BIO_free(in); - - if (pp == NULL) - BIO_set_fp(data,stdin,BIO_NOCLOSE); - - - /* Load the PKCS7 object from a file */ - if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL,NULL)) == NULL) goto err; - - - - /* This stuff is being setup for certificate verification. - * When using SSL, it could be replaced with a - * cert_stre=SSL_CTX_get_cert_store(ssl_ctx); */ - cert_store=X509_STORE_new(); - X509_STORE_set_default_paths(cert_store); - X509_STORE_load_locations(cert_store,NULL,"../../certs"); - X509_STORE_set_verify_cb_func(cert_store,verify_callback); - - ERR_clear_error(); - - /* We need to process the data */ - /* We cannot support detached encryption */ - p7bio=PKCS7_dataDecode(p7,pkey,detached,x509); - - if (p7bio == NULL) - { - printf("problems decoding\n"); - goto err; - } - - /* We now have to 'read' from p7bio to calculate digests etc. */ - for (;;) - { - i=BIO_read(p7bio,buf,sizeof(buf)); - /* print it? */ - if (i <= 0) break; - fwrite(buf,1, i, stdout); - } - - /* We can now verify signatures */ - sk=PKCS7_get_signer_info(p7); - if (sk == NULL) - { - fprintf(stderr, "there are no signatures on this data\n"); - } - else - { - /* Ok, first we need to, for each subject entry, - * see if we can verify */ - ERR_clear_error(); - for (i=0; ierror) - { - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256); - BIO_printf(bio_err,"issuer= %s\n",buf); - break; - case X509_V_ERR_CERT_NOT_YET_VALID: - case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - BIO_printf(bio_err,"notBefore="); - ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert)); - BIO_printf(bio_err,"\n"); - break; - case X509_V_ERR_CERT_HAS_EXPIRED: - case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - BIO_printf(bio_err,"notAfter="); - ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert)); - BIO_printf(bio_err,"\n"); - break; - } - BIO_printf(bio_err,"verify return:%d\n",ok); - return(ok); - } diff --git a/app/openssl/crypto/pkcs7/des.pem b/app/openssl/crypto/pkcs7/des.pem deleted file mode 100644 index 62d1657e..00000000 --- a/app/openssl/crypto/pkcs7/des.pem +++ /dev/null @@ -1,15 +0,0 @@ - -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEC2vXI1xQDW6lUHM3zQ -/9uBEBOO5A3TtkrklAXq7v01gsIC21t52qSk36REXY+slhNZ0OQ349tgkTsoETHFLoEwMIHw -AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI -QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G -CSqGSIb3DQEBAQUABEB8ujxbabxXUYJhopuDm3oDq4JNqX6Io4p3ro+ShqfIndsXTZ1v5a2N -WtLLCWlHn/habjBwZ/DgQgcKASbZ7QxNMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA -oAQIbsL5v1wX98KggAQoAaJ4WHm68fXY1WE5OIjfVBIDpO1K+i8dmKhjnAjrjoyZ9Bwc8rDL -lgQg4CXb805h5xl+GfvSwUaHJayte1m2mcOhs3J2YyqbQ+MEIMIiJQccmhO3oDKm36CFvYR8 -5PjpclVcZyX2ngbwPFMnBAgy0clOAE6UKAAAAAAAAAAAAAA= - diff --git a/app/openssl/crypto/pkcs7/doc b/app/openssl/crypto/pkcs7/doc deleted file mode 100644 index d2e8b7b2..00000000 --- a/app/openssl/crypto/pkcs7/doc +++ /dev/null @@ -1,24 +0,0 @@ -int PKCS7_set_content_type(PKCS7 *p7, int type); -Call to set the type of PKCS7 object we are working on - -int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, - EVP_MD *dgst); -Use this to setup a signer info -There will also be functions to add signed and unsigned attributes. - -int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i); -Add a signer info to the content. - -int PKCS7_add_certificae(PKCS7 *p7, X509 *x509); -int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509); - ----- - -p7=PKCS7_new(); -PKCS7_set_content_type(p7,NID_pkcs7_signed); - -signer=PKCS7_SINGNER_INFO_new(); -PKCS7_SIGNER_INFO_set(signer,x509,pkey,EVP_md5()); -PKCS7_add_signer(py,signer); - -we are now setup. diff --git a/app/openssl/crypto/pkcs7/enc.c b/app/openssl/crypto/pkcs7/enc.c deleted file mode 100644 index 7417f8a4..00000000 --- a/app/openssl/crypto/pkcs7/enc.c +++ /dev/null @@ -1,174 +0,0 @@ -/* crypto/pkcs7/enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include -#include -#include -#include -#include -#include - -int main(argc,argv) -int argc; -char *argv[]; - { - X509 *x509; - PKCS7 *p7; - BIO *in; - BIO *data,*p7bio; - char buf[1024*4]; - int i; - int nodetach=1; - char *keyfile = NULL; - const EVP_CIPHER *cipher=NULL; - STACK_OF(X509) *recips=NULL; - - OpenSSL_add_all_algorithms(); - - data=BIO_new(BIO_s_file()); - while(argc > 1) - { - if (strcmp(argv[1],"-nd") == 0) - { - nodetach=1; - argv++; argc--; - } - else if ((strcmp(argv[1],"-c") == 0) && (argc >= 2)) { - if(!(cipher = EVP_get_cipherbyname(argv[2]))) { - fprintf(stderr, "Unknown cipher %s\n", argv[2]); - goto err; - } - argc-=2; - argv+=2; - } else if ((strcmp(argv[1],"-k") == 0) && (argc >= 2)) { - keyfile = argv[2]; - argc-=2; - argv+=2; - if (!(in=BIO_new_file(keyfile,"r"))) goto err; - if (!(x509=PEM_read_bio_X509(in,NULL,NULL,NULL))) - goto err; - if(!recips) recips = sk_X509_new_null(); - sk_X509_push(recips, x509); - BIO_free(in); - } else break; - } - - if(!recips) { - fprintf(stderr, "No recipients\n"); - goto err; - } - - if (!BIO_read_filename(data,argv[1])) goto err; - - p7=PKCS7_new(); -#if 0 - BIO_reset(in); - if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err; - BIO_free(in); - PKCS7_set_type(p7,NID_pkcs7_signedAndEnveloped); - - if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err; - /* we may want to add more */ - PKCS7_add_certificate(p7,x509); -#else - PKCS7_set_type(p7,NID_pkcs7_enveloped); -#endif - if(!cipher) { -#ifndef OPENSSL_NO_DES - cipher = EVP_des_ede3_cbc(); -#else - fprintf(stderr, "No cipher selected\n"); - goto err; -#endif - } - - if (!PKCS7_set_cipher(p7,cipher)) goto err; - for(i = 0; i < sk_X509_num(recips); i++) { - if (!PKCS7_add_recipient(p7,sk_X509_value(recips, i))) goto err; - } - sk_X509_pop_free(recips, X509_free); - - /* Set the content of the signed to 'data' */ - /* PKCS7_content_new(p7,NID_pkcs7_data); not used in envelope */ - - /* could be used, but not in this version :-) - if (!nodetach) PKCS7_set_detached(p7,1); - */ - - if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err; - - for (;;) - { - i=BIO_read(data,buf,sizeof(buf)); - if (i <= 0) break; - BIO_write(p7bio,buf,i); - } - BIO_flush(p7bio); - - if (!PKCS7_dataFinal(p7,p7bio)) goto err; - BIO_free(p7bio); - - PEM_write_PKCS7(stdout,p7); - PKCS7_free(p7); - - exit(0); -err: - ERR_load_crypto_strings(); - ERR_print_errors_fp(stderr); - exit(1); - } - diff --git a/app/openssl/crypto/pkcs7/es1.pem b/app/openssl/crypto/pkcs7/es1.pem deleted file mode 100644 index 47112a23..00000000 --- a/app/openssl/crypto/pkcs7/es1.pem +++ /dev/null @@ -1,66 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqGSIb3DQEBAQUABEDWak0y/5XZJhQJeCLo -KECcHXkTEbjzYkYNHIinbiPmRK4QbNfs9z2mA3z/c2ykQ4eAqFR2jyNrUMN/+I5XEiv6MIHw -AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI -QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G -CSqGSIb3DQEBAQUABEAWg9+KgtCjc77Jdj1Ve4wGgHjVHbbSYEA1ZqKFDoi15vSr9hfpHmC4 -ycZzcRo16JkTfolefiHZzmyjVz94vSN6MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA -oAQI7X4Tk4mcbV6ggASBsHl1mCaJ3RhXWlNPCgCRU53d7M5x6TDZRkvwdtdvW96m1lupT03F -XtonkBqk7oMkH7kGfs5/REQOPjx0QE2Ixmgt1W3szum82EZwA7pZNppcraK7W/odw/7bYZO+ -II3HPmRklE2N9qiu1LPaPUsnYogkO6SennyeL5tZ382vBweL/8pnG0qsbT1OBb65v+llnsjT -pa1T/p+fIx/iJJGE6K9fYFokC6gXLQ6ozXRdOu5oBDB8mPCYYvAqKycidM/MrGGUkpEtS4f0 -lS31PwQi5YTim8Ig3/TOwVpPX32i46FTuEIEIMHkD/OvpfwCCzXUHHJnKnKUAUvIsSY3vGBs -8ezpUDfBBBj9LHDy32hZ2tQilkDefP5VM2LLdrWgamYEgfiyITQvn08Ul5lQOQxbFKBheFq5 -otCCN4MR+w5eq12xQu6y+f9z0159ag2ru87D0lLtUtXXtCELbO1nUkT2sJ0k/iDs9TOXr6Cx -go1XKYho83hlkXYiCteVizdAbgVGNsNRD4wtIdajsorET/LuJECgp11YeL9w1dlDB0HLEZfi -XCsUphH4jGagba3hDeUSibnjSiJlN0ukfuQurBBbI2UkBAujiEAubKPn7C1FZJRSw6CPPX5t -KEpmcqT1JNk6LO8Js6/1sCmmBh1VGCy1+EuTI9J1p7Dagf4nQ8cHitoCRpHuKZlFHnZyv7tw -Rn/KOhHaYP2VzAh40gQIvKMAAWh9oFsEEIMwIoOmLwLH5wf+8QdbDhoECH8HwZt9a12dBAjL -r4j2zlvtfgQIt7nmEM3wz1EECKlc3EIy1irCBBCAKINcermK3A+jI6ISN2RzBFA3dsh/xwMu -l61aWMBBZzEz/SF92k6n35KZhCC0d6fIVC/1WMv0fnCwQ8oEDynSre216VEFiYKBaQLJe5o/ -mTAxC7Ht3goXnuc+i1FItOkLrgRI/wyvTICEn2WsNZiMADnGaee2bqPnUopo+VMGexJEtCPk -l0ZNlDJGquPDkpUwaEtecVZzCNyVPYyyF4J/l8rmGDhDdYUIC8IKBEg/ip/E0BuubBLWVbv+ -HRl4QrnGpyCyeXRXXK603QP3sT1Zbbm1v5pI/loOhVHi724LmtXHSyp5qv9MDcxE1PoX10LY -gBRtlwwESPeCF8bK5jk4xIQMhK5NMHj1Y1KQWTZ9NGITBL4hjRq2qp4Qk5GIpGgOVPopAuCo -TIyPikpqBRNtLSPRSsDs6QPUPzWBh6JgxwRQblnDKKUkxUcnJiD4i9QtGa/ZabMn4KxtNOBL -5JSh1nJkaLXCZY070131WWPAByLcd5TiXq8x84pmzV5NNk4tiMpoXhJNsx8e4rskQQlKd6ME -SCe2eYDHKcKPX3WJbUzhrJSQ92/aWnI2iUY8WQ+kSNyiZ2QUjyuUg9Z66g/0d2STlvPOBHT/ -y5ODP2CwbcWX4QmCbUc9TT66fQRIrRVuwvtOfnUueyGgYhJ3HpAJfVaB/7kap5bj7Fi/azW4 -9JDfd1bC/W9h0Kyk7RO2gxvE0hIHc26mZJHTm9MNP5D328MnM2MdBEjKjQBtgrp+lFIii7MP -nGHFTKUkG4WAIZJCf/CsT+p6/SW0qG71Me/YcSw5STB24j+a+HgMV8RVIeUlkP4z0IWWrSoB -Gh4d/Z0EUMCVHs/HZ/bWgiyhtHpvuVAzidm8D81p1LJ5BQX5/5f/m+q5+fS/npL27dTEbNqs -LSB6ij3MZAi7LwHWpTn9zWnDajCMEj9vlaV7mcKtHK5iBEg85agFi1h3MvicqLtoFe5hVv9T -tG0j6CRkjkixPzivltlrf44KHv14gLM0XJxCGyq7vd3l8QYr3+9at0zNnX/yqTiBnsnE5dUE -SIgrYuz87M2gi/ER9PcDoTtONH3+CkcqVy03q/Sj8cVWD/b1KgEhqnNOfc8Ak9PctyR/ItcR -8Me5XVn1GJKkQJk4O29fxvgNoAQIrIESvUWGshAEQByXiFoFTDUByjTlgjcy77H1lrH+y3P/ -wAInJjJAut9kCNyGJV0PA4kdPB5USWltuO6t8gk4Pd2YBMl09zqUWkAEUCjFrtZ3mapjcGZI -uQTASKR5LSjXoWxTT5gae/+64MerF/oCEeO3ehRTpjnPrsiRDo0rWIQTaj9+Nro8Z2xtWstw -RnfoAHIxV1lEamPwjsceBEi2SD9hiifFeO5ECiVoaE1FdXUXhU+jwYAMx6jHWO9hMkYzS9pM -Y3IyWR5ybtOjiQgkUdvRJPUPGf5DVVMPnymGX25aDh5PYpIESPbsM9akCpOOVuscywcUswmU -o7dXvlB48WWCfg/al3BQKAZbn5ZXtWNwpUZkrEdHsrxAVv3rxRcdkT3Z1fzUbIuYkLJN200o -WgRIJvn6RO8KEj7/HOg2sYuuM8nz1kR0TSgwX7/0y/7JfjBa0JIlP7o75sNJscE8oyoIMzuy -Dvn6/U9g3BCDXn83A/s+ke60qn9gBFC6NAeLOlXal1YVWYhMQNOqCyUfAjiXBTawaysQb1Mk -YgeNlF8xuEFcUQWIP+vNG7FJ5JPMaMRL4YEoaQ3sVFhYOERJR1cSb+8xt4QCYtBKQgRIUOmJ -CHW5o1hXJWJiTkZK2qWFcEMzTINSj5EpYFySr8aVBjkRnI7vxegRT/+XZZXoYedQ3UNsnGI3 -DdkWii5VzX0PNF6C60pfBEiVpausYuX7Wjb3Lfm8cBj7GgN69i6Pm2gxtobVcmpo2nS4D714 -ePyhlX9n8kJ6QAcqWMRj22smDPrHVGNTizfzHBh5zNllK9gESJizILOWI327og3ZWp+qUht5 -kNDJCzMK7Z09UAy+h+vq0VTQuEo3FgLzVdqkJujjSL4Nx97lXg51AovrEn3nd4evydwcjKLX -1wRIo72NaeWuUEQ+rt1SlCsOJ7k1ioJSqhrPOfvwcaFcb4beVet1JWiy4yvowTjLDGbUje2s -xjrlVt4BJWI/uA6jbQsrxSe89ADZBAi5YAlR4qszeAQIXD3VSBVKbRUECNTtyvw9vvqXBAhb -IZNn4H4cxgQI+XW7GkfL+ekECCCCg2reMyGDBAh1PYqkg3lw3gQQkNlggEPU+BH8eh7Gm7n7 -7AQIjC5EWbkil5cEEKcpuqwTWww/X89KnQAg8TcECJPomqHvrlZFBBiRSuIiHpmN+PaujXpv -qZV2VhjkB2j09GEECOIdv8AVOJgKBAjlHgIqAD9jZQQIXHbs44+wogcEIGGqTACRJxrhMcMG -X8drNjksIPt+snxTXUBIkTVpZWoABAh6unXPTyIr8QQgBF8xKoX27MWk7iTNmkSNZggZXa2a -DWCGHSYLngbSOHIECD9XmO6VsvTgBAjfqB70CEW4WwQIVIBkbCocznUEEHB/zFXy/sR4OYHe -UfbNPnIEEDWBB/NTCLMGE+o8BfyujcAECFik7GQnnF9VBBAhLXExQeWAofZNc6NtN7qZBCC1 -gVIS3ruTwKltmcrgx3heT3M8ZJhCfWa+6KzchnmKygQQ+1NL5sSzR4m/fdrqxHFyUAQYCT2x -PamQr3wK3h0lyZER+4H0zPM86AhFBBC3CkmvL2vjflMfujnzPBVpBBge9rMbI5+0q9DLrTiT -5F3AIgXLpD8PQWAECHkHVo6RomV3BAgMbi8E271UeAQIqtS8wnI3XngECG3TWmOMb3/iBEha -y+mvCS6I3n3JfL8e1B5P4qX9/czJRaERLuKpGNjLiL4A+zxN0LZ0UHd0qfmJjwOTxAx3iJAC -lGXX4nB9ATYPUT5EU+o1Y4sECN01pP6vWNIdBDAsiE0Ts8/9ltJlqX2B3AoOM4qOt9EaCjXf -lB+aEmrhtjUwuZ6GqS5Ke7P6XnakTk4ECCLIMatNdootAAAAAAAAAAAAAA== ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/example.c b/app/openssl/crypto/pkcs7/example.c deleted file mode 100644 index 2953d04b..00000000 --- a/app/openssl/crypto/pkcs7/example.c +++ /dev/null @@ -1,329 +0,0 @@ -#include -#include -#include -#include -#include -#include - -int add_signed_time(PKCS7_SIGNER_INFO *si) - { - ASN1_UTCTIME *sign_time; - - /* The last parameter is the amount to add/subtract from the current - * time (in seconds) */ - sign_time=X509_gmtime_adj(NULL,0); - PKCS7_add_signed_attribute(si,NID_pkcs9_signingTime, - V_ASN1_UTCTIME,(char *)sign_time); - return(1); - } - -ASN1_UTCTIME *get_signed_time(PKCS7_SIGNER_INFO *si) - { - ASN1_TYPE *so; - - so=PKCS7_get_signed_attribute(si,NID_pkcs9_signingTime); - if (so->type == V_ASN1_UTCTIME) - return so->value.utctime; - return NULL; - } - -static int signed_string_nid= -1; - -void add_signed_string(PKCS7_SIGNER_INFO *si, char *str) - { - ASN1_OCTET_STRING *os; - - /* To a an object of OID 1.2.3.4.5, which is an octet string */ - if (signed_string_nid == -1) - signed_string_nid= - OBJ_create("1.2.3.4.5","OID_example","Our example OID"); - os=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os,(unsigned char*)str,strlen(str)); - /* When we add, we do not free */ - PKCS7_add_signed_attribute(si,signed_string_nid, - V_ASN1_OCTET_STRING,(char *)os); - } - -int get_signed_string(PKCS7_SIGNER_INFO *si, char *buf, int len) - { - ASN1_TYPE *so; - ASN1_OCTET_STRING *os; - int i; - - if (signed_string_nid == -1) - signed_string_nid= - OBJ_create("1.2.3.4.5","OID_example","Our example OID"); - /* To retrieve */ - so=PKCS7_get_signed_attribute(si,signed_string_nid); - if (so != NULL) - { - if (so->type == V_ASN1_OCTET_STRING) - { - os=so->value.octet_string; - i=os->length; - if ((i+1) > len) - i=len-1; - memcpy(buf,os->data,i); - return(i); - } - } - return(0); - } - -static int signed_seq2string_nid= -1; -/* ########################################### */ -int add_signed_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) - { - /* To add an object of OID 1.9.999, which is a sequence containing - * 2 octet strings */ - unsigned char *p; - ASN1_OCTET_STRING *os1,*os2; - ASN1_STRING *seq; - unsigned char *data; - int i,total; - - if (signed_seq2string_nid == -1) - signed_seq2string_nid= - OBJ_create("1.9.9999","OID_example","Our example OID"); - - os1=ASN1_OCTET_STRING_new(); - os2=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os1,(unsigned char*)str1,strlen(str1)); - ASN1_OCTET_STRING_set(os2,(unsigned char*)str1,strlen(str1)); - i =i2d_ASN1_OCTET_STRING(os1,NULL); - i+=i2d_ASN1_OCTET_STRING(os2,NULL); - total=ASN1_object_size(1,i,V_ASN1_SEQUENCE); - - data=malloc(total); - p=data; - ASN1_put_object(&p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - i2d_ASN1_OCTET_STRING(os1,&p); - i2d_ASN1_OCTET_STRING(os2,&p); - - seq=ASN1_STRING_new(); - ASN1_STRING_set(seq,data,total); - free(data); - ASN1_OCTET_STRING_free(os1); - ASN1_OCTET_STRING_free(os2); - - PKCS7_add_signed_attribute(si,signed_seq2string_nid, - V_ASN1_SEQUENCE,(char *)seq); - return(1); - } - -/* For this case, I will malloc the return strings */ -int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) - { - ASN1_TYPE *so; - - if (signed_seq2string_nid == -1) - signed_seq2string_nid= - OBJ_create("1.9.9999","OID_example","Our example OID"); - /* To retrieve */ - so=PKCS7_get_signed_attribute(si,signed_seq2string_nid); - if (so && (so->type == V_ASN1_SEQUENCE)) - { - ASN1_const_CTX c; - ASN1_STRING *s; - long length; - ASN1_OCTET_STRING *os1,*os2; - - s=so->value.sequence; - c.p=ASN1_STRING_data(s); - c.max=c.p+ASN1_STRING_length(s); - if (!asn1_GetSequence(&c,&length)) goto err; - /* Length is the length of the seqence */ - - c.q=c.p; - if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) - goto err; - c.slen-=(c.p-c.q); - - c.q=c.p; - if ((os2=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) - goto err; - c.slen-=(c.p-c.q); - - if (!asn1_const_Finish(&c)) goto err; - *str1=malloc(os1->length+1); - *str2=malloc(os2->length+1); - memcpy(*str1,os1->data,os1->length); - memcpy(*str2,os2->data,os2->length); - (*str1)[os1->length]='\0'; - (*str2)[os2->length]='\0'; - ASN1_OCTET_STRING_free(os1); - ASN1_OCTET_STRING_free(os2); - return(1); - } -err: - return(0); - } - - -/* ####################################### - * THE OTHER WAY TO DO THINGS - * ####################################### - */ -X509_ATTRIBUTE *create_time(void) - { - ASN1_UTCTIME *sign_time; - X509_ATTRIBUTE *ret; - - /* The last parameter is the amount to add/subtract from the current - * time (in seconds) */ - sign_time=X509_gmtime_adj(NULL,0); - ret=X509_ATTRIBUTE_create(NID_pkcs9_signingTime, - V_ASN1_UTCTIME,(char *)sign_time); - return(ret); - } - -ASN1_UTCTIME *sk_get_time(STACK_OF(X509_ATTRIBUTE) *sk) - { - ASN1_TYPE *so; - PKCS7_SIGNER_INFO si; - - si.auth_attr=sk; - so=PKCS7_get_signed_attribute(&si,NID_pkcs9_signingTime); - if (so->type == V_ASN1_UTCTIME) - return so->value.utctime; - return NULL; - } - -X509_ATTRIBUTE *create_string(char *str) - { - ASN1_OCTET_STRING *os; - X509_ATTRIBUTE *ret; - - /* To a an object of OID 1.2.3.4.5, which is an octet string */ - if (signed_string_nid == -1) - signed_string_nid= - OBJ_create("1.2.3.4.5","OID_example","Our example OID"); - os=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os,(unsigned char*)str,strlen(str)); - /* When we add, we do not free */ - ret=X509_ATTRIBUTE_create(signed_string_nid, - V_ASN1_OCTET_STRING,(char *)os); - return(ret); - } - -int sk_get_string(STACK_OF(X509_ATTRIBUTE) *sk, char *buf, int len) - { - ASN1_TYPE *so; - ASN1_OCTET_STRING *os; - int i; - PKCS7_SIGNER_INFO si; - - si.auth_attr=sk; - - if (signed_string_nid == -1) - signed_string_nid= - OBJ_create("1.2.3.4.5","OID_example","Our example OID"); - /* To retrieve */ - so=PKCS7_get_signed_attribute(&si,signed_string_nid); - if (so != NULL) - { - if (so->type == V_ASN1_OCTET_STRING) - { - os=so->value.octet_string; - i=os->length; - if ((i+1) > len) - i=len-1; - memcpy(buf,os->data,i); - return(i); - } - } - return(0); - } - -X509_ATTRIBUTE *add_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) - { - /* To add an object of OID 1.9.999, which is a sequence containing - * 2 octet strings */ - unsigned char *p; - ASN1_OCTET_STRING *os1,*os2; - ASN1_STRING *seq; - X509_ATTRIBUTE *ret; - unsigned char *data; - int i,total; - - if (signed_seq2string_nid == -1) - signed_seq2string_nid= - OBJ_create("1.9.9999","OID_example","Our example OID"); - - os1=ASN1_OCTET_STRING_new(); - os2=ASN1_OCTET_STRING_new(); - ASN1_OCTET_STRING_set(os1,(unsigned char*)str1,strlen(str1)); - ASN1_OCTET_STRING_set(os2,(unsigned char*)str1,strlen(str1)); - i =i2d_ASN1_OCTET_STRING(os1,NULL); - i+=i2d_ASN1_OCTET_STRING(os2,NULL); - total=ASN1_object_size(1,i,V_ASN1_SEQUENCE); - - data=malloc(total); - p=data; - ASN1_put_object(&p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - i2d_ASN1_OCTET_STRING(os1,&p); - i2d_ASN1_OCTET_STRING(os2,&p); - - seq=ASN1_STRING_new(); - ASN1_STRING_set(seq,data,total); - free(data); - ASN1_OCTET_STRING_free(os1); - ASN1_OCTET_STRING_free(os2); - - ret=X509_ATTRIBUTE_create(signed_seq2string_nid, - V_ASN1_SEQUENCE,(char *)seq); - return(ret); - } - -/* For this case, I will malloc the return strings */ -int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2) - { - ASN1_TYPE *so; - PKCS7_SIGNER_INFO si; - - if (signed_seq2string_nid == -1) - signed_seq2string_nid= - OBJ_create("1.9.9999","OID_example","Our example OID"); - - si.auth_attr=sk; - /* To retrieve */ - so=PKCS7_get_signed_attribute(&si,signed_seq2string_nid); - if (so->type == V_ASN1_SEQUENCE) - { - ASN1_const_CTX c; - ASN1_STRING *s; - long length; - ASN1_OCTET_STRING *os1,*os2; - - s=so->value.sequence; - c.p=ASN1_STRING_data(s); - c.max=c.p+ASN1_STRING_length(s); - if (!asn1_GetSequence(&c,&length)) goto err; - /* Length is the length of the seqence */ - - c.q=c.p; - if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) - goto err; - c.slen-=(c.p-c.q); - - c.q=c.p; - if ((os2=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) - goto err; - c.slen-=(c.p-c.q); - - if (!asn1_const_Finish(&c)) goto err; - *str1=malloc(os1->length+1); - *str2=malloc(os2->length+1); - memcpy(*str1,os1->data,os1->length); - memcpy(*str2,os2->data,os2->length); - (*str1)[os1->length]='\0'; - (*str2)[os2->length]='\0'; - ASN1_OCTET_STRING_free(os1); - ASN1_OCTET_STRING_free(os2); - return(1); - } -err: - return(0); - } - - diff --git a/app/openssl/crypto/pkcs7/example.h b/app/openssl/crypto/pkcs7/example.h deleted file mode 100644 index 96167de1..00000000 --- a/app/openssl/crypto/pkcs7/example.h +++ /dev/null @@ -1,57 +0,0 @@ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -int add_signed_time(PKCS7_SIGNER_INFO *si); -ASN1_UTCTIME *get_signed_time(PKCS7_SIGNER_INFO *si); -int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2); diff --git a/app/openssl/crypto/pkcs7/info.pem b/app/openssl/crypto/pkcs7/info.pem deleted file mode 100644 index 989baf87..00000000 --- a/app/openssl/crypto/pkcs7/info.pem +++ /dev/null @@ -1,57 +0,0 @@ -issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA -subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com -serial :047D - -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1149 (0x47d) - Signature Algorithm: md5withRSAEncryption - Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA - Validity - Not Before: May 13 05:40:58 1998 GMT - Not After : May 12 05:40:58 2000 GMT - Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Modulus: - 00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81: - 73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc: - 89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29: - fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f: - e7:e7:0c:4d:0b - Exponent: 65537 (0x10001) - X509v3 extensions: - Netscape Comment: - Generated with SSLeay - Signature Algorithm: md5withRSAEncryption - 52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55: - f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97: - d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b: - 50:74:ad:92:cb:4e:90:e5:fa:7d - ------BEGIN CERTIFICATE----- -MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV -MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE -ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E -IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw -NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK -UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0 -aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG -9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf -lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB -hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA -UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8 -4A3ZItobUHStkstOkOX6fQ== ------END CERTIFICATE----- - ------BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9 -mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG -fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/ -zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29 -p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b -bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk -IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG ------END RSA PRIVATE KEY----- diff --git a/app/openssl/crypto/pkcs7/infokey.pem b/app/openssl/crypto/pkcs7/infokey.pem deleted file mode 100644 index 1e2acc95..00000000 --- a/app/openssl/crypto/pkcs7/infokey.pem +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9 -mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG -fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/ -zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29 -p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b -bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk -IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG ------END RSA PRIVATE KEY----- diff --git a/app/openssl/crypto/pkcs7/p7/a1 b/app/openssl/crypto/pkcs7/p7/a1 deleted file mode 100644 index 56ca9437..00000000 --- a/app/openssl/crypto/pkcs7/p7/a1 +++ /dev/null @@ -1,2 +0,0 @@ -j,H>_æá_­DôzEîLœ VJ³ß觬¤””E3ûáYäx%_Àk -3ê)DLScñ8% ôM \ No newline at end of file diff --git a/app/openssl/crypto/pkcs7/p7/a2 b/app/openssl/crypto/pkcs7/p7/a2 deleted file mode 100644 index 23d8fb5e..00000000 --- a/app/openssl/crypto/pkcs7/p7/a2 +++ /dev/null @@ -1 +0,0 @@ -k~@a”,NâM͹¼ ­×U¿o_½BqrmÎ?Ù t?t÷ÏéId2‰Š \ No newline at end of file diff --git a/app/openssl/crypto/pkcs7/p7/cert.p7c b/app/openssl/crypto/pkcs7/p7/cert.p7c deleted file mode 100644 index 2b75ec05..00000000 Binary files a/app/openssl/crypto/pkcs7/p7/cert.p7c and /dev/null differ diff --git a/app/openssl/crypto/pkcs7/p7/smime.p7m b/app/openssl/crypto/pkcs7/p7/smime.p7m deleted file mode 100644 index 2b6e6f82..00000000 Binary files a/app/openssl/crypto/pkcs7/p7/smime.p7m and /dev/null differ diff --git a/app/openssl/crypto/pkcs7/p7/smime.p7s b/app/openssl/crypto/pkcs7/p7/smime.p7s deleted file mode 100644 index 2b5d4fb0..00000000 Binary files a/app/openssl/crypto/pkcs7/p7/smime.p7s and /dev/null differ diff --git a/app/openssl/crypto/pkcs7/pkcs7.h b/app/openssl/crypto/pkcs7/pkcs7.h index 04f60379..5d54c4ac 100644 --- a/app/openssl/crypto/pkcs7/pkcs7.h +++ b/app/openssl/crypto/pkcs7/pkcs7.h @@ -233,10 +233,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7) (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) #define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) #define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) -#define PKCS7_type_is_encrypted(a) \ - (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) - -#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) #define PKCS7_set_detached(p,v) \ PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) diff --git a/app/openssl/crypto/pkcs7/server.pem b/app/openssl/crypto/pkcs7/server.pem deleted file mode 100644 index 750aac20..00000000 --- a/app/openssl/crypto/pkcs7/server.pem +++ /dev/null @@ -1,24 +0,0 @@ -issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit) -subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit) ------BEGIN CERTIFICATE----- -MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD -VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5 -MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG -A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl -cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP -Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2// -Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW -mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i -xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH -irObpESxAZLySCmPPg== ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD -TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu -OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj -gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz -rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b -PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA -vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU= ------END RSA PRIVATE KEY----- diff --git a/app/openssl/crypto/pkcs7/sign.c b/app/openssl/crypto/pkcs7/sign.c deleted file mode 100644 index 8b59885f..00000000 --- a/app/openssl/crypto/pkcs7/sign.c +++ /dev/null @@ -1,154 +0,0 @@ -/* crypto/pkcs7/sign.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include -#include -#include -#include -#include -#include - -int main(argc,argv) -int argc; -char *argv[]; - { - X509 *x509; - EVP_PKEY *pkey; - PKCS7 *p7; - PKCS7_SIGNER_INFO *si; - BIO *in; - BIO *data,*p7bio; - char buf[1024*4]; - int i; - int nodetach=0; - -#ifndef OPENSSL_NO_MD2 - EVP_add_digest(EVP_md2()); -#endif -#ifndef OPENSSL_NO_MD5 - EVP_add_digest(EVP_md5()); -#endif -#ifndef OPENSSL_NO_SHA1 - EVP_add_digest(EVP_sha1()); -#endif -#ifndef OPENSSL_NO_MDC2 - EVP_add_digest(EVP_mdc2()); -#endif - - data=BIO_new(BIO_s_file()); -again: - if (argc > 1) - { - if (strcmp(argv[1],"-nd") == 0) - { - nodetach=1; - argv++; argc--; - goto again; - } - if (!BIO_read_filename(data,argv[1])) - goto err; - } - else - BIO_set_fp(data,stdin,BIO_NOCLOSE); - - if ((in=BIO_new_file("server.pem","r")) == NULL) goto err; - if ((x509=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) goto err; - BIO_reset(in); - if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,NULL)) == NULL) goto err; - BIO_free(in); - - p7=PKCS7_new(); - PKCS7_set_type(p7,NID_pkcs7_signed); - - si=PKCS7_add_signature(p7,x509,pkey,EVP_sha1()); - if (si == NULL) goto err; - - /* If you do this then you get signing time automatically added */ - PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, V_ASN1_OBJECT, - OBJ_nid2obj(NID_pkcs7_data)); - - /* we may want to add more */ - PKCS7_add_certificate(p7,x509); - - /* Set the content of the signed to 'data' */ - PKCS7_content_new(p7,NID_pkcs7_data); - - if (!nodetach) - PKCS7_set_detached(p7,1); - - if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err; - - for (;;) - { - i=BIO_read(data,buf,sizeof(buf)); - if (i <= 0) break; - BIO_write(p7bio,buf,i); - } - - if (!PKCS7_dataFinal(p7,p7bio)) goto err; - BIO_free(p7bio); - - PEM_write_PKCS7(stdout,p7); - PKCS7_free(p7); - - exit(0); -err: - ERR_load_crypto_strings(); - ERR_print_errors_fp(stderr); - exit(1); - } - diff --git a/app/openssl/crypto/pkcs7/t/3des.pem b/app/openssl/crypto/pkcs7/t/3des.pem deleted file mode 100644 index b2b5081a..00000000 --- a/app/openssl/crypto/pkcs7/t/3des.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEC2vXI1xQDW6lUHM3zQ -/9uBEBOO5A3TtkrklAXq7v01gsIC21t52qSk36REXY+slhNZ0OQ349tgkTsoETHFLoEwMIHw -AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI -QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G -CSqGSIb3DQEBAQUABEB8ujxbabxXUYJhopuDm3oDq4JNqX6Io4p3ro+ShqfIndsXTZ1v5a2N -WtLLCWlHn/habjBwZ/DgQgcKASbZ7QxNMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA -oAQIbsL5v1wX98KggAQoAaJ4WHm68fXY1WE5OIjfVBIDpO1K+i8dmKhjnAjrjoyZ9Bwc8rDL -lgQg4CXb805h5xl+GfvSwUaHJayte1m2mcOhs3J2YyqbQ+MEIMIiJQccmhO3oDKm36CFvYR8 -5PjpclVcZyX2ngbwPFMnBAgy0clOAE6UKAAAAAAAAAAAAAA= ------END PKCS7----- - diff --git a/app/openssl/crypto/pkcs7/t/3dess.pem b/app/openssl/crypto/pkcs7/t/3dess.pem deleted file mode 100644 index 23f01351..00000000 --- a/app/openssl/crypto/pkcs7/t/3dess.pem +++ /dev/null @@ -1,32 +0,0 @@ ------BEGIN PKCS7----- -MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC -BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR -BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv -ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE -AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow -gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu -ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG -A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m -dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh -hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg -hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP -igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds -syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB -kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l -MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB -TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB -BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf -mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s -8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx -ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP -BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ -REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB -AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B -CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG -SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv -BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA -9CWR6g== ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/c.pem b/app/openssl/crypto/pkcs7/t/c.pem deleted file mode 100644 index a4b55e32..00000000 --- a/app/openssl/crypto/pkcs7/t/c.pem +++ /dev/null @@ -1,48 +0,0 @@ -issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA -subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com -serial :047D - -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1149 (0x47d) - Signature Algorithm: md5withRSAEncryption - Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA - Validity - Not Before: May 13 05:40:58 1998 GMT - Not After : May 12 05:40:58 2000 GMT - Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Modulus: - 00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81: - 73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc: - 89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29: - fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f: - e7:e7:0c:4d:0b - Exponent: 65537 (0x10001) - X509v3 extensions: - Netscape Comment: - Generated with SSLeay - Signature Algorithm: md5withRSAEncryption - 52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55: - f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97: - d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b: - 50:74:ad:92:cb:4e:90:e5:fa:7d - ------BEGIN CERTIFICATE----- -MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV -MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE -ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E -IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw -NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK -UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0 -aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG -9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf -lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB -hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA -UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8 -4A3ZItobUHStkstOkOX6fQ== ------END CERTIFICATE----- - diff --git a/app/openssl/crypto/pkcs7/t/ff b/app/openssl/crypto/pkcs7/t/ff deleted file mode 100644 index 23f01351..00000000 --- a/app/openssl/crypto/pkcs7/t/ff +++ /dev/null @@ -1,32 +0,0 @@ ------BEGIN PKCS7----- -MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC -BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR -BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv -ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE -AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow -gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu -ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG -A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m -dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh -hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg -hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP -igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds -syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB -kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l -MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB -TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB -BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf -mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s -8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx -ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP -BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ -REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB -AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B -CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG -SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv -BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA -9CWR6g== ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/msie-e b/app/openssl/crypto/pkcs7/t/msie-e deleted file mode 100644 index aafae69f..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-e +++ /dev/null @@ -1,20 +0,0 @@ - -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV -BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k -aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABECMzu8y -wQ/qZbO8cAGMRBF+mPruv3+Dvb9aWNZ2k8njUgqF6mcdhVB2MkGcsG3memRXJBixvMYWVkU3qK4Z -VuKsMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE -BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG -SIb3DQEBAQUABEBcWwYFHJbJGhiztt7lzue3Lc9CH5WAbyR+2BZ3uv+JxZfRs1PuaWPOwRa0Vgs3 -YwSJoRfxQj2Gk0wFqG1qt6d1MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQI8vRlP/Nx -2iSggASCAZhR5srxyspy7DfomRJ9ff8eMCtaNwEoEx7G25PZRonC57hBvGoScLtEPU3Wp9FEbPN7 -oJESeC+AqMTyTLNy8aQsyC5s53E9UkoIvg62ekYZBbXZqXsrxx4PhiiX3NH8GVh42phB0Chjw0nK -HZeRDmxGY3Cmk+J+l0uVKxbNIfJIKOguLBnhqmnKH/PrnzDt591u0ULy2aTLqRm+4/1Yat/QPb6J -eoKGwNPBbS9ogBdrCNCp9ZFg3Xar2AtQHzyTQIfYeH3SRQUpKmRm5U5o9p5emgEdT+ZfJm/J4tSH -OmbgAFsbHQakA4MBZ4J5qfDJhOA2g5lWk1hIeu5Dn/AaLRZd0yz3oY0Ieo/erPWx/bCqtBzYbMe9 -qSFTedKlbc9EGe3opOTdBZVzK8KH3w3zsy5luxKdOUG59YYb5F1IZiWGiDyuo/HuacX+griu5LeD -bEzOtZnko+TZXvWIko30fD79j3T4MRRhWXbgj2HKza+4vJ0mzcC/1+GPsJjAEAA/JgIEDU4w6/DI -/HQHhLAO3G+9xKD7MvmrzkoAAAAAAAAAAAAA - - diff --git a/app/openssl/crypto/pkcs7/t/msie-e.pem b/app/openssl/crypto/pkcs7/t/msie-e.pem deleted file mode 100644 index a2a5e24e..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-e.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIIDkAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ -bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT -aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ -uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQIzO7zLBD+pls7xwAYxEEX6Y+u6/f4O9 -v1pY1naTyeNSCoXqZx2FUHYyQZywbeZ6ZFckGLG8xhZWRTeorhlW4qwwgfACAQAw -gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH -EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT -GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW -QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQFxbBgUclskaGLO23uXO57ctz0If -lYBvJH7YFne6/4nFl9GzU+5pY87BFrRWCzdjBImhF/FCPYaTTAWobWq3p3UwggHD -BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECPL0ZT/zcdokgIIBmFHmyvHK -ynLsN+iZEn19/x4wK1o3ASgTHsbbk9lGicLnuEG8ahJwu0Q9Tdan0URs83ugkRJ4 -L4CoxPJMs3LxpCzILmzncT1SSgi+DrZ6RhkFtdmpeyvHHg+GKJfc0fwZWHjamEHQ -KGPDScodl5EObEZjcKaT4n6XS5UrFs0h8kgo6C4sGeGqacof8+ufMO3n3W7RQvLZ -pMupGb7j/Vhq39A9vol6gobA08FtL2iAF2sI0Kn1kWDddqvYC1AfPJNAh9h4fdJF -BSkqZGblTmj2nl6aAR1P5l8mb8ni1Ic6ZuAAWxsdBqQDgwFngnmp8MmE4DaDmVaT -WEh67kOf8BotFl3TLPehjQh6j96s9bH9sKq0HNhsx72pIVN50qVtz0QZ7eik5N0F -lXMrwoffDfOzLmW7Ep05Qbn1hhvkXUhmJYaIPK6j8e5pxf6CuK7kt4NsTM61meSj -5Nle9YiSjfR8Pv2PdPgxFGFZduCPYcrNr7i8nSbNwL/X4Y+wmMAQAD8mAgQNTjDr -8Mj8dAeEsA7cb73EoPsy+avOSgAAAAA= ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/msie-enc-01 b/app/openssl/crypto/pkcs7/t/msie-enc-01 deleted file mode 100644 index 2c93ab64..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-enc-01 +++ /dev/null @@ -1,62 +0,0 @@ - -MIAGCSqGSIb3DQEHA6CAMIACAQAxgfMwgfACAQAwgZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYD -VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0 -IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMT -EkRFTU8gWkVSTyBWQUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQKvMaW8xh6oF/X+CJivz -IZV7yHxlp4O3NHQtWG0A8MOZB+CtKlU7/6g5e/a9Du/TOqxRMqtYRp63pa2Q/mM4IYMwgAYJ -KoZIhvcNAQcBMBoGCCqGSIb3DQMCMA4CAgCgBAifz6RvzOPYlKCABIGwxtGA/FLBBRs1wbBP -gDCbSG0yCwjJNsFg89/k6xuXo8c5YTwsw8+XlIVq03navpew6XxxzY090rD2OJ0t6HA6GqrI -pd8WiSh/Atqn0yfLFmkLqgIAPRfzxUxqUocxLpQsLIFp2YNUGE+yps+UZmIjw/WHfdqrcWTm -STSvKuy3UkIJZCkGDBpTvqk4BFaHh4oTXEpgpNY+GKxjf9TDN9GQPqQZR7sgQki4t2g4/Saq -Kl4EMISgluk6swdND0tiHY7v5d6YR29ePCl2/STJ98eJpWkEEC22GNNvOy7ru/Rv2He4MgQg -optd7sk9MMd9xhJppg7CcH/yDx//HrtgpOcWmn6VxpgECFqon4uXkQtIBIH4PaNclFn7/hLx -Pw2VmBGaC0SYF3U1jyN96EBxdjqy8Aa6ByMXYDW5BcfqniD5mYXfw+b81lh1kutxaPaV4YJ9 -ZlRUW752N7VHo/fG0/fukoe5W9a8kIhgLpygllb/GP4oSF4wM6n1/OgRzZj2IWFiobKO4d/t -Mnh+C+PoEVAuFZcxQwi9GqvsK5OoIjVwNx0XcVSOl1TTYS9SwC7ugMBCab73JiruC24pL78Y -M+NaIpIQ3On4DokJA2ZHtjBjZIxF4tKA144RvFN6pBd6TVE5XM6KD/Vh9bjSmujtEAfdQ3Te -dvKJsbZuu0stErbvWcRy11I328l557EECAJT7d44OJ3rBBBj6bnnx6dDU2SRqp2CEoQaBAhK -RBuyhNxkygQIOY9/NhwqAJAECOvX0Zd0DqgoBAjobPpMHhVV3gQQWLU2vEoZ51BwzxdzCmxO -wwQI4oKfudaNqoAESKzBNAqv5kGumHOlMKsRfrs7jZCcSaOuEj97pYx08FLEgF23cav39MOQ -NUEM1dNU+EYslL4o3RoSHRjUgPU+2t9c0prS9A/bPARIEOP94PynaTNxwHi3VTK7SzuQmgzA -4n942E9joSiqsQPlsKAb3sPUaLC3SuUxSjNBgfpvD0bmrA/5h+WZoYXvIogFpwjkSmnFBEie -0lh5Ov1aRrvCw5/j3Q/W/4ZtN5U+aeVBJMtA8n0Mxd5kPxHbNVh4oGprZ6wEegV8ht3voyZa -mZ5Cyxc8ffMYnM/JJI6/oEYEUEMyyiS5FnYyvxKzfMtyn2lZ2st9nZGNNgMc9N62r5HgNbdD -FHuRdKKzV+8kQfuMc3mOPpK1t9TFY+QgrxiB5p6S7VooI97YtP3PbfknszCEBEh4PdXYbbaR -3AacN3Q5kYYmWsq3WW6xgrg0mmEGosGvwSQxBBuiXZrxScCa4ivEq05UZwyShePvKduOvnUE -2zDO6IXFLZxhTZAESEm9/FovLgGAiJ7iMGmYvsISLJScwG4n+wrSaQNQXizs9N3ykys54wBN -d/+BQ4F7pncHhDQ2Dyt5MekB8Y8iNOocUTFCu524vQRIaWCXmXP3vU7D21dp0XnAMzRQJ565 -JV3aHRoY7XDa4LePa7PP9ywyafOE5yCW7ndqx3J+2JhTDvSFsW8/q3H3iyeFhykuJVS6BFDK -6CmKbnyyjOfE2iLGJmTFa905V2KrVDCmlEu/xyGMs80yTyZC+ySzM83FMVvLEQmSzcTNUZVp -DfA1kNXbXkPouBXXT6g8r8JCRljaKKABmgRIlMheOJQRUUU4cgvhMreXPayhq5Ao4VMSCkA5 -hYRCBczm4Di/MMohF0SxIsdRY6gY9CPnrBXAsY6h1RbR7Tw0iQZmeXi52DCiBEj0by+SYMAa -9z0CReIzl8JLL6EVIFz8kFxlkGWjr4dnOzhhPOq/mCpp0WxbavDfdhE87MdXJZBnLwoT62QG -955HlAoEQBOGJbcESCgd5XSirZ9Y3AbCfuKOqoMBvEUGn+w/pMaqnGvnr5FZhuBDKrhRXqtx -QsxA//drGUxsrZOuSL/0+fbvo7n2h1Z8Ny86jOvVZAQIAjw2l1Yc5RAESNc9i3I8pKEOVQf/ -UBczJ0NR9aTEF80dRg2lpXwD0ho4N0AvSiVbgxC7cPZHQwIqvq9LHRUs/4n+Vu3SVYU3cAxo -lUTiCGUSlARIF+TD57SI5+RI+MNtnD9rs4E1ml51YoHGWFj3UPriDmY0FKEwIgqtMXMY3fZ9 -Kq8d83bjDzxwbDX7WwR7KbSeJWT42pCz7kM+BEjjPsOnZHuusXT3x2rrsBnYtYsbt98mSFiS -KzTtFmXfkOBbCQdit1P76QnYJ1aXMGs6zP6GypQTadK/zYWvlm38QkVwueaJ0woESKW2pqKA -70h2UMDHOrpepU1lj0YMzmotDHSTU3L909VvUMNg9uqfrQ6mSkb9j5Tl8oF2otOw5EzA1Yda -KPmgsv62RWLYl80wXQRQwG0e/mgG75jp9lOhJdVXqcYbQpS9viwVaVkwH+69mu/bQI4gjoEs -UYX6O71Re2z+cYhcm9UrK+DXuSFBXQOIlAFxKMW4B0apd6fU84FsZLMESOorXE5OE0A2B2ji -J8QI0Exk4hUvWrMNJfUZwFyS7E05xV9ORuX1xmsKqkT4tVR5Nqln4vhvAY860VBoloz0CDkd -8seSBEjeMgRI9FvpYuflIeHg9urkwp6N+1f0DrJJhJY9ZQ0HTQhziJmIfvbEjNqCl7hEC28+ -F8I5tuViLgfSwcFFCvnS6WFoN4X6QdFdqMCbBEjdlI1c+IQGA/IuTDMJYCuQ/v+8BG5ZeWVH -icPZmXfRat9eFK1dGKAJef6+Tf9HPuDjSpDyffrifsp7Dc34lmm7GN1+ON3ZMtwEUNm6epb8 -1RKWjoI7jIKUV/M2p/0eeGSqs4b06KF/VR6dBwsJVL5DpnTsp3MV4j/CAOlRdSPZ5++tsKbM -aplk+ceqQtpEFz1MYTtVV4+rlrWaBEA1okJyNZ5/tNOwM7B+XfOZ0xw+uyVi9v4byTZM2Qds -J+d3YGYLAugTGHISLqQEerD8/gGK+/SL06b2gNedXPHtBAiBKX+Mdy3wFQQIqE9gVgvrFNUE -CKKoTFoMGqnPBAjDPgLCklNfrwQI3Ek1vSq68w8ECBodu2FOZJVkBAgzwjfSr2N9WQQQTCoQ -KkAbrS9tnjXn1I3+ZwQIrPx3eINo/YUECIeYWCFskxlYBAiDUdvZXwD3vgQIkEyZbbZWbUUE -CH4+odl1Isk3BBj68fkqJ0fKJRWVLWuW/O3VE4BOPKwFlaIECFseVTdDUho8BAj+cOKvV2WA -hgQgaXr+wwq+ItblG0Qxz8IVUXX6PV2mIdHwz4SCCvnCsaIECJhBYxdfLI/XBCDswamPn9MR -yXi2HVQBineV+GtWVkIoZ2dCLFB9mQRMoAQI0nUR5a5AOJoECA+AunKlAlx8BAi5RtFeF4g1 -FQQIz/ie+16LlQcECOmNuVg5DXjMBAjH2nkfpXZgWwQIVdLuO/+kuHAECO/5rEHmyI9vBBD4 -16BU4Rd3YerDQnHtrwOQBCCkho1XxK5Maz8KLCNi20wvcGt8wsIXlj2h5q9ITBq7IgQQvKVY -4OfJ7bKbItP2dylwQgQYPIGxwkkbRXNraONYvN19G8UdF35rFOuIBAjf0sKz/618ZQQIxObr -xJkRe0sECIC+ssnjEb2NBBBI+XM4OntVWGsRV9Td3sFgBAinGwIroo8O0gQQMGAwgc9PaLaG -gBCiwSTrYQQIVHjfCQgOtygEUIoraFoANfhZgIShpOd/RRxFU4/7xZR5tMdGoYz/g0thR0lM -+Hi88FtFD4mAh/Oat4Ri8B7bv04aokjN2UHz6nPbHHjZ8zIqpbYTCy043GNZBAhOqjyB2JbD -NwQoR23XCYD9x6E20ChHJRXmaHwyMdYXKl5CUxypl7ois+sy2D7jDukS3wQIsTyyPgJi0GsA -AAAAAAAAAAAA - diff --git a/app/openssl/crypto/pkcs7/t/msie-enc-01.pem b/app/openssl/crypto/pkcs7/t/msie-enc-01.pem deleted file mode 100644 index 9abf00b2..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-enc-01.pem +++ /dev/null @@ -1,66 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIILyAIBADGB8zCB8AIBADCBmTCBkjELMAkGA1UEBhMC -QVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYD -VQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB -TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBAgIEbjANBgkq -hkiG9w0BAQEFAARAq8xpbzGHqgX9f4ImK/MhlXvIfGWng7c0dC1YbQDww5kH4K0q -VTv/qDl79r0O79M6rFEyq1hGnrelrZD+YzghgzCCCssGCSqGSIb3DQEHATAaBggq -hkiG9w0DAjAOAgIAoAQIn8+kb8zj2JSAggqgxtGA/FLBBRs1wbBPgDCbSG0yCwjJ -NsFg89/k6xuXo8c5YTwsw8+XlIVq03navpew6XxxzY090rD2OJ0t6HA6GqrIpd8W -iSh/Atqn0yfLFmkLqgIAPRfzxUxqUocxLpQsLIFp2YNUGE+yps+UZmIjw/WHfdqr -cWTmSTSvKuy3UkIJZCkGDBpTvqk4BFaHh4oTXEpgpNY+GKxjf9TDN9GQPqQZR7sg -Qki4t2g4/SaqKl6EoJbpOrMHTQ9LYh2O7+XemEdvXjwpdv0kyffHiaVpBBAtthjT -bzsu67v0b9h3uDKim13uyT0wx33GEmmmDsJwf/IPH/8eu2Ck5xaafpXGmFqon4uX -kQtIPaNclFn7/hLxPw2VmBGaC0SYF3U1jyN96EBxdjqy8Aa6ByMXYDW5BcfqniD5 -mYXfw+b81lh1kutxaPaV4YJ9ZlRUW752N7VHo/fG0/fukoe5W9a8kIhgLpygllb/ -GP4oSF4wM6n1/OgRzZj2IWFiobKO4d/tMnh+C+PoEVAuFZcxQwi9GqvsK5OoIjVw -Nx0XcVSOl1TTYS9SwC7ugMBCab73JiruC24pL78YM+NaIpIQ3On4DokJA2ZHtjBj -ZIxF4tKA144RvFN6pBd6TVE5XM6KD/Vh9bjSmujtEAfdQ3TedvKJsbZuu0stErbv -WcRy11I328l557ECU+3eODid62PpuefHp0NTZJGqnYIShBpKRBuyhNxkyjmPfzYc -KgCQ69fRl3QOqCjobPpMHhVV3li1NrxKGedQcM8XcwpsTsPigp+51o2qgKzBNAqv -5kGumHOlMKsRfrs7jZCcSaOuEj97pYx08FLEgF23cav39MOQNUEM1dNU+EYslL4o -3RoSHRjUgPU+2t9c0prS9A/bPBDj/eD8p2kzccB4t1Uyu0s7kJoMwOJ/eNhPY6Eo -qrED5bCgG97D1Giwt0rlMUozQYH6bw9G5qwP+YflmaGF7yKIBacI5EppxZ7SWHk6 -/VpGu8LDn+PdD9b/hm03lT5p5UEky0DyfQzF3mQ/Eds1WHigamtnrAR6BXyG3e+j -JlqZnkLLFzx98xicz8kkjr+gRkMyyiS5FnYyvxKzfMtyn2lZ2st9nZGNNgMc9N62 -r5HgNbdDFHuRdKKzV+8kQfuMc3mOPpK1t9TFY+QgrxiB5p6S7VooI97YtP3Pbfkn -szCEeD3V2G22kdwGnDd0OZGGJlrKt1lusYK4NJphBqLBr8EkMQQbol2a8UnAmuIr -xKtOVGcMkoXj7ynbjr51BNswzuiFxS2cYU2QSb38Wi8uAYCInuIwaZi+whIslJzA -bif7CtJpA1BeLOz03fKTKznjAE13/4FDgXumdweENDYPK3kx6QHxjyI06hxRMUK7 -nbi9aWCXmXP3vU7D21dp0XnAMzRQJ565JV3aHRoY7XDa4LePa7PP9ywyafOE5yCW -7ndqx3J+2JhTDvSFsW8/q3H3iyeFhykuJVS6yugpim58soznxNoixiZkxWvdOVdi -q1QwppRLv8chjLPNMk8mQvskszPNxTFbyxEJks3EzVGVaQ3wNZDV215D6LgV10+o -PK/CQkZY2iigAZqUyF44lBFRRThyC+Eyt5c9rKGrkCjhUxIKQDmFhEIFzObgOL8w -yiEXRLEix1FjqBj0I+esFcCxjqHVFtHtPDSJBmZ5eLnYMKL0by+SYMAa9z0CReIz -l8JLL6EVIFz8kFxlkGWjr4dnOzhhPOq/mCpp0WxbavDfdhE87MdXJZBnLwoT62QG -955HlAoEQBOGJbcoHeV0oq2fWNwGwn7ijqqDAbxFBp/sP6TGqpxr56+RWYbgQyq4 -UV6rcULMQP/3axlMbK2Trki/9Pn276O59odWfDcvOozr1WQCPDaXVhzlENc9i3I8 -pKEOVQf/UBczJ0NR9aTEF80dRg2lpXwD0ho4N0AvSiVbgxC7cPZHQwIqvq9LHRUs -/4n+Vu3SVYU3cAxolUTiCGUSlBfkw+e0iOfkSPjDbZw/a7OBNZpedWKBxlhY91D6 -4g5mNBShMCIKrTFzGN32fSqvHfN24w88cGw1+1sEeym0niVk+NqQs+5DPuM+w6dk -e66xdPfHauuwGdi1ixu33yZIWJIrNO0WZd+Q4FsJB2K3U/vpCdgnVpcwazrM/obK -lBNp0r/Nha+WbfxCRXC55onTCqW2pqKA70h2UMDHOrpepU1lj0YMzmotDHSTU3L9 -09VvUMNg9uqfrQ6mSkb9j5Tl8oF2otOw5EzA1YdaKPmgsv62RWLYl80wXcBtHv5o -Bu+Y6fZToSXVV6nGG0KUvb4sFWlZMB/uvZrv20COII6BLFGF+ju9UXts/nGIXJvV -Kyvg17khQV0DiJQBcSjFuAdGqXen1POBbGSz6itcTk4TQDYHaOInxAjQTGTiFS9a -sw0l9RnAXJLsTTnFX05G5fXGawqqRPi1VHk2qWfi+G8BjzrRUGiWjPQIOR3yx5IE -SN4y9FvpYuflIeHg9urkwp6N+1f0DrJJhJY9ZQ0HTQhziJmIfvbEjNqCl7hEC28+ -F8I5tuViLgfSwcFFCvnS6WFoN4X6QdFdqMCb3ZSNXPiEBgPyLkwzCWArkP7/vARu -WXllR4nD2Zl30WrfXhStXRigCXn+vk3/Rz7g40qQ8n364n7Kew3N+JZpuxjdfjjd -2TLc2bp6lvzVEpaOgjuMgpRX8zan/R54ZKqzhvTooX9VHp0HCwlUvkOmdOyncxXi -P8IA6VF1I9nn762wpsxqmWT5x6pC2kQXPUxhO1VXj6uWtZo1okJyNZ5/tNOwM7B+ -XfOZ0xw+uyVi9v4byTZM2QdsJ+d3YGYLAugTGHISLqQEerD8/gGK+/SL06b2gNed -XPHtgSl/jHct8BWoT2BWC+sU1aKoTFoMGqnPwz4CwpJTX6/cSTW9KrrzDxodu2FO -ZJVkM8I30q9jfVlMKhAqQButL22eNefUjf5nrPx3eINo/YWHmFghbJMZWINR29lf -APe+kEyZbbZWbUV+PqHZdSLJN/rx+SonR8olFZUta5b87dUTgE48rAWVolseVTdD -Uho8/nDir1dlgIZpev7DCr4i1uUbRDHPwhVRdfo9XaYh0fDPhIIK+cKxophBYxdf -LI/X7MGpj5/TEcl4th1UAYp3lfhrVlZCKGdnQixQfZkETKDSdRHlrkA4mg+AunKl -Alx8uUbRXheINRXP+J77XouVB+mNuVg5DXjMx9p5H6V2YFtV0u47/6S4cO/5rEHm -yI9v+NegVOEXd2Hqw0Jx7a8DkKSGjVfErkxrPwosI2LbTC9wa3zCwheWPaHmr0hM -GrsivKVY4OfJ7bKbItP2dylwQjyBscJJG0Vza2jjWLzdfRvFHRd+axTriN/SwrP/ -rXxlxObrxJkRe0uAvrLJ4xG9jUj5czg6e1VYaxFX1N3ewWCnGwIroo8O0jBgMIHP -T2i2hoAQosEk62FUeN8JCA63KIoraFoANfhZgIShpOd/RRxFU4/7xZR5tMdGoYz/ -g0thR0lM+Hi88FtFD4mAh/Oat4Ri8B7bv04aokjN2UHz6nPbHHjZ8zIqpbYTCy04 -3GNZTqo8gdiWwzdHbdcJgP3HoTbQKEclFeZofDIx1hcqXkJTHKmXuiKz6zLYPuMO -6RLfsTyyPgJi0GsAAAAA ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/msie-enc-02 b/app/openssl/crypto/pkcs7/t/msie-enc-02 deleted file mode 100644 index 70170559..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-enc-02 +++ /dev/null @@ -1,90 +0,0 @@ - -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV -BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k -aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABEACr4tn -kSzvo3aIlHfJLGbfokNCV6FjdDP1vQhL+kdXONqcFCEf9ReETCvaHslIr/Wepc5j2hjZselzgqLn -rM1ZMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE -BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG -SIb3DQEBAQUABEBanBxKOvUoRn3DiFY55lly2TPu2Cv+dI/GLrzW6qvnUMZPWGPGaUlPyWLMZrXJ -xGXZUiRJKTBwDu91fnodUEK9MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQImxKZEDWP -EuOggASCBACBi1bX/qc3geqFyfRpX7JyIo/g4CDr62GlwvassAGlIO8zJ5Z/UDIIooeV6QS4D4OW -PymKd0WXhwcJI0yBcJTWEoxND27LM7CWFJpA07AoxVCRHTOPgm794NynLecNUOqVTFyS4CRuLhVG -PAk0nFZG/RE2yMtx4rAkSiVgOexES7wq/xWuoDSSmuTMNQOTbKfkEKqdFLkM/d62gD2wnaph7vKk -PPK82wdZP8rF3nUUC5c4ahbNoa8g+5B3tIF/Jz3ZZK3vGLU0IWO+i7W451dna13MglDDjXOeikNl -XLsQdAVo0nsjfGu+f66besJojPzysNA+IEZl6gNWUetl9lim4SqrxubUExdS2rmXnXXmEuEW/HC7 -dlTAeYq5Clqx5id6slhC2C2oegMww3XH9yxHw6OqzvXY6pVPEScEtBMQLgaKFQT+m2SRtbTVFG7c -QcnUODyVB1IbpQTF1DHeeOX1W/HfpWZym8dzkti6SCyeumHmqO406xDiIMVKtHOqM86nEHuAMZsr -cLy+ey6TEJvR6S4N8QRzng8JJDZDTJXQN6q84aEudsnOrw2KyOVwPpI6ey4qBsHUgQ8kAFy5lsQa -WV45h6exgUwbBcKLgPZGFj+OdD2RKJsTb83/UqbJS5Q/lGXhzBlnaYucyJxEprRxbntmcnOEPFJe -+tRDUwOTd7qlJljdhIJL+uDcooL9Ahgo6Cwep6tduekv2cSEohJeTE8Dvy34YRhMbLvnFNdmnpNy -rNZDYVVxxaKoyd2AfB8NPFZh1VdAYfI3R1QAQ2kXEef5NNIfVQfMzD9akJn4RP+Kv32Qaxm4FrnK -xmwRyGJShavIBc2ax+F1r1+NZXuSBHn5vfoRTxOk0ST4dXsw74dnlYUMRaSu4qqUdM9jsXSyeX4Z -gQgkR2bkaYO6ezFgenFIa7QWVw8rXZAEZ5aibCxbnY1VE41PYIvhlLdbFJhH9gY22s+fFAuwnzyA -SRjC40A9aAEItRlaPStWSGiqlLRgNkBBwdpv2l2YPBd2QzHx6ek6XGrvRJuAC+Nh62rtQKwpNH54 -YAOHW55maBFW2SQ3TF+cZ6NbbqhCmHTyyR7mcSYc9sXSVDWEhYKQ1iyU870zhHWVpvglZizZetJC -ZFjYex3b1ngVdcgargOvpPq9urCKKi2mbkqv/EFpzSWGXkKSpfCG/XfMnEOtkNrB8S06vnk2JcJB -OBqJot+uuSH5hOg0vTpxX2DuONJSiWSWyfRE/lTfJJFXwhod7SXclUyXPeSyibcSic2hVAzDmwjD -31js/j2k02PI/agPhr3UQ8cMgcNAiaoCKbNaWfn6BGbCAbTchxzUlo2cSJiLlrX2IDZmfXbXmZCo -m1smWIG+BIIEALiuAxDb6dWLAYyVBoN9hYI4AiPeZAY9MtvQ6AV8o2/EFm6PvYGXy3Hei5830CH0 -PBeX7Kdd6ff1y33TW/l5qSkIL1ULTGR7okFfJePHDmq1dFt6/JOMptiQ8WSu7CsJQvZ9VTFXeYFc -ZqCPPZc1NrPegNK70Zf9QxWIbDAevJ5KLBf1c6j8pU2/6LnvDY6VjaTvYSgr7vTR8eVzH4Rm77W0 -iOHxg5VcODv6cGSVyuvbX8UAGo8Cmb58ERDtBDJBQXVpWKLNAuDJ9GX8n2zNkpjZLbPSkcmuhqGa -BJBE/BaCTkUQWlY9dIbRtEnxIU1mfbPPdx1Ppa8DqGDjSOsQdKcKYNNZtayEw++EIpmpdBNsKphC -fB8UEK2Wkk4ZVW+qyGoi/r0MFsvO1NmSOOZ0o/jy/YHmoeURHhPy97AO3eVTkEAa5CfJEJybmo56 -7CDw/FwoGAUCgsoz7rlxzMudr/IhHIH+APinncxXlHO2ecvHD9i8DaHGA8tVifgsUhqQoZieULut -eF94O5UAxOkv41UZssYTwN4nYrN1QkesZl3BX4ORS4EE30/PQ23ARf3WZptZrCJevGm2ZYzGeh8x -g17mCDfiLO+bff4qP/4mC96Pu4ia6j4to5BwKIJS/+DCuoD8WeSKF4pugXQkMUiHdQnNnVP9Sp2O -/4ly5mO8JzrQC59V2bnTNBqPhpno8kfJvK5TypPSVC+bTzern3rJ6UceB3srcn9zxKx9GdNydJQj -yWjv8ec3n3d1nuQwhz5Q053NBhIjwoGg3Go7LO6i78ZOlpF7dcoAO13NfHLyNjnyHCaiWtVRTct9 -rLf5vN00urSn8YJngHk1eTKK8nHGIcOg6YdYDOD2nE5XwRijKmieG8Xa3eKRzfbL06GrBQENle6J -mC131bp3cRVxpjq+o6RAbGoMm4yICsL4eTarCQrsyHmoPHqr91UHo91avyxU7knWmEhX27ybmsrs -8aeZwPHixL14TeyhruCqRVvkf1Ks7P+z8MPUboGNqQe2WLN8ktCGEr15O8MJR/em86G03Jfo4oaw -/DVUH5RwLT6acedOGuzMh/2r8BcmemhVQ8/cWvV4YJ0tOW4hzyVHC5hQf8sZ3LzxXLH6Ohnrbprh -xvrdbaSdChWZDDP0bCCbxEhkwuBkBeKZrMbwRTP+TPTPYLVTH/CmKLzKh/114tkGkyO3hHS4qExU -V39F2Sj4mylx+hD0+20D9pntpNi7htccGlOm6yNM69at/3+kLgJJyoIlaxLcCUYHNMifDt+T3p/t -5U4XmD53uUQ6M8dvj/udqPekNSUfse15yrd9pjOt5PcJuqW28q0sFHf9pHIgz3XZFMe5PD7ppw6r -S+C6Ir4PrYIEggQA7ZDVtiCm+BbtNNB/UJm79/OQ5mp5bTI0kPmDeycaWTa0Ojpum+c/dpG/iJOB -DICj7jHOXSHT7JlGyX6aSFJUltucAnZvwzhPDmdDaIDiKSk85GqgdDWVfGosSCX9Ph/T3WpIxnwf -WSDRtIHkWTjly+pe4yy5K6/XISy/L5Zh/fhiI5fjHjgzmlibs2ru4nVw6hBhUvlSSe2BEs5d9h/y -NH8Wy3qvb2D3jh7hkepFtZJGNTHp8ZUC7Ns2JIpQYObsaxdI65i3mMOu7fRwI+0/4ejsWhP6KCEi -LgwvLg0qM82ma6YB7qHAHboaczRVEffDcJUG4a5uycB0DoZFn+uEaEFyili20hCn4hVfsqUQk2PT -8Mo1tSl5e30xI1YJZrRgiJm9nHRX6fLizngP+ILJLPHZsPvlSVIfY+/v/FR8feKOjaGhyGF51BAx -aM2NIQ4jMP5/X+U5gQybi0E6u7rroDhaHsKmCMgXqszwXWCpedA/sEbeHpiTC59YlPPSlIOMc9vP -Ko/mQCfWy/9icUaIfKQldvkllUxxNkqu6AbIpHVscbAEzSPs5xbQXU8EZNNCDisFnnpY3nQ3eLnl -m89saTJxRb7NWHRMlmPv7qgD7uMIq3vdOGA7i5wT9MeoNIgK1/DsgH30s6RWjJy4YyyLmRTXPzbj -hbQVpEmiMRbEidIvUx2OjKVxVQIcgtLsa2lvHQ4XL1cpLr5GVtOgy0fMg5OCDUUDsvjgjgLQ3P2U -p2nVY5FM6/QpPc5DTLuuR9ekI2/c9Biz09RtcYDUQK2ajdo8h1IyKqHFoB7h48OXxXKKY94DY0TG -x6PonB/epj8orAw4QKmm5M0vXYwBOqRymCTHTqOJGObdLx1euFFyqguzHJOU2gAGZI0z9Lg1yRuF -yhdPZyuniIcmtLNxRZ1duYHErcAyX56qndmLXt7UVkATai/rIMuoJLfAsUnVuTUS5p7tJM754UZT -7lTcXvDJgOUNnBRaIcxC3pxvbrYDJ2iFJ72xkxUP2p74gucqg25XnCVmQuLg6zDDxF6CLuw9isxy -Xg4pkneMN//7fpp8GYl9nyZm2yqYYM+jcw0fcVc64L+X4w/gL3H2UMGgxIHSJp7HIG7VKHtXrNyj -dPXXPVUsMsAAimqOr0Lr2sZWirfuivLaPTqhbkvG5PF7K3gT80AOIcd/6EIHBy2hZ7ukfjHmdP4L -yQOhTQklaKzGHI0mypq0uFLWJOUlZnVrMiLP1xrWkpC8Ro9eo6mfjjQ45z8adC43a47klwTEzvod -3rNEFIGJJUEjAN3mbqie7IxoSJknBBJK0D9lZEQ8lZWlq7vuN8JdqPM6xh155jMVsPwjLK6Tzkj5 -BpRD9Tgm3u6HPQSCBADgkWEN75Mu9TGosXY0xm1k6K6sPv8L949CrLWo4r1I2LA072bTGvQP28Vs -hUA76jgcT1ocC++9PoktIK10YCq5w+FfMAQ04KeCXuAdmiY2iAT4Slea61PMCMta3mVGyLUZCLEm -P+I0UKR5mlO0fGEcjU9j8TmbjZqxNFqloLsU7oSi7Os0EtYHkdAVrExUyOc/ZDie6fBjdLTmLdCm -bE9JNwjlbXypdTZupGgLNhKGDIskUAAMwZYayI6YfSIMkNCeAYTnjOuGZZ1msCXGXsfMBR1sfUIj -9UeGjwD8gq+UVVHX/oeoH/m0eJ5ppqi3+nUlgc9DvpYsC/Fg0G2KuYb9B+VJ+a4GMzQSPREoFtQp -B9dtLkBb7Ha/hpGWTIdqzW0eAo5llyN8FNvl2Fu2IcLaNmWFO69gLjRKQopp0dvFOuwAVI6fvGDj -p1WigoNbFZl8N+iiWmzKOjoG2ZLbez1clZCms/JPJrXhEMMOxWpVzkQyN336VWHmGgMcjaKCGSeA -2nnESIGuiCXMrkHlGfabYIsKcHFCo2t13uXyZPf0zSPTkuD0Eh92wqC9pvA3gvrrCUfo9Mn3bs+e -KWKmDlpcs8mDn032oIg+zrQhIduMqXVn3evzeVM3B5MBOGMvg51/SXg7R+MC/463juQQEb9IVe/I -YGnO//oWm9lw/377Af/qH+FnN02obJw1FvesQIs9e5RHNQykKbO+vmVJQl1nd9DZWrHDNO7/80Yz -2hCm7Tws5nSRN2iFlyRaYJHr7ypxkU2rCak2r6ua7XDwu1qU2RT3+qPjT1RuxQ2oTlHyGkKPMZGC -Rc+CSWz5aeeCmHZVwdb3nC8YpfsujMiYqygLeuQ82pjKuR7DIKGmnfcOLdv5F+Ek2Wyy0D98iSgk -+aoQGYLhL9llU13pn21uRsDY5uGcXiIw1IETFlTdgENEv8futZuJsegrp7fmFXyNoNyFNyypeDrM -6ZqR4vKxFjg3tKKeVpkw/W4EAklzMxmNiazGNDBHsnYV3rwPlKa+HeeE2YxnsKwGLCNgRYUXTaJk -461vS160z3dvh/mLfdZ7MYCkmO3bNE3ELUDAw7YQkSuo9ujzdFKte9LC34sjg9fOex3ThAg5Y50n -wYm4zBmGM7yEqL8O6QgnM6tIDFS9XryDaLNzcGhMWqMvhzO6sC/AA2WfLgwS517Cp03IkJQWqG9q -w52+E+GAtpioJfczEhlv9BrhjttdugRSjJrG8SYVYE4zG3Aur5eNBoGaALIOHOtPw8+JovQmIWcF -oaJ/WQuglFrWtew51IK6F8RiHAOBVavZOuZcO7tV+5enVfreOd0rX8ZOy4hYmHhmF1hOrrWOn+Ee -E0SYKonXN01BM9xMBIIBSLCvNAppnGPTUGjwbMJRg1VJ2KMiBWH5oJp8tyfIAxMuWFdtaLYbRSOD -XbOAshPVK8JAY8DQDkzqaCTAkLTfSRAt9yY6SbUpMsRv7xa8nMZNJBJzJT9b/wNjgiOJgaGuJMkV -2g/DX2jfP3PrMM/Sbnz7edORXHj1Pa5XTT8nG5MS0FuZgvevdq3o/gVVAz+ZCKOH3ShMzZvfp01l -SX5gaJTflmU6cdNwtn2yZ6IScF7OrjUeA9iEoSVR9dQcA+4lB3RAG3LMwcnxXY35D7+PMJzHIZdF -cSnq+n03ACY2/E/T31iijRH29rvYHGI+mP/ieYs45iq4fTWo6i1HofeWLdP0fX7xW3XO0/hWYFiw -BxKu66whAbRhaib3XJNvetVs25ToYXyiDpjG+cd5rCMei8sGQwTBj9Zeh0URoeMW1inTP0JvCmMU -rZgAAAAAAAAAAAAA - diff --git a/app/openssl/crypto/pkcs7/t/msie-enc-02.pem b/app/openssl/crypto/pkcs7/t/msie-enc-02.pem deleted file mode 100644 index 279c5d83..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-enc-02.pem +++ /dev/null @@ -1,106 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIITQAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ -bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT -aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ -uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQAKvi2eRLO+jdoiUd8ksZt+iQ0JXoWN0 -M/W9CEv6R1c42pwUIR/1F4RMK9oeyUiv9Z6lzmPaGNmx6XOCoueszVkwgfACAQAw -gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH -EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT -GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW -QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQFqcHEo69ShGfcOIVjnmWXLZM+7Y -K/50j8YuvNbqq+dQxk9YY8ZpSU/JYsxmtcnEZdlSJEkpMHAO73V+eh1QQr0wghFz -BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECJsSmRA1jxLjgIIRSIGLVtf+ -pzeB6oXJ9GlfsnIij+DgIOvrYaXC9qywAaUg7zMnln9QMgiih5XpBLgPg5Y/KYp3 -RZeHBwkjTIFwlNYSjE0PbsszsJYUmkDTsCjFUJEdM4+Cbv3g3Kct5w1Q6pVMXJLg -JG4uFUY8CTScVkb9ETbIy3HisCRKJWA57ERLvCr/Fa6gNJKa5Mw1A5Nsp+QQqp0U -uQz93raAPbCdqmHu8qQ88rzbB1k/ysXedRQLlzhqFs2hryD7kHe0gX8nPdlkre8Y -tTQhY76LtbjnV2drXcyCUMONc56KQ2VcuxB0BWjSeyN8a75/rpt6wmiM/PKw0D4g -RmXqA1ZR62X2WKbhKqvG5tQTF1LauZeddeYS4Rb8cLt2VMB5irkKWrHmJ3qyWELY -Lah6AzDDdcf3LEfDo6rO9djqlU8RJwS0ExAuBooVBP6bZJG1tNUUbtxBydQ4PJUH -UhulBMXUMd545fVb8d+lZnKbx3OS2LpILJ66Yeao7jTrEOIgxUq0c6ozzqcQe4Ax -mytwvL57LpMQm9HpLg3xBHOeDwkkNkNMldA3qrzhoS52yc6vDYrI5XA+kjp7LioG -wdSBDyQAXLmWxBpZXjmHp7GBTBsFwouA9kYWP450PZEomxNvzf9SpslLlD+UZeHM -GWdpi5zInESmtHFue2Zyc4Q8Ul761ENTA5N3uqUmWN2Egkv64Nyigv0CGCjoLB6n -q1256S/ZxISiEl5MTwO/LfhhGExsu+cU12aek3Ks1kNhVXHFoqjJ3YB8Hw08VmHV -V0Bh8jdHVABDaRcR5/k00h9VB8zMP1qQmfhE/4q/fZBrGbgWucrGbBHIYlKFq8gF -zZrH4XWvX41le5IEefm9+hFPE6TRJPh1ezDvh2eVhQxFpK7iqpR0z2OxdLJ5fhmB -CCRHZuRpg7p7MWB6cUhrtBZXDytdkARnlqJsLFudjVUTjU9gi+GUt1sUmEf2Bjba -z58UC7CfPIBJGMLjQD1oAQi1GVo9K1ZIaKqUtGA2QEHB2m/aXZg8F3ZDMfHp6Tpc -au9Em4AL42Hrau1ArCk0fnhgA4dbnmZoEVbZJDdMX5xno1tuqEKYdPLJHuZxJhz2 -xdJUNYSFgpDWLJTzvTOEdZWm+CVmLNl60kJkWNh7HdvWeBV1yBquA6+k+r26sIoq -LaZuSq/8QWnNJYZeQpKl8Ib9d8ycQ62Q2sHxLTq+eTYlwkE4Gomi3665IfmE6DS9 -OnFfYO440lKJZJbJ9ET+VN8kkVfCGh3tJdyVTJc95LKJtxKJzaFUDMObCMPfWOz+ -PaTTY8j9qA+GvdRDxwyBw0CJqgIps1pZ+foEZsIBtNyHHNSWjZxImIuWtfYgNmZ9 -dteZkKibWyZYgb64rgMQ2+nViwGMlQaDfYWCOAIj3mQGPTLb0OgFfKNvxBZuj72B -l8tx3oufN9Ah9DwXl+ynXen39ct901v5eakpCC9VC0xke6JBXyXjxw5qtXRbevyT -jKbYkPFkruwrCUL2fVUxV3mBXGagjz2XNTaz3oDSu9GX/UMViGwwHryeSiwX9XOo -/KVNv+i57w2OlY2k72EoK+700fHlcx+EZu+1tIjh8YOVXDg7+nBklcrr21/FABqP -Apm+fBEQ7QQyQUF1aViizQLgyfRl/J9szZKY2S2z0pHJroahmgSQRPwWgk5FEFpW -PXSG0bRJ8SFNZn2zz3cdT6WvA6hg40jrEHSnCmDTWbWshMPvhCKZqXQTbCqYQnwf -FBCtlpJOGVVvqshqIv69DBbLztTZkjjmdKP48v2B5qHlER4T8vewDt3lU5BAGuQn -yRCcm5qOeuwg8PxcKBgFAoLKM+65cczLna/yIRyB/gD4p53MV5RztnnLxw/YvA2h -xgPLVYn4LFIakKGYnlC7rXhfeDuVAMTpL+NVGbLGE8DeJ2KzdUJHrGZdwV+DkUuB -BN9Pz0NtwEX91mabWawiXrxptmWMxnofMYNe5gg34izvm33+Kj/+Jgvej7uImuo+ -LaOQcCiCUv/gwrqA/FnkiheKboF0JDFIh3UJzZ1T/Uqdjv+JcuZjvCc60AufVdm5 -0zQaj4aZ6PJHybyuU8qT0lQvm083q596yelHHgd7K3J/c8SsfRnTcnSUI8lo7/Hn -N593dZ7kMIc+UNOdzQYSI8KBoNxqOyzuou/GTpaRe3XKADtdzXxy8jY58hwmolrV -UU3Lfay3+bzdNLq0p/GCZ4B5NXkyivJxxiHDoOmHWAzg9pxOV8EYoyponhvF2t3i -kc32y9OhqwUBDZXuiZgtd9W6d3EVcaY6vqOkQGxqDJuMiArC+Hk2qwkK7Mh5qDx6 -q/dVB6PdWr8sVO5J1phIV9u8m5rK7PGnmcDx4sS9eE3soa7gqkVb5H9SrOz/s/DD -1G6BjakHtlizfJLQhhK9eTvDCUf3pvOhtNyX6OKGsPw1VB+UcC0+mnHnThrszIf9 -q/AXJnpoVUPP3Fr1eGCdLTluIc8lRwuYUH/LGdy88Vyx+joZ626a4cb63W2knQoV -mQwz9Gwgm8RIZMLgZAXimazG8EUz/kz0z2C1Ux/wpii8yof9deLZBpMjt4R0uKhM -VFd/Rdko+JspcfoQ9PttA/aZ7aTYu4bXHBpTpusjTOvWrf9/pC4CScqCJWsS3AlG -BzTInw7fk96f7eVOF5g+d7lEOjPHb4/7naj3pDUlH7Htecq3faYzreT3CbqltvKt -LBR3/aRyIM912RTHuTw+6acOq0vguiK+D62C7ZDVtiCm+BbtNNB/UJm79/OQ5mp5 -bTI0kPmDeycaWTa0Ojpum+c/dpG/iJOBDICj7jHOXSHT7JlGyX6aSFJUltucAnZv -wzhPDmdDaIDiKSk85GqgdDWVfGosSCX9Ph/T3WpIxnwfWSDRtIHkWTjly+pe4yy5 -K6/XISy/L5Zh/fhiI5fjHjgzmlibs2ru4nVw6hBhUvlSSe2BEs5d9h/yNH8Wy3qv -b2D3jh7hkepFtZJGNTHp8ZUC7Ns2JIpQYObsaxdI65i3mMOu7fRwI+0/4ejsWhP6 -KCEiLgwvLg0qM82ma6YB7qHAHboaczRVEffDcJUG4a5uycB0DoZFn+uEaEFyili2 -0hCn4hVfsqUQk2PT8Mo1tSl5e30xI1YJZrRgiJm9nHRX6fLizngP+ILJLPHZsPvl -SVIfY+/v/FR8feKOjaGhyGF51BAxaM2NIQ4jMP5/X+U5gQybi0E6u7rroDhaHsKm -CMgXqszwXWCpedA/sEbeHpiTC59YlPPSlIOMc9vPKo/mQCfWy/9icUaIfKQldvkl -lUxxNkqu6AbIpHVscbAEzSPs5xbQXU8EZNNCDisFnnpY3nQ3eLnlm89saTJxRb7N -WHRMlmPv7qgD7uMIq3vdOGA7i5wT9MeoNIgK1/DsgH30s6RWjJy4YyyLmRTXPzbj -hbQVpEmiMRbEidIvUx2OjKVxVQIcgtLsa2lvHQ4XL1cpLr5GVtOgy0fMg5OCDUUD -svjgjgLQ3P2Up2nVY5FM6/QpPc5DTLuuR9ekI2/c9Biz09RtcYDUQK2ajdo8h1Iy -KqHFoB7h48OXxXKKY94DY0TGx6PonB/epj8orAw4QKmm5M0vXYwBOqRymCTHTqOJ -GObdLx1euFFyqguzHJOU2gAGZI0z9Lg1yRuFyhdPZyuniIcmtLNxRZ1duYHErcAy -X56qndmLXt7UVkATai/rIMuoJLfAsUnVuTUS5p7tJM754UZT7lTcXvDJgOUNnBRa -IcxC3pxvbrYDJ2iFJ72xkxUP2p74gucqg25XnCVmQuLg6zDDxF6CLuw9isxyXg4p -kneMN//7fpp8GYl9nyZm2yqYYM+jcw0fcVc64L+X4w/gL3H2UMGgxIHSJp7HIG7V -KHtXrNyjdPXXPVUsMsAAimqOr0Lr2sZWirfuivLaPTqhbkvG5PF7K3gT80AOIcd/ -6EIHBy2hZ7ukfjHmdP4LyQOhTQklaKzGHI0mypq0uFLWJOUlZnVrMiLP1xrWkpC8 -Ro9eo6mfjjQ45z8adC43a47klwTEzvod3rNEFIGJJUEjAN3mbqie7IxoSJknBBJK -0D9lZEQ8lZWlq7vuN8JdqPM6xh155jMVsPwjLK6Tzkj5BpRD9Tgm3u6HPeCRYQ3v -ky71MaixdjTGbWTorqw+/wv3j0KstajivUjYsDTvZtMa9A/bxWyFQDvqOBxPWhwL -770+iS0grXRgKrnD4V8wBDTgp4Je4B2aJjaIBPhKV5rrU8wIy1reZUbItRkIsSY/ -4jRQpHmaU7R8YRyNT2PxOZuNmrE0WqWguxTuhKLs6zQS1geR0BWsTFTI5z9kOJ7p -8GN0tOYt0KZsT0k3COVtfKl1Nm6kaAs2EoYMiyRQAAzBlhrIjph9IgyQ0J4BhOeM -64ZlnWawJcZex8wFHWx9QiP1R4aPAPyCr5RVUdf+h6gf+bR4nmmmqLf6dSWBz0O+ -liwL8WDQbYq5hv0H5Un5rgYzNBI9ESgW1CkH120uQFvsdr+GkZZMh2rNbR4CjmWX -I3wU2+XYW7Yhwto2ZYU7r2AuNEpCimnR28U67ABUjp+8YOOnVaKCg1sVmXw36KJa -bMo6OgbZktt7PVyVkKaz8k8mteEQww7FalXORDI3ffpVYeYaAxyNooIZJ4DaecRI -ga6IJcyuQeUZ9ptgiwpwcUKja3Xe5fJk9/TNI9OS4PQSH3bCoL2m8DeC+usJR+j0 -yfduz54pYqYOWlyzyYOfTfagiD7OtCEh24ypdWfd6/N5UzcHkwE4Yy+DnX9JeDtH -4wL/jreO5BARv0hV78hgac7/+hab2XD/fvsB/+of4Wc3TahsnDUW96xAiz17lEc1 -DKQps76+ZUlCXWd30NlascM07v/zRjPaEKbtPCzmdJE3aIWXJFpgkevvKnGRTasJ -qTavq5rtcPC7WpTZFPf6o+NPVG7FDahOUfIaQo8xkYJFz4JJbPlp54KYdlXB1vec -Lxil+y6MyJirKAt65DzamMq5HsMgoaad9w4t2/kX4STZbLLQP3yJKCT5qhAZguEv -2WVTXemfbW5GwNjm4ZxeIjDUgRMWVN2AQ0S/x+61m4mx6Cunt+YVfI2g3IU3LKl4 -OszpmpHi8rEWODe0op5WmTD9bgQCSXMzGY2JrMY0MEeydhXevA+Upr4d54TZjGew -rAYsI2BFhRdNomTjrW9LXrTPd2+H+Yt91nsxgKSY7ds0TcQtQMDDthCRK6j26PN0 -Uq170sLfiyOD1857HdOECDljnSfBibjMGYYzvISovw7pCCczq0gMVL1evINos3Nw -aExaoy+HM7qwL8ADZZ8uDBLnXsKnTciQlBaob2rDnb4T4YC2mKgl9zMSGW/0GuGO -2126BFKMmsbxJhVgTjMbcC6vl40GgZoAsg4c60/Dz4mi9CYhZwWhon9ZC6CUWta1 -7DnUgroXxGIcA4FVq9k65lw7u1X7l6dV+t453Stfxk7LiFiYeGYXWE6utY6f4R4T -RJgqidc3TUEz3EywrzQKaZxj01Bo8GzCUYNVSdijIgVh+aCafLcnyAMTLlhXbWi2 -G0Ujg12zgLIT1SvCQGPA0A5M6mgkwJC030kQLfcmOkm1KTLEb+8WvJzGTSQScyU/ -W/8DY4IjiYGhriTJFdoPw19o3z9z6zDP0m58+3nTkVx49T2uV00/JxuTEtBbmYL3 -r3at6P4FVQM/mQijh90oTM2b36dNZUl+YGiU35ZlOnHTcLZ9smeiEnBezq41HgPY -hKElUfXUHAPuJQd0QBtyzMHJ8V2N+Q+/jzCcxyGXRXEp6vp9NwAmNvxP099Yoo0R -9va72BxiPpj/4nmLOOYquH01qOotR6H3li3T9H1+8Vt1ztP4VmBYsAcSruusIQG0 -YWom91yTb3rVbNuU6GF8og6YxvnHeawjHovLBkMEwY/WXodFEaHjFtYp0z9Cbwpj -FK2YAAAAAA== ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/msie-s-a-e b/app/openssl/crypto/pkcs7/t/msie-s-a-e deleted file mode 100644 index 0067794d..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-s-a-e +++ /dev/null @@ -1,91 +0,0 @@ - -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV -BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k -aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABECjscaS -G0U299fqiEAgTqTFQBp8Ai6zzjl557cVb3k6z4QZ7CbqBjSXAjLbh5e7S5Hd/FrFcDnxl1Ka06ha -VHGPMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE -BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG -SIb3DQEBAQUABECsyHXZ1xaiv0UQRvOmVYsaF38AL2XX75wxbCsz5/wOg7g3RP4aicZxaR4sBog0 -f2G1o9om/hu+A0rIYF/L4/GUMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQIsozQrnwj -cc2ggASCBAAQz/LPoJe/+iYWeTwSebz6Q9UeKZzQ2UWm7GLtEM3s3c9SCvpmkwIRdEhLjWaBJMyI -DiL7t1I1vMf9inB8LXgAcIEYkpNScjS8ERA9Ebb7ieNKSBg7w7B8ATHFxLSlDADqRgoZrB1Ctfgf -ximp3EgxTgnhtyQhZxXW7kBQyFRwumplrJXOp7albP7IothrOKncw30IJT1fwPxWNMItI9juXF0U -CbWVSjPzGBo4+XNXMvUO6MplOQEz/ywEQ9E8OZAQex1Zw9qq5ppsXB2pMsYV5sLJGikukMYKquiz -3YK+tN6J8ahLcDUs+VGwqvZi17gpBTlbEP+ZmXJpnO63t1yTEB0V5AZcRKWUOhzlCBM5YUagqNoY -cpsmSvOK6bYzkUKOrzWpDCAtGZ/Dvul5dTZZmxs2WpM+iyeHXMxO3huy8K1brPTqt1f1sHhuq1jD -1eXedaCjIgUW9qV18vNAQCof/Yb6T/1fxztf/jD7pPLQJ+7LJkKCAEHGcaizpoKqhYcttaEhLq1G -O+Ohqf7yFegMdTJ3wwP324w5ZYSU5fLo2Z34/Edf6EGvXyTIqVfAmEBALd6JGVdN5GlYYTxrL+eO -P80Z4ao4YKoxwEmRp5bmQsQ8B29QhOFKmC6eiG5B96qLMtp7Zmu1grDNxTd6OXShWVwYARD0/B1P -Sy0PAfk9Gb4fAkO9fZJDQYZ7s0mM5iOPEeSR7820TolOb+KfRabLA9d714jsc2jEykKlpP66Bh4j -aCsyqJ0uUQcE8SnzrKAqGwgWiCGQpiTa+HBiP6eRlRGOKQj5Y06vcNx6Ija4cGe6+yCN8HV8tCY0 -okZK98NQCl5t79R/ZB2c3NvBJH+/g3ulU48ikT3tVmDxE3mOZofZyGFEM99P+YCMScLDxTl3hzGy -0YkI8U855P7qOAbcFfh2T5n+LSELwLhbkymEfZT917GWTfmypBWMvJx0WHeDhKwQYPdzbKgWETnc -yeKasaCW+oLdhBwrd6Ws2r4MA8cwiYXDLbwYmCxJA8VF++8kubF2HJOjSyMBS+QT2PSV/0D9UWoi -Vfk7R4OvWBJVvq7nV+lXS0O5igjExxlmx1OaBfg7+Cr/MbK4zVNrKSJn82NnKKt6LC6RaTmvFYay -0sDFxQ7Xo+Th6tDNKmKWJt6Kegfjc+qTWJTKb3kL+UI8vS0zTLy1+M/rZ4ekos/JiS5rYIcAswvg -58kBgp/0rc6upBeWjBaK5O0aLAeBQfLulo1axWX04OSVKmYeoAltyR6UO9ME3acurQyg7Ta24yqO -whi/PrIaEiO7dsWvFtzsshVzBLic02NlAkPkMUzliPYnZHWQglDAVxL5K2qhvK1OFCkQpIgBsBDM -6KYRL/mkBIIEALIl927rIkaN37/BQIcxLcSa05YfC0Hl3mxWESt1A0D4lA37A9S8EbYmDfAYlMc0 -3HhZGdZEtawfpJFyDHzNZceNWBch6nxeNZCY4YFdsbzuGS0RKpwNA9S/czOJ4p9ymBCxuhGepI3U -PKbC8C749Www1/wMdAot1n+K7M/PBGR8hWmaH5SS7U3yMwAB1fq2NDjx4ur+Um+MclSdN01MDXzG -EO+eAo1pdAY8479234l8dB2YVAhZ1ZlJ4KmbqMKJrGJXnQUEYS6/cTDRjsUocsoW7uGg1ci2GiHa -qjlkfpBfie3SdhFW/K8hwAH0HALs56oFN66wUkP/AaJAPfIUNhR6RpHKzZ9zCC42oB2mNawQRMnF -ETBl1s/SwMxLKRp7jAfKs4NZxSY6I9z/2dTpzS3tsHMjxVDuxkolvRNWBILEMeL1CBvip2HhmoUw -/Sz5NDgyzk1aQLV6DQNJ2RZLMZDRCtSwZSBu6lhhSgTJGazP0+NbqXXC5aQTrqrFIcWyDXz+ADle -kszzYM/gSaQTCALTwfDDaU9Ek3xVgW+XBtExtJ3U+0AN3l0j86rUIdIvp6eWdxWQqv9LtpoorKMD -KfUc5PYV09Z1JgsT4X51Zzq+74l5dz7udIM7UNbdTpmRm9PDj3TUbGCvNR9hqOEGTLbkvb1ZR24a -h6uGRl2znB25IpDAGRhNRb9is/pO2tvHwHTDMOjrgvZG/pNvXgSUxz0pRjUjXIcqBe2X2gcQfeal -r8gY76o83WEGL6ODryV9vTQVHt52+izgpYoBZaVlpgqbZl54c+OE0Zxf9RwXwDbcYu5Ku5E0MPL0 -qUjc0y2+Y6E4P5bAWaZGMGT+ORkyVUzcaWmM/+XlO7PER5wrWlCIMZCX1L/nvioY0q0CKqALn7DJ -QU+qenbwrb6uwS7uNZY6V86s0aDYpU7yRyqxC5SbuyNJb02gdxUCgpIscFaMUjMVRml4M4BIjX/b -U+HgHoVMUm8SnN9gRcT2izPrgOGVcMTJjfenzoCKoCPo9RjgGMctgB4DvKamErNU7OrilIfuoqzE -PNSeP9SPw/zkDmNvMebM499We9CVnsHUWqF00/ZJWoua77+0f1bLS/tmci1JBvIcMo/4SJvgH+KF -o0gijP9gqAPd5iCOnpnJlHUqRIym42SmyKEDuzdSwXKjAR6j7uXda39JyMJr8gGzEsu0jYRkAmj1 -YdiqwKXUcLMkcj1AKeU/PxTUVw0YKsv/rowrPYww3xQUWqNivrXB7GCHE3BzsYNdHsmziaGIXQbA -+EBHdkuKrM8BcC+fxhF/l/KUxngsD1E75IcUv8zFDF+sk4CBYHqks9S4JYlcubuizqsILbdGzIMN -Z7w34k0XT+sEggQAyzr8MHeIJGsT+AYnZr08PeTbyr01JEoT7lPYT6PzX4F63QKKDl+mB+PwLMzY -CXrxZcUmuay6/MV8w/f5T6vQXdoSw5puWodBYwVReYh1IaEN+jiTapm9YBVmcIsJPO6abHowknSV -OWSvST0AtAX57fFOTckm+facfBK9s9T1lUUgF44Bh5e8f9qKqfOV44nqdCOEyUm0Dao497ieN4Eg -XBLNvOZY9+irMiXjp0lcyFvhrJOczfyCr9EiiaiH1TfSzKGKsf2W84iKn/JH6x2eOo7xjwJ40BQD -c6S1cUNEuqBhP6by0FioOXYOKVyifpxk84Eb+F/4CNdTJTvCPwsiegdfsX/Q53DvKVtXp9Ycam5J -TmKRHXK/bMHF4ONv3p/O/kn/BqRx+fbbP2eMX8Z1F/ltHKfp6B+06HljUwQLBJs9XtCfqH5Zgdz9 -gad5WZF5ykFArmHDgeFlgggvbZ7z9vqnjN/TH68TxJzauYQ5vLHQ6wGXik4/4uq7/TqNmhxlQEM4 -zVkwsn203bUmKLyz+yl1zItDpn5zy1uXfGo99rBdUzdbdE9LmEFPMaFsaHd4a8oDaUroD7FgCbeD -JJVld3ac6F8+3QbExPs48OrgA1kI3/UwXr52ldjiYzTLfAGR9BjqNFTw45FUHuMf8TEM5hcHx56w -95eKAqraDk28o9k+M2UKpcmrdlWoWzdqVVFeWGpM8x9Y9Nt0lf/4VUQgrXjqTkUCQkJyqTeTeGgH -rn3QBk2XAgpxZhaJs3InW0BkAlBmK99cMinUiJeFt5a4p5wPeXrVuh6V9m7Mpl9hzpogg++EZqah -fzzNnDgxOZfW342DX052PdgXo0NnkhCk005LvFt6M2mRn0fLgNVfyUZZoOp8cO5ZWbhXXlrhrgUt -j2zKPK6Q94Zj4kdXHBGpAkrB8ZQ4EGGODE0Dqusm8WPXzB+9236IMHPU7lFbyjBrFNI7O4jg+qRI -Ipi+7tX0FsilqEbmjG+OPwhZXrdqUqyF+rjKQuSRq7lOeDB4c6S2dq4OOny01i5HCbbyc9UvSHRm -hOhGqUlzHyHLo3W7j+26V/MhkDXJ+Tx+qfylv4pbliwTteJJj+CZwzjv29qb6lxYi+38Bw10ERap -m8UCRFBecVN7xXlcIfyeAl666Vi7EBJZv3EdFNrx1nlLwM65nYya7uj6L7IwJWotIUx8E0XH0/cU -xS/dG8bxf9L/8652h5gq3LI+wTNGuEX0DMuz7BGQG+NtgabrZ6SsKGthGa7eULTpz0McWTLRU0y/ -/tkckpm5pDnXSFbIMskwwjECz82UZBSPpigdN/Pjg5d+0yWu7s3VJxw4ENWPPpzZ+j7sOXmdvn9P -O1tQd60EO+3awASCBAAZQvWV3/yJ6FxPttbP+qeURpJoPEZfpN2UYZmd8HqtR0YbaOZ6Rln9nvpd -K9fylXdw9z2xeCbjDWUttJB4VqZxGJM8eCTC1VDVyAOsQ5n7SY55dMkQbU+o4Z/4J5m8+wz50BBI -LfruL1eZ6/CF6CdvxVRiJ10sXc0Tn2sVMXqkw7Adp1GYoCI9c6VFSFK74+n+y7LVFQ5HBnbQyKJc -dvdLOXwZOPaFHC5UNXRmOpcwdPqyXUe+xIsOMYbzdlAnI9eGDNeRDktUa/Rh0CbZCxjmJzoZEYOE -ZjsYZlEfp1Kb61t8z4m28hGLEg88T1Ihmxa2HeUWes1RpmgIOP+/2Lb3smj/l/fpSu4gabFgyCAV -H5HdCYMScUv8SVu55+tpeO8ELoHHQUXV4rr084O4budzhgNSOPyLGDl5sfDUXiyusPCxS4JVO/KY -6V2Qrtg/q2wtmXpEkZnGT+Qi3WDzwt4W81alztnYMP17oGLmxX71KV9OEiMZjI4WaaGt+OOINLtR -qefioZ1NI2L1s5M0tybwTsyU9WERM+3pUwXIfJVsbMZRlNaO2OogcHbaR4UWvhOj+3CTG1sThiYQ -MxMnp1Rpqx3nhyzqLO3TRrkYvxnA3cdPBn9EeqpgBMg7X3hCiMV3Fl5cj/WOMhtHYgY7BgeCXo46 -EFVZ4+WroGZ46xGiRDiIblo8bzLd7QCxvukzxy3mUDgsZQ8pds4N28weSUhBk5MAPbfBpRvXUVJx -MhKqXucQU1Md1qSGLbuuIQuz9pAGp1JFUx/vEkCgm74daSoVWCZuB+1ZE4f48clvrBj51xMNf8CP -EFE7vySzVb6X2H1i5X3Z+Y3DdIcWw4Y2FClfcJk4Mwq8Cq2GALGFEge9YSEE9YmyuU6OFeU0ICon -iXAgZ72SM8fBwJPruLFbdsNYKW+oAfmPisXSWMcZmdSbfk0GYv+vKtu3eegSbWw1UsCVtZOh9E5Z -uQ83l59CBqO9sV/SFU3WrrJ0qNWxrmXu9nJn5Qf5iCRoFGYNHYHkIG5FS6N00GEDZxGkxmro2d++ -Adj5LVHc/b1cYWmrux+jEqI8ZK8cyTB0XMbBA/HYbx9NXazr7znP4/Mlv3pZToEcYt+lgLHAArtU -AdhybhbLIwNMq0gr6EwtDklBa3ns4Wx/rJU8H7LGs6gV8uqeaSketv+nz+sQhfctxZ1rx+5qzXfy -FOQVpO23KDQunBi1Bl9k61Di4q9JWcyADBXPHXJzp7mL8Fk7zdvMAEfuED1phdRm6GgDYoYUs4yQ -IrhSjFlWyk7hT8475xk3BIv++obvWSAv/3+pF6A6U2RXDChVmnG0JnPa9wYYtdzBmLfZKBjX+DjD -yEMsuhPsCzuN4R6tBIIBWCVRKmKwdkatmpsQBgDw48u0/Arffl5/DRlS9ee+QffFecUitDdCK+kt -X5L2fGYrL5g6SltncMIeV1ptx4nuSjC/O944q1KYtqvQiPFWJqEXIRMNbbYOC47sjLza0tEFrimN -wxcrWGSzsy5R9beFQ1aHPcMrDWfCoviNRk2qPtxuKIC5Qk2ZuOmJLjCiLwUGEb0/1Mpzv3MqQa7d -mRayXg3DZWJPajxNZv6eS357ElMvwGQmqafb2mlQJwWLsg9m9PG7uqEoyrqSc6MiuY+icLEFib9j -OfRQrx70rTSKUfTr4MtP0aZZAefjCrpVIyTekhFDOk0Nmx057eonlyGgmGpl5/Uo+t1J1Z11Ya/l -bNbfmebRISJeTVW0I8FhseAZMI1GSwp/ludJxSLYOgyRkh+GX134MexNo7O9F1SxLCfWaSG9Fc3s -5ify04ua9/t8SGrYZPm/l3MkAAAAAAAAAAAAAA== - - diff --git a/app/openssl/crypto/pkcs7/t/msie-s-a-e.pem b/app/openssl/crypto/pkcs7/t/msie-s-a-e.pem deleted file mode 100644 index 55dbd8f8..00000000 --- a/app/openssl/crypto/pkcs7/t/msie-s-a-e.pem +++ /dev/null @@ -1,106 +0,0 @@ ------BEGIN PKCS7----- -MIAGCSqGSIb3DQEHA6CAMIITUAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ -bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT -aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ -uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQKOxxpIbRTb31+qIQCBOpMVAGnwCLrPO -OXnntxVveTrPhBnsJuoGNJcCMtuHl7tLkd38WsVwOfGXUprTqFpUcY8wgfACAQAw -gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH -EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT -GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW -QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQKzIddnXFqK/RRBG86ZVixoXfwAv -ZdfvnDFsKzPn/A6DuDdE/hqJxnFpHiwGiDR/YbWj2ib+G74DSshgX8vj8ZQwghGD -BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECLKM0K58I3HNgIIRWBDP8s+g -l7/6JhZ5PBJ5vPpD1R4pnNDZRabsYu0Qzezdz1IK+maTAhF0SEuNZoEkzIgOIvu3 -UjW8x/2KcHwteABwgRiSk1JyNLwRED0RtvuJ40pIGDvDsHwBMcXEtKUMAOpGChms -HUK1+B/GKancSDFOCeG3JCFnFdbuQFDIVHC6amWslc6ntqVs/sii2Gs4qdzDfQgl -PV/A/FY0wi0j2O5cXRQJtZVKM/MYGjj5c1cy9Q7oymU5ATP/LARD0Tw5kBB7HVnD -2qrmmmxcHakyxhXmwskaKS6Qxgqq6LPdgr603onxqEtwNSz5UbCq9mLXuCkFOVsQ -/5mZcmmc7re3XJMQHRXkBlxEpZQ6HOUIEzlhRqCo2hhymyZK84rptjORQo6vNakM -IC0Zn8O+6Xl1NlmbGzZakz6LJ4dczE7eG7LwrVus9Oq3V/WweG6rWMPV5d51oKMi -BRb2pXXy80BAKh/9hvpP/V/HO1/+MPuk8tAn7ssmQoIAQcZxqLOmgqqFhy21oSEu -rUY746Gp/vIV6Ax1MnfDA/fbjDllhJTl8ujZnfj8R1/oQa9fJMipV8CYQEAt3okZ -V03kaVhhPGsv544/zRnhqjhgqjHASZGnluZCxDwHb1CE4UqYLp6IbkH3qosy2ntm -a7WCsM3FN3o5dKFZXBgBEPT8HU9LLQ8B+T0Zvh8CQ719kkNBhnuzSYzmI48R5JHv -zbROiU5v4p9FpssD13vXiOxzaMTKQqWk/roGHiNoKzKonS5RBwTxKfOsoCobCBaI -IZCmJNr4cGI/p5GVEY4pCPljTq9w3HoiNrhwZ7r7II3wdXy0JjSiRkr3w1AKXm3v -1H9kHZzc28Ekf7+De6VTjyKRPe1WYPETeY5mh9nIYUQz30/5gIxJwsPFOXeHMbLR -iQjxTznk/uo4BtwV+HZPmf4tIQvAuFuTKYR9lP3XsZZN+bKkFYy8nHRYd4OErBBg -93NsqBYROdzJ4pqxoJb6gt2EHCt3pazavgwDxzCJhcMtvBiYLEkDxUX77yS5sXYc -k6NLIwFL5BPY9JX/QP1RaiJV+TtHg69YElW+rudX6VdLQ7mKCMTHGWbHU5oF+Dv4 -Kv8xsrjNU2spImfzY2coq3osLpFpOa8VhrLSwMXFDtej5OHq0M0qYpYm3op6B+Nz -6pNYlMpveQv5Qjy9LTNMvLX4z+tnh6Siz8mJLmtghwCzC+DnyQGCn/Stzq6kF5aM -Fork7RosB4FB8u6WjVrFZfTg5JUqZh6gCW3JHpQ70wTdpy6tDKDtNrbjKo7CGL8+ -shoSI7t2xa8W3OyyFXMEuJzTY2UCQ+QxTOWI9idkdZCCUMBXEvkraqG8rU4UKRCk -iAGwEMzophEv+aSyJfdu6yJGjd+/wUCHMS3EmtOWHwtB5d5sVhErdQNA+JQN+wPU -vBG2Jg3wGJTHNNx4WRnWRLWsH6SRcgx8zWXHjVgXIep8XjWQmOGBXbG87hktESqc -DQPUv3MzieKfcpgQsboRnqSN1DymwvAu+PVsMNf8DHQKLdZ/iuzPzwRkfIVpmh+U -ku1N8jMAAdX6tjQ48eLq/lJvjHJUnTdNTA18xhDvngKNaXQGPOO/dt+JfHQdmFQI -WdWZSeCpm6jCiaxiV50FBGEuv3Ew0Y7FKHLKFu7hoNXIthoh2qo5ZH6QX4nt0nYR -VvyvIcAB9BwC7OeqBTeusFJD/wGiQD3yFDYUekaRys2fcwguNqAdpjWsEETJxREw -ZdbP0sDMSykae4wHyrODWcUmOiPc/9nU6c0t7bBzI8VQ7sZKJb0TVgSCxDHi9Qgb -4qdh4ZqFMP0s+TQ4Ms5NWkC1eg0DSdkWSzGQ0QrUsGUgbupYYUoEyRmsz9PjW6l1 -wuWkE66qxSHFsg18/gA5XpLM82DP4EmkEwgC08Hww2lPRJN8VYFvlwbRMbSd1PtA -Dd5dI/Oq1CHSL6enlncVkKr/S7aaKKyjAyn1HOT2FdPWdSYLE+F+dWc6vu+JeXc+ -7nSDO1DW3U6ZkZvTw4901GxgrzUfYajhBky25L29WUduGoerhkZds5wduSKQwBkY -TUW/YrP6Ttrbx8B0wzDo64L2Rv6Tb14ElMc9KUY1I1yHKgXtl9oHEH3mpa/IGO+q -PN1hBi+jg68lfb00FR7edvos4KWKAWWlZaYKm2ZeeHPjhNGcX/UcF8A23GLuSruR -NDDy9KlI3NMtvmOhOD+WwFmmRjBk/jkZMlVM3GlpjP/l5TuzxEecK1pQiDGQl9S/ -574qGNKtAiqgC5+wyUFPqnp28K2+rsEu7jWWOlfOrNGg2KVO8kcqsQuUm7sjSW9N -oHcVAoKSLHBWjFIzFUZpeDOASI1/21Ph4B6FTFJvEpzfYEXE9osz64DhlXDEyY33 -p86AiqAj6PUY4BjHLYAeA7ymphKzVOzq4pSH7qKsxDzUnj/Uj8P85A5jbzHmzOPf -VnvQlZ7B1FqhdNP2SVqLmu+/tH9Wy0v7ZnItSQbyHDKP+Eib4B/ihaNIIoz/YKgD -3eYgjp6ZyZR1KkSMpuNkpsihA7s3UsFyowEeo+7l3Wt/ScjCa/IBsxLLtI2EZAJo -9WHYqsCl1HCzJHI9QCnlPz8U1FcNGCrL/66MKz2MMN8UFFqjYr61wexghxNwc7GD -XR7Js4mhiF0GwPhAR3ZLiqzPAXAvn8YRf5fylMZ4LA9RO+SHFL/MxQxfrJOAgWB6 -pLPUuCWJXLm7os6rCC23RsyDDWe8N+JNF0/ryzr8MHeIJGsT+AYnZr08PeTbyr01 -JEoT7lPYT6PzX4F63QKKDl+mB+PwLMzYCXrxZcUmuay6/MV8w/f5T6vQXdoSw5pu -WodBYwVReYh1IaEN+jiTapm9YBVmcIsJPO6abHowknSVOWSvST0AtAX57fFOTckm -+facfBK9s9T1lUUgF44Bh5e8f9qKqfOV44nqdCOEyUm0Dao497ieN4EgXBLNvOZY -9+irMiXjp0lcyFvhrJOczfyCr9EiiaiH1TfSzKGKsf2W84iKn/JH6x2eOo7xjwJ4 -0BQDc6S1cUNEuqBhP6by0FioOXYOKVyifpxk84Eb+F/4CNdTJTvCPwsiegdfsX/Q -53DvKVtXp9Ycam5JTmKRHXK/bMHF4ONv3p/O/kn/BqRx+fbbP2eMX8Z1F/ltHKfp -6B+06HljUwQLBJs9XtCfqH5Zgdz9gad5WZF5ykFArmHDgeFlgggvbZ7z9vqnjN/T -H68TxJzauYQ5vLHQ6wGXik4/4uq7/TqNmhxlQEM4zVkwsn203bUmKLyz+yl1zItD -pn5zy1uXfGo99rBdUzdbdE9LmEFPMaFsaHd4a8oDaUroD7FgCbeDJJVld3ac6F8+ -3QbExPs48OrgA1kI3/UwXr52ldjiYzTLfAGR9BjqNFTw45FUHuMf8TEM5hcHx56w -95eKAqraDk28o9k+M2UKpcmrdlWoWzdqVVFeWGpM8x9Y9Nt0lf/4VUQgrXjqTkUC -QkJyqTeTeGgHrn3QBk2XAgpxZhaJs3InW0BkAlBmK99cMinUiJeFt5a4p5wPeXrV -uh6V9m7Mpl9hzpogg++EZqahfzzNnDgxOZfW342DX052PdgXo0NnkhCk005LvFt6 -M2mRn0fLgNVfyUZZoOp8cO5ZWbhXXlrhrgUtj2zKPK6Q94Zj4kdXHBGpAkrB8ZQ4 -EGGODE0Dqusm8WPXzB+9236IMHPU7lFbyjBrFNI7O4jg+qRIIpi+7tX0FsilqEbm -jG+OPwhZXrdqUqyF+rjKQuSRq7lOeDB4c6S2dq4OOny01i5HCbbyc9UvSHRmhOhG -qUlzHyHLo3W7j+26V/MhkDXJ+Tx+qfylv4pbliwTteJJj+CZwzjv29qb6lxYi+38 -Bw10ERapm8UCRFBecVN7xXlcIfyeAl666Vi7EBJZv3EdFNrx1nlLwM65nYya7uj6 -L7IwJWotIUx8E0XH0/cUxS/dG8bxf9L/8652h5gq3LI+wTNGuEX0DMuz7BGQG+Nt -gabrZ6SsKGthGa7eULTpz0McWTLRU0y//tkckpm5pDnXSFbIMskwwjECz82UZBSP -pigdN/Pjg5d+0yWu7s3VJxw4ENWPPpzZ+j7sOXmdvn9PO1tQd60EO+3awBlC9ZXf -/InoXE+21s/6p5RGkmg8Rl+k3ZRhmZ3weq1HRhto5npGWf2e+l0r1/KVd3D3PbF4 -JuMNZS20kHhWpnEYkzx4JMLVUNXIA6xDmftJjnl0yRBtT6jhn/gnmbz7DPnQEEgt -+u4vV5nr8IXoJ2/FVGInXSxdzROfaxUxeqTDsB2nUZigIj1zpUVIUrvj6f7LstUV -DkcGdtDIolx290s5fBk49oUcLlQ1dGY6lzB0+rJdR77Eiw4xhvN2UCcj14YM15EO -S1Rr9GHQJtkLGOYnOhkRg4RmOxhmUR+nUpvrW3zPibbyEYsSDzxPUiGbFrYd5RZ6 -zVGmaAg4/7/YtveyaP+X9+lK7iBpsWDIIBUfkd0JgxJxS/xJW7nn62l47wQugcdB -RdXiuvTzg7hu53OGA1I4/IsYOXmx8NReLK6w8LFLglU78pjpXZCu2D+rbC2ZekSR -mcZP5CLdYPPC3hbzVqXO2dgw/XugYubFfvUpX04SIxmMjhZpoa3444g0u1Gp5+Kh -nU0jYvWzkzS3JvBOzJT1YREz7elTBch8lWxsxlGU1o7Y6iBwdtpHhRa+E6P7cJMb -WxOGJhAzEyenVGmrHeeHLOos7dNGuRi/GcDdx08Gf0R6qmAEyDtfeEKIxXcWXlyP -9Y4yG0diBjsGB4JejjoQVVnj5augZnjrEaJEOIhuWjxvMt3tALG+6TPHLeZQOCxl -Dyl2zg3bzB5JSEGTkwA9t8GlG9dRUnEyEqpe5xBTUx3WpIYtu64hC7P2kAanUkVT -H+8SQKCbvh1pKhVYJm4H7VkTh/jxyW+sGPnXEw1/wI8QUTu/JLNVvpfYfWLlfdn5 -jcN0hxbDhjYUKV9wmTgzCrwKrYYAsYUSB71hIQT1ibK5To4V5TQgKieJcCBnvZIz -x8HAk+u4sVt2w1gpb6gB+Y+KxdJYxxmZ1Jt+TQZi/68q27d56BJtbDVSwJW1k6H0 -Tlm5DzeXn0IGo72xX9IVTdausnSo1bGuZe72cmflB/mIJGgUZg0dgeQgbkVLo3TQ -YQNnEaTGaujZ374B2PktUdz9vVxhaau7H6MSojxkrxzJMHRcxsED8dhvH01drOvv -Oc/j8yW/ellOgRxi36WAscACu1QB2HJuFssjA0yrSCvoTC0OSUFreezhbH+slTwf -ssazqBXy6p5pKR62/6fP6xCF9y3FnWvH7mrNd/IU5BWk7bcoNC6cGLUGX2TrUOLi -r0lZzIAMFc8dcnOnuYvwWTvN28wAR+4QPWmF1GboaANihhSzjJAiuFKMWVbKTuFP -zjvnGTcEi/76hu9ZIC//f6kXoDpTZFcMKFWacbQmc9r3Bhi13MGYt9koGNf4OMPI -Qyy6E+wLO43hHq0lUSpisHZGrZqbEAYA8OPLtPwK335efw0ZUvXnvkH3xXnFIrQ3 -QivpLV+S9nxmKy+YOkpbZ3DCHldabceJ7kowvzveOKtSmLar0IjxViahFyETDW22 -DguO7Iy82tLRBa4pjcMXK1hks7MuUfW3hUNWhz3DKw1nwqL4jUZNqj7cbiiAuUJN -mbjpiS4woi8FBhG9P9TKc79zKkGu3ZkWsl4Nw2ViT2o8TWb+nkt+exJTL8BkJqmn -29ppUCcFi7IPZvTxu7qhKMq6knOjIrmPonCxBYm/Yzn0UK8e9K00ilH06+DLT9Gm -WQHn4wq6VSMk3pIRQzpNDZsdOe3qJ5choJhqZef1KPrdSdWddWGv5WzW35nm0SEi -Xk1VtCPBYbHgGTCNRksKf5bnScUi2DoMkZIfhl9d+DHsTaOzvRdUsSwn1mkhvRXN -7OYn8tOLmvf7fEhq2GT5v5dzJAAAAAA= ------END PKCS7----- diff --git a/app/openssl/crypto/pkcs7/t/nav-smime b/app/openssl/crypto/pkcs7/t/nav-smime deleted file mode 100644 index 6ee4b597..00000000 --- a/app/openssl/crypto/pkcs7/t/nav-smime +++ /dev/null @@ -1,157 +0,0 @@ -From angela@c2.net.au Thu May 14 13:32:27 1998 -X-UIDL: 83c94dd550e54329bf9571b72038b8c8 -Return-Path: angela@c2.net.au -Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id NAA27838 for ; Thu, 14 May 1998 13:32:26 +1000 (EST) -Message-ID: <355A6779.4B63E64C@cryptsoft.com> -Date: Thu, 14 May 1998 13:39:37 +1000 -From: Angela van Lent -X-Mailer: Mozilla 4.03 [en] (Win95; U) -MIME-Version: 1.0 -To: tjh@cryptsoft.com -Subject: signed -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms9A58844C95949ECC78A1C54C" -Content-Length: 2604 -Status: OR - -This is a cryptographically signed message in MIME format. - ---------------ms9A58844C95949ECC78A1C54C -Content-Type: text/plain; charset=us-ascii -Content-Transfer-Encoding: 7bit - -signed body - ---------------ms9A58844C95949ECC78A1C54C -Content-Type: application/x-pkcs7-signature; name="smime.p7s" -Content-Transfer-Encoding: base64 -Content-Disposition: attachment; filename="smime.p7s" -Content-Description: S/MIME Cryptographic Signature - -MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC -BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR -BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv -ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE -AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow -gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu -ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG -A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m -dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh -hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg -hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP -igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds -syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB -kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l -MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB -TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB -BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf -mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s -8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx -ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP -BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ -REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB -AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B -CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG -SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv -BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA -9CWR6g== ---------------ms9A58844C95949ECC78A1C54C-- - - -From angela@c2.net.au Thu May 14 13:33:16 1998 -X-UIDL: 8f076c44ff7c5967fd5b00c4588a8731 -Return-Path: angela@c2.net.au -Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id NAA27847 for ; Thu, 14 May 1998 13:33:15 +1000 (EST) -Message-ID: <355A67AB.2AF38806@cryptsoft.com> -Date: Thu, 14 May 1998 13:40:27 +1000 -From: Angela van Lent -X-Mailer: Mozilla 4.03 [en] (Win95; U) -MIME-Version: 1.0 -To: tjh@cryptsoft.com -Subject: signed -Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------msD7863B84BD61E02C407F2F5E" -Content-Length: 2679 -Status: OR - -This is a cryptographically signed message in MIME format. - ---------------msD7863B84BD61E02C407F2F5E -Content-Type: text/plain; charset=us-ascii -Content-Transfer-Encoding: 7bit - -signed body 2 - ---------------msD7863B84BD61E02C407F2F5E -Content-Type: application/x-pkcs7-signature; name="smime.p7s" -Content-Transfer-Encoding: base64 -Content-Disposition: attachment; filename="smime.p7s" -Content-Description: S/MIME Cryptographic Signature - -MIIGVgYJKoZIhvcNAQcCoIIGRzCCBkMCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC -BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR -BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv -ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE -AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow -gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu -ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG -A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m -dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh -hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg -hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP -igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds -syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB -kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l -MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB -TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB -BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf -mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s -8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx -ggGzMIIBrwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP -BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ -REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB -AgIEfjAJBgUrDgMCGgUAoIGxMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN -AQkFMQ8XDTk4MDUxNDAzNDAyN1owIwYJKoZIhvcNAQkEMRYEFOKcV8mNYJnM8rHQajcSEqJN -rwdDMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsO -AwIHMA0GCCqGSIb3DQMCAgFAMA0GCCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABEADPE/N -coH+zTFuX5YpolupTKxKK8eEjc48TuADuO8bIHHDE/fEYaWunlwDuTlcFJl1ig0idffPB1qC -Zp8SSVVY ---------------msD7863B84BD61E02C407F2F5E-- - - -From angela@c2.net.au Thu May 14 14:05:32 1998 -X-UIDL: a7d629b4b9acacaee8b39371b860a32a -Return-Path: angela@c2.net.au -Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id OAA28033 for ; Thu, 14 May 1998 14:05:32 +1000 (EST) -Message-ID: <355A6F3B.AC385981@cryptsoft.com> -Date: Thu, 14 May 1998 14:12:43 +1000 -From: Angela van Lent -X-Mailer: Mozilla 4.03 [en] (Win95; U) -MIME-Version: 1.0 -To: tjh@cryptsoft.com -Subject: encrypted -Content-Type: application/x-pkcs7-mime; name="smime.p7m" -Content-Transfer-Encoding: base64 -Content-Disposition: attachment; filename="smime.p7m" -Content-Description: S/MIME Encrypted Message -Content-Length: 905 -Status: OR - -MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG -A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD -ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEA92N29Yk39RUY2tIVd -exGT2MFX3J6H8LB8aDRJjw7843ALgJ5zXpM5+f80QkAWwEN2A6Pl3VxiCeKLi435zXVyMIHw -AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI -QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU -UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0G -CSqGSIb3DQEBAQUABECR9IfyHtvnjFmZ8B2oUCEs1vxMsG0u1kxKE4RMPFyDqDCEARq7zXMg -nzSUI7Wgv5USSKDqcLRJeW+jvYURv/nJMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA -oAQIrLqrij2ZMpeggAQoibtn6reRZWuWk5Iv5IAhgitr8EYE4w4ySQ7EMB6mTlBoFpccUMWX -BwQgQn1UoWCvYAlhDzURdbui64Dc0rS2wtj+kE/InS6y25EEEPe4NUKaF8/UlE+lo3LtILQE -CL3uV8k7m0iqAAAAAAAAAAAAAA== - diff --git a/app/openssl/crypto/pkcs7/t/s.pem b/app/openssl/crypto/pkcs7/t/s.pem deleted file mode 100644 index 4fa925b1..00000000 --- a/app/openssl/crypto/pkcs7/t/s.pem +++ /dev/null @@ -1,57 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9 -mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG -fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/ -zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29 -p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b -bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk -IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG ------END RSA PRIVATE KEY----- -issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA -subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com -serial :047D - -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1149 (0x47d) - Signature Algorithm: md5withRSAEncryption - Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA - Validity - Not Before: May 13 05:40:58 1998 GMT - Not After : May 12 05:40:58 2000 GMT - Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Modulus: - 00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81: - 73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc: - 89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29: - fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f: - e7:e7:0c:4d:0b - Exponent: 65537 (0x10001) - X509v3 extensions: - Netscape Comment: - Generated with SSLeay - Signature Algorithm: md5withRSAEncryption - 52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55: - f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97: - d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b: - 50:74:ad:92:cb:4e:90:e5:fa:7d - ------BEGIN CERTIFICATE----- -MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV -MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE -ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E -IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw -NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK -UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0 -aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG -9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf -lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB -hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA -UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8 -4A3ZItobUHStkstOkOX6fQ== ------END CERTIFICATE----- - diff --git a/app/openssl/crypto/pkcs7/t/server.pem b/app/openssl/crypto/pkcs7/t/server.pem deleted file mode 100644 index 989baf87..00000000 --- a/app/openssl/crypto/pkcs7/t/server.pem +++ /dev/null @@ -1,57 +0,0 @@ -issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA -subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com -serial :047D - -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1149 (0x47d) - Signature Algorithm: md5withRSAEncryption - Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA - Validity - Not Before: May 13 05:40:58 1998 GMT - Not After : May 12 05:40:58 2000 GMT - Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Modulus: - 00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81: - 73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc: - 89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29: - fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f: - e7:e7:0c:4d:0b - Exponent: 65537 (0x10001) - X509v3 extensions: - Netscape Comment: - Generated with SSLeay - Signature Algorithm: md5withRSAEncryption - 52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55: - f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97: - d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b: - 50:74:ad:92:cb:4e:90:e5:fa:7d - ------BEGIN CERTIFICATE----- -MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV -MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE -ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E -IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw -NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK -UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m -dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0 -aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG -9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf -lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB -hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA -UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8 -4A3ZItobUHStkstOkOX6fQ== ------END CERTIFICATE----- - ------BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9 -mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG -fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/ -zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29 -p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b -bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk -IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG ------END RSA PRIVATE KEY----- diff --git a/app/openssl/crypto/pkcs7/verify.c b/app/openssl/crypto/pkcs7/verify.c deleted file mode 100644 index b40f2603..00000000 --- a/app/openssl/crypto/pkcs7/verify.c +++ /dev/null @@ -1,263 +0,0 @@ -/* crypto/pkcs7/verify.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include -#include -#include -#include -#include -#include -#include -#include "example.h" - -int verify_callback(int ok, X509_STORE_CTX *ctx); - -BIO *bio_err=NULL; -BIO *bio_out=NULL; - -int main(argc,argv) -int argc; -char *argv[]; - { - PKCS7 *p7; - PKCS7_SIGNER_INFO *si; - X509_STORE_CTX cert_ctx; - X509_STORE *cert_store=NULL; - BIO *data,*detached=NULL,*p7bio=NULL; - char buf[1024*4]; - char *pp; - int i,printit=0; - STACK_OF(PKCS7_SIGNER_INFO) *sk; - - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - bio_out=BIO_new_fp(stdout,BIO_NOCLOSE); -#ifndef OPENSSL_NO_MD2 - EVP_add_digest(EVP_md2()); -#endif -#ifndef OPENSSL_NO_MD5 - EVP_add_digest(EVP_md5()); -#endif -#ifndef OPENSSL_NO_SHA1 - EVP_add_digest(EVP_sha1()); -#endif -#ifndef OPENSSL_NO_MDC2 - EVP_add_digest(EVP_mdc2()); -#endif - - data=BIO_new(BIO_s_file()); - - pp=NULL; - while (argc > 1) - { - argc--; - argv++; - if (strcmp(argv[0],"-p") == 0) - { - printit=1; - } - else if ((strcmp(argv[0],"-d") == 0) && (argc >= 2)) - { - detached=BIO_new(BIO_s_file()); - if (!BIO_read_filename(detached,argv[1])) - goto err; - argc--; - argv++; - } - else - { - pp=argv[0]; - if (!BIO_read_filename(data,argv[0])) - goto err; - } - } - - if (pp == NULL) - BIO_set_fp(data,stdin,BIO_NOCLOSE); - - - /* Load the PKCS7 object from a file */ - if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL,NULL)) == NULL) goto err; - - /* This stuff is being setup for certificate verification. - * When using SSL, it could be replaced with a - * cert_stre=SSL_CTX_get_cert_store(ssl_ctx); */ - cert_store=X509_STORE_new(); - X509_STORE_set_default_paths(cert_store); - X509_STORE_load_locations(cert_store,NULL,"../../certs"); - X509_STORE_set_verify_cb_func(cert_store,verify_callback); - - ERR_clear_error(); - - /* We need to process the data */ - if ((PKCS7_get_detached(p7) || detached)) - { - if (detached == NULL) - { - printf("no data to verify the signature on\n"); - exit(1); - } - else - p7bio=PKCS7_dataInit(p7,detached); - } - else - { - p7bio=PKCS7_dataInit(p7,NULL); - } - - /* We now have to 'read' from p7bio to calculate digests etc. */ - for (;;) - { - i=BIO_read(p7bio,buf,sizeof(buf)); - /* print it? */ - if (i <= 0) break; - } - - /* We can now verify signatures */ - sk=PKCS7_get_signer_info(p7); - if (sk == NULL) - { - printf("there are no signatures on this data\n"); - exit(1); - } - - /* Ok, first we need to, for each subject entry, see if we can verify */ - for (i=0; ierror) - { - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256); - BIO_printf(bio_err,"issuer= %s\n",buf); - break; - case X509_V_ERR_CERT_NOT_YET_VALID: - case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - BIO_printf(bio_err,"notBefore="); - ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert)); - BIO_printf(bio_err,"\n"); - break; - case X509_V_ERR_CERT_HAS_EXPIRED: - case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - BIO_printf(bio_err,"notAfter="); - ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert)); - BIO_printf(bio_err,"\n"); - break; - } - BIO_printf(bio_err,"verify return:%d\n",ok); - return(ok); - } diff --git a/app/openssl/crypto/pqueue/pqueue.h b/app/openssl/crypto/pqueue/pqueue.h index 87fc9037..26b53480 100644 --- a/app/openssl/crypto/pqueue/pqueue.h +++ b/app/openssl/crypto/pqueue/pqueue.h @@ -64,6 +64,9 @@ #include #include +#ifdef __cplusplus +extern "C" { +#endif typedef struct _pqueue *pqueue; typedef struct _pitem @@ -91,4 +94,7 @@ pitem *pqueue_next(piterator *iter); void pqueue_print(pqueue pq); int pqueue_size(pqueue pq); +#ifdef __cplusplus +} +#endif #endif /* ! HEADER_PQUEUE_H */ diff --git a/app/openssl/crypto/rand/md_rand.c b/app/openssl/crypto/rand/md_rand.c index aee1c30b..888b4eb8 100644 --- a/app/openssl/crypto/rand/md_rand.c +++ b/app/openssl/crypto/rand/md_rand.c @@ -159,7 +159,6 @@ const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT; static void ssleay_rand_cleanup(void); static void ssleay_rand_seed(const void *buf, int num); static void ssleay_rand_add(const void *buf, int num, double add_entropy); -static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo); static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num); static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num); static int ssleay_rand_status(void); @@ -334,7 +333,7 @@ static void ssleay_rand_seed(const void *buf, int num) ssleay_rand_add(buf, num, (double)num); } -static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) +int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) { static volatile int stirred_pool = 0; int i,j,k,st_num,st_idx; @@ -383,10 +382,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) * are fed into the hash function and the results are kept in the * global 'md'. */ -#ifdef OPENSSL_FIPS - /* NB: in FIPS mode we are already under a lock */ - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); /* prevent ssleay_rand_bytes() from trying to obtain the lock again */ @@ -466,9 +462,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) /* before unlocking, we must clear 'crypto_lock_rand' */ crypto_lock_rand = 0; -#ifdef OPENSSL_FIPS - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); while (num > 0) @@ -521,15 +515,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) MD_Init(&m); MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); MD_Update(&m,local_md,MD_DIGEST_LENGTH); -#ifdef OPENSSL_FIPS - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); MD_Update(&m,md,MD_DIGEST_LENGTH); MD_Final(&m,md); -#ifdef OPENSSL_FIPS - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); EVP_MD_CTX_cleanup(&m); @@ -548,14 +538,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num) { - return ssleay_rand_bytes(buf, num, 0); + return ssleay_rand_bytes(buf, num, 0, 1); } /* pseudo-random bytes that are guaranteed to be unique but not unpredictable */ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) { - return ssleay_rand_bytes(buf, num, 1); + return ssleay_rand_bytes(buf, num, 1, 1); } static int ssleay_rand_status(void) diff --git a/app/openssl/crypto/rand/rand_lcl.h b/app/openssl/crypto/rand/rand_lcl.h index 618a8ec8..0fabf8dc 100644 --- a/app/openssl/crypto/rand/rand_lcl.h +++ b/app/openssl/crypto/rand/rand_lcl.h @@ -154,5 +154,6 @@ #define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) #endif +int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock); #endif diff --git a/app/openssl/crypto/rand/rand_lib.c b/app/openssl/crypto/rand/rand_lib.c index 5ac0e14c..239a1cde 100644 --- a/app/openssl/crypto/rand/rand_lib.c +++ b/app/openssl/crypto/rand/rand_lib.c @@ -68,6 +68,7 @@ #ifdef OPENSSL_FIPS #include #include +#include "rand_lcl.h" #endif #ifndef OPENSSL_NO_ENGINE @@ -199,7 +200,7 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout, *pout = OPENSSL_malloc(min_len); if (!*pout) return 0; - if (RAND_SSLeay()->bytes(*pout, min_len) <= 0) + if (ssleay_rand_bytes(*pout, min_len, 0, 0) <= 0) { OPENSSL_free(*pout); *pout = NULL; diff --git a/app/openssl/crypto/rand/randfile.c b/app/openssl/crypto/rand/randfile.c index 7f142807..14ba69d4 100644 --- a/app/openssl/crypto/rand/randfile.c +++ b/app/openssl/crypto/rand/randfile.c @@ -79,6 +79,7 @@ #endif #ifndef OPENSSL_NO_POSIX_IO # include +# include #endif #ifdef _WIN32 diff --git a/app/openssl/crypto/rsa/rsa.h b/app/openssl/crypto/rsa/rsa.h index 5f269e57..11853fee 100644 --- a/app/openssl/crypto/rsa/rsa.h +++ b/app/openssl/crypto/rsa/rsa.h @@ -559,6 +559,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158 #define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 #define RSA_R_PADDING_CHECK_FAILED 114 +#define RSA_R_PKCS_DECODING_ERROR 159 #define RSA_R_P_NOT_PRIME 128 #define RSA_R_Q_NOT_PRIME 129 #define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130 diff --git a/app/openssl/crypto/rsa/rsa_eay.c b/app/openssl/crypto/rsa/rsa_eay.c index 88ee2cb5..aa810459 100644 --- a/app/openssl/crypto/rsa/rsa_eay.c +++ b/app/openssl/crypto/rsa/rsa_eay.c @@ -459,7 +459,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, if (padding == RSA_X931_PADDING) { BN_sub(f, rsa->n, ret); - if (BN_cmp(ret, f)) + if (BN_cmp(ret, f) > 0) res = f; else res = ret; diff --git a/app/openssl/crypto/rsa/rsa_err.c b/app/openssl/crypto/rsa/rsa_err.c index 46e0bf99..9da79d92 100644 --- a/app/openssl/crypto/rsa/rsa_err.c +++ b/app/openssl/crypto/rsa/rsa_err.c @@ -175,6 +175,7 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"}, {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, +{ERR_REASON(RSA_R_PKCS_DECODING_ERROR) ,"pkcs decoding error"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, {ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"}, diff --git a/app/openssl/crypto/rsa/rsa_oaep.c b/app/openssl/crypto/rsa/rsa_oaep.c index af4d24a5..c3633319 100644 --- a/app/openssl/crypto/rsa/rsa_oaep.c +++ b/app/openssl/crypto/rsa/rsa_oaep.c @@ -18,6 +18,7 @@ * an equivalent notion. */ +#include "constant_time_locl.h" #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) #include @@ -95,92 +96,117 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *from, int flen, int num, const unsigned char *param, int plen) { - int i, dblen, mlen = -1; - const unsigned char *maskeddb; - int lzero; - unsigned char *db = NULL, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; - unsigned char *padded_from; - int bad = 0; - - if (--num < 2 * SHA_DIGEST_LENGTH + 1) - /* 'num' is the length of the modulus, i.e. does not depend on the - * particular ciphertext. */ - goto decoding_err; + int i, dblen, mlen = -1, one_index = 0, msg_index; + unsigned int good, found_one_byte; + const unsigned char *maskedseed, *maskeddb; + /* |em| is the encoded message, zero-padded to exactly |num| bytes: + * em = Y || maskedSeed || maskedDB */ + unsigned char *db = NULL, *em = NULL, seed[EVP_MAX_MD_SIZE], + phash[EVP_MAX_MD_SIZE]; - lzero = num - flen; - if (lzero < 0) - { - /* signalling this error immediately after detection might allow - * for side-channel attacks (e.g. timing if 'plen' is huge - * -- cf. James H. Manger, "A Chosen Ciphertext Attack on RSA Optimal - * Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001), - * so we use a 'bad' flag */ - bad = 1; - lzero = 0; - flen = num; /* don't overflow the memcpy to padded_from */ - } + if (tlen <= 0 || flen <= 0) + return -1; - dblen = num - SHA_DIGEST_LENGTH; - db = OPENSSL_malloc(dblen + num); - if (db == NULL) + /* + * |num| is the length of the modulus; |flen| is the length of the + * encoded message. Therefore, for any |from| that was obtained by + * decrypting a ciphertext, we must have |flen| <= |num|. Similarly, + * num < 2 * SHA_DIGEST_LENGTH + 2 must hold for the modulus + * irrespective of the ciphertext, see PKCS #1 v2.2, section 7.1.2. + * This does not leak any side-channel information. + */ + if (num < flen || num < 2 * SHA_DIGEST_LENGTH + 2) + goto decoding_err; + + dblen = num - SHA_DIGEST_LENGTH - 1; + db = OPENSSL_malloc(dblen); + em = OPENSSL_malloc(num); + if (db == NULL || em == NULL) { RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); - return -1; + goto cleanup; } - /* Always do this zero-padding copy (even when lzero == 0) - * to avoid leaking timing info about the value of lzero. */ - padded_from = db + dblen; - memset(padded_from, 0, lzero); - memcpy(padded_from + lzero, from, flen); + /* + * Always do this zero-padding copy (even when num == flen) to avoid + * leaking that information. The copy still leaks some side-channel + * information, but it's impossible to have a fixed memory access + * pattern since we can't read out of the bounds of |from|. + * + * TODO(emilia): Consider porting BN_bn2bin_padded from BoringSSL. + */ + memset(em, 0, num); + memcpy(em + num - flen, from, flen); - maskeddb = padded_from + SHA_DIGEST_LENGTH; + /* + * The first byte must be zero, however we must not leak if this is + * true. See James H. Manger, "A Chosen Ciphertext Attack on RSA + * Optimal Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001). + */ + good = constant_time_is_zero(em[0]); + + maskedseed = em + 1; + maskeddb = em + 1 + SHA_DIGEST_LENGTH; if (MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen)) - return -1; + goto cleanup; for (i = 0; i < SHA_DIGEST_LENGTH; i++) - seed[i] ^= padded_from[i]; - + seed[i] ^= maskedseed[i]; + if (MGF1(db, dblen, seed, SHA_DIGEST_LENGTH)) - return -1; + goto cleanup; for (i = 0; i < dblen; i++) db[i] ^= maskeddb[i]; if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL)) - return -1; + goto cleanup; + + good &= constant_time_is_zero(CRYPTO_memcmp(db, phash, SHA_DIGEST_LENGTH)); - if (CRYPTO_memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad) + found_one_byte = 0; + for (i = SHA_DIGEST_LENGTH; i < dblen; i++) + { + /* Padding consists of a number of 0-bytes, followed by a 1. */ + unsigned int equals1 = constant_time_eq(db[i], 1); + unsigned int equals0 = constant_time_is_zero(db[i]); + one_index = constant_time_select_int(~found_one_byte & equals1, + i, one_index); + found_one_byte |= equals1; + good &= (found_one_byte | equals0); + } + + good &= found_one_byte; + + /* + * At this point |good| is zero unless the plaintext was valid, + * so plaintext-awareness ensures timing side-channels are no longer a + * concern. + */ + if (!good) goto decoding_err; + + msg_index = one_index + 1; + mlen = dblen - msg_index; + + if (tlen < mlen) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE); + mlen = -1; + } else { - for (i = SHA_DIGEST_LENGTH; i < dblen; i++) - if (db[i] != 0x00) - break; - if (i == dblen || db[i] != 0x01) - goto decoding_err; - else - { - /* everything looks OK */ - - mlen = dblen - ++i; - if (tlen < mlen) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE); - mlen = -1; - } - else - memcpy(to, db + i, mlen); - } + memcpy(to, db + msg_index, mlen); + goto cleanup; } - OPENSSL_free(db); - return mlen; decoding_err: - /* to avoid chosen ciphertext attacks, the error message should not reveal - * which kind of decoding error happened */ + /* To avoid chosen ciphertext attacks, the error message should not reveal + * which kind of decoding error happened. */ RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR); +cleanup: if (db != NULL) OPENSSL_free(db); - return -1; + if (em != NULL) OPENSSL_free(em); + return mlen; } int PKCS1_MGF1(unsigned char *mask, long len, diff --git a/app/openssl/crypto/rsa/rsa_pk1.c b/app/openssl/crypto/rsa/rsa_pk1.c index 8560755f..c2da56f6 100644 --- a/app/openssl/crypto/rsa/rsa_pk1.c +++ b/app/openssl/crypto/rsa/rsa_pk1.c @@ -56,6 +56,8 @@ * [including the GNU Public Licence.] */ +#include "constant_time_locl.h" + #include #include "cryptlib.h" #include @@ -181,44 +183,87 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, const unsigned char *from, int flen, int num) { - int i,j; - const unsigned char *p; + int i; + /* |em| is the encoded message, zero-padded to exactly |num| bytes */ + unsigned char *em = NULL; + unsigned int good, found_zero_byte; + int zero_index = 0, msg_index, mlen = -1; - p=from; - if ((num != (flen+1)) || (*(p++) != 02)) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02); - return(-1); - } -#ifdef PKCS1_CHECK - return(num-11); -#endif + if (tlen < 0 || flen < 0) + return -1; - /* scan over padding data */ - j=flen-1; /* one for type. */ - for (i=0; i num) + goto err; + + if (num < 11) + goto err; + + em = OPENSSL_malloc(num); + if (em == NULL) { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_NULL_BEFORE_BLOCK_MISSING); - return(-1); + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2, ERR_R_MALLOC_FAILURE); + return -1; } + memset(em, 0, num); + /* + * Always do this zero-padding copy (even when num == flen) to avoid + * leaking that information. The copy still leaks some side-channel + * information, but it's impossible to have a fixed memory access + * pattern since we can't read out of the bounds of |from|. + * + * TODO(emilia): Consider porting BN_bn2bin_padded from BoringSSL. + */ + memcpy(em + num - flen, from, flen); - if (i < 8) + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); + + found_zero_byte = 0; + for (i = 2; i < num; i++) { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BAD_PAD_BYTE_COUNT); - return(-1); + unsigned int equals0 = constant_time_is_zero(em[i]); + zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); + found_zero_byte |= equals0; } - i++; /* Skip over the '\0' */ - j-=i; - if (j > tlen) + + /* + * PS must be at least 8 bytes long, and it starts two bytes into |em|. + * If we never found a 0-byte, then |zero_index| is 0 and the check + * also fails. + */ + good &= constant_time_ge((unsigned int)(zero_index), 2 + 8); + + /* Skip the zero byte. This is incorrect if we never found a zero-byte + * but in this case we also do not copy the message out. */ + msg_index = zero_index + 1; + mlen = num - msg_index; + + /* For good measure, do this check in constant time as well; it could + * leak something if |tlen| was assuming valid padding. */ + good &= constant_time_ge((unsigned int)(tlen), (unsigned int)(mlen)); + + /* + * We can't continue in constant-time because we need to copy the result + * and we cannot fake its length. This unavoidably leaks timing + * information at the API boundary. + * TODO(emilia): this could be addressed at the call site, + * see BoringSSL commit 0aa0767340baf925bda4804882aab0cb974b2d26. + */ + if (!good) { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE); - return(-1); + mlen = -1; + goto err; } - memcpy(to,p,(unsigned int)j); - return(j); - } + memcpy(to, em + msg_index, mlen); +err: + if (em != NULL) + OPENSSL_free(em); + if (mlen == -1) + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2, RSA_R_PKCS_DECODING_ERROR); + return mlen; + } diff --git a/app/openssl/crypto/rsa/rsa_sign.c b/app/openssl/crypto/rsa/rsa_sign.c index b6f6037a..225bcfe2 100644 --- a/app/openssl/crypto/rsa/rsa_sign.c +++ b/app/openssl/crypto/rsa/rsa_sign.c @@ -151,6 +151,25 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, return(ret); } +/* + * Check DigestInfo structure does not contain extraneous data by reencoding + * using DER and checking encoding against original. + */ +static int rsa_check_digestinfo(X509_SIG *sig, const unsigned char *dinfo, int dinfolen) + { + unsigned char *der = NULL; + int derlen; + int ret = 0; + derlen = i2d_X509_SIG(sig, &der); + if (derlen <= 0) + return 0; + if (derlen == dinfolen && !memcmp(dinfo, der, derlen)) + ret = 1; + OPENSSL_cleanse(der, derlen); + OPENSSL_free(der); + return ret; + } + int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, unsigned char *rm, size_t *prm_len, @@ -228,7 +247,7 @@ int int_rsa_verify(int dtype, const unsigned char *m, if (sig == NULL) goto err; /* Excess data can be used to create forgeries */ - if(p != s+i) + if(p != s+i || !rsa_check_digestinfo(sig, s, i)) { RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); goto err; diff --git a/app/openssl/crypto/srp/srp_lib.c b/app/openssl/crypto/srp/srp_lib.c index 7c1dcc51..83d417a3 100644 --- a/app/openssl/crypto/srp/srp_lib.c +++ b/app/openssl/crypto/srp/srp_lib.c @@ -89,6 +89,9 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g) int longg ; int longN = BN_num_bytes(N); + if (BN_ucmp(g, N) >= 0) + return NULL; + if ((tmp = OPENSSL_malloc(longN)) == NULL) return NULL; BN_bn2bin(N,tmp) ; @@ -121,6 +124,9 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) if ((A == NULL) ||(B == NULL) || (N == NULL)) return NULL; + if (BN_ucmp(A, N) >= 0 || BN_ucmp(B, N) >= 0) + return NULL; + longN= BN_num_bytes(N); if ((cAB = OPENSSL_malloc(2*longN)) == NULL) diff --git a/app/openssl/crypto/stack/safestack.h b/app/openssl/crypto/stack/safestack.h index ea3aa0d8..bc194cb2 100644 --- a/app/openssl/crypto/stack/safestack.h +++ b/app/openssl/crypto/stack/safestack.h @@ -57,6 +57,10 @@ #include +#ifdef __cplusplus +extern "C" { +#endif + #ifndef CHECKED_PTR_OF #define CHECKED_PTR_OF(type, p) \ ((void*) (1 ? p : (type*)0)) @@ -2660,4 +2664,8 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) #define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh) /* End of util/mkstack.pl block, you may now edit :-) */ + +#ifdef __cplusplus +} +#endif #endif /* !defined HEADER_SAFESTACK_H */ diff --git a/app/openssl/crypto/ui/ui_lib.c b/app/openssl/crypto/ui/ui_lib.c index a8abc270..167da002 100644 --- a/app/openssl/crypto/ui/ui_lib.c +++ b/app/openssl/crypto/ui/ui_lib.c @@ -916,9 +916,9 @@ int UI_set_result(UI *ui, UI_STRING *uis, const char *result) break; } } + } default: break; } - } return 0; } diff --git a/app/openssl/e_os.h b/app/openssl/e_os.h index 6a0aad1d..733155e4 100644 --- a/app/openssl/e_os.h +++ b/app/openssl/e_os.h @@ -373,7 +373,16 @@ static unsigned int _strlen31(const char *str) # define check_winnt() (1) #else # define check_winnt() (GetVersion() < 0x80000000) -#endif +#endif + +/* + * Visual Studio: inline is available in C++ only, however + * __inline is available for C, see + * http://msdn.microsoft.com/en-us/library/z8y1yy88.aspx + */ +#if defined(_MSC_VER) && !defined(__cplusplus) && !defined(inline) +# define inline __inline +#endif #else /* The non-microsoft world */ @@ -738,4 +747,3 @@ struct servent *getservbyname(const char *name, const char *proto); #endif #endif - diff --git a/app/openssl/flavor.mk b/app/openssl/flavor.mk new file mode 100644 index 00000000..f32fe41a --- /dev/null +++ b/app/openssl/flavor.mk @@ -0,0 +1,4 @@ +# This makefile exists to be included by makefiles in other directories so that +# they can detect whether BoringSSL or OpenSSL is being used. + +OPENSSL_FLAVOR=OpenSSL diff --git a/app/openssl/import_openssl.sh b/app/openssl/import_openssl.sh index f16596bc..dc4049ca 100755 --- a/app/openssl/import_openssl.sh +++ b/app/openssl/import_openssl.sh @@ -439,6 +439,9 @@ LOCAL_ADDITIONAL_DEPENDENCIES += \$(LOCAL_PATH)/$(basename $output) print_vardef_with_prefix_in_mk common_c_includes external/openssl/ $common_includes for arch in $all_archs; do + arch_clang_asflags=$(var_sorted_value OPENSSL_${prefix}_CLANG_ASFLAGS_${arch}) + print_vardef_in_mk ${arch}_clang_asflags $arch_clang_asflags + arch_defines=$(var_sorted_value OPENSSL_${prefix}_DEFINES_${arch}) print_defines_in_mk ${arch}_cflags $arch_defines @@ -457,7 +460,8 @@ LOCAL_C_INCLUDES += \$(common_c_includes)" for arch in $all_archs; do echo " LOCAL_SRC_FILES_${arch} += \$(filter-out \$(${arch}_exclude_files),\$(common_src_files) \$(${arch}_src_files)) -LOCAL_CFLAGS_${arch} += \$(${arch}_cflags)" +LOCAL_CFLAGS_${arch} += \$(${arch}_cflags) +LOCAL_CLANG_ASFLAGS_${arch} += \$(${arch}_clang_asflags)" done else echo " diff --git a/app/openssl/include/openssl/dtls1.h b/app/openssl/include/openssl/dtls1.h index e65d5011..192c5def 100644 --- a/app/openssl/include/openssl/dtls1.h +++ b/app/openssl/include/openssl/dtls1.h @@ -84,6 +84,8 @@ extern "C" { #endif #define DTLS1_VERSION 0xFEFF +#define DTLS_MAX_VERSION DTLS1_VERSION + #define DTLS1_BAD_VER 0x0100 #if 0 @@ -284,4 +286,3 @@ typedef struct dtls1_record_data_st } #endif #endif - diff --git a/app/openssl/include/openssl/ebcdic.h b/app/openssl/include/openssl/ebcdic.h index 6d65afcf..85f3cf7f 100644 --- a/app/openssl/include/openssl/ebcdic.h +++ b/app/openssl/include/openssl/ebcdic.h @@ -5,6 +5,10 @@ #include +#ifdef __cplusplus +extern "C" { +#endif + /* Avoid name clashes with other applications */ #define os_toascii _openssl_os_toascii #define os_toebcdic _openssl_os_toebcdic @@ -16,4 +20,7 @@ extern const unsigned char os_toebcdic[256]; void *ebcdic2ascii(void *dest, const void *srce, size_t count); void *ascii2ebcdic(void *dest, const void *srce, size_t count); +#ifdef __cplusplus +} +#endif #endif diff --git a/app/openssl/include/openssl/ec.h b/app/openssl/include/openssl/ec.h index d008a0da..b6e745b8 100644 --- a/app/openssl/include/openssl/ec.h +++ b/app/openssl/include/openssl/ec.h @@ -629,7 +629,7 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx); int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx); -/** Computes r = generator * n sum_{i=0}^num p[i] * m[i] +/** Computes r = generator * n sum_{i=0}^{num-1} p[i] * m[i] * \param group underlying EC_GROUP object * \param r EC_POINT object for the result * \param n BIGNUM with the multiplier for the group generator (optional) diff --git a/app/openssl/include/openssl/modes.h b/app/openssl/include/openssl/modes.h index f18215bb..7773c254 100644 --- a/app/openssl/include/openssl/modes.h +++ b/app/openssl/include/openssl/modes.h @@ -7,6 +7,9 @@ #include +#ifdef __cplusplus +extern "C" { +#endif typedef void (*block128_f)(const unsigned char in[16], unsigned char out[16], const void *key); @@ -133,3 +136,6 @@ typedef struct xts128_context XTS128_CONTEXT; int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx, const unsigned char iv[16], const unsigned char *inp, unsigned char *out, size_t len, int enc); +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-32.h b/app/openssl/include/openssl/opensslconf-32.h index caf6f1b8..b5b3dd2b 100644 --- a/app/openssl/include/openssl/opensslconf-32.h +++ b/app/openssl/include/openssl/opensslconf-32.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-64.h b/app/openssl/include/openssl/opensslconf-64.h index 88fb0419..30e7ad86 100644 --- a/app/openssl/include/openssl/opensslconf-64.h +++ b/app/openssl/include/openssl/opensslconf-64.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-static-32.h b/app/openssl/include/openssl/opensslconf-static-32.h index caf6f1b8..b5b3dd2b 100644 --- a/app/openssl/include/openssl/opensslconf-static-32.h +++ b/app/openssl/include/openssl/opensslconf-static-32.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-static-64.h b/app/openssl/include/openssl/opensslconf-static-64.h index 88fb0419..30e7ad86 100644 --- a/app/openssl/include/openssl/opensslconf-static-64.h +++ b/app/openssl/include/openssl/opensslconf-static-64.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -74,6 +77,9 @@ #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -161,6 +167,9 @@ # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -320,3 +329,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-static-trusty.h b/app/openssl/include/openssl/opensslconf-static-trusty.h index 06f9f982..bff5910c 100644 --- a/app/openssl/include/openssl/opensslconf-static-trusty.h +++ b/app/openssl/include/openssl/opensslconf-static-trusty.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -137,6 +140,9 @@ #ifndef OPENSSL_NO_UI # define OPENSSL_NO_UI #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -287,6 +293,9 @@ # if defined(OPENSSL_NO_UI) && !defined(NO_UI) # define NO_UI # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -446,3 +455,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslconf-trusty.h b/app/openssl/include/openssl/opensslconf-trusty.h index 06f9f982..bff5910c 100644 --- a/app/openssl/include/openssl/opensslconf-trusty.h +++ b/app/openssl/include/openssl/opensslconf-trusty.h @@ -1,6 +1,9 @@ /* opensslconf.h */ /* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +#ifdef __cplusplus +extern "C" { +#endif /* OpenSSL was configured with the following options: */ #ifndef OPENSSL_DOING_MAKEDEPEND @@ -137,6 +140,9 @@ #ifndef OPENSSL_NO_UI # define OPENSSL_NO_UI #endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif #ifndef OPENSSL_NO_WHIRLPOOL # define OPENSSL_NO_WHIRLPOOL #endif @@ -287,6 +293,9 @@ # if defined(OPENSSL_NO_UI) && !defined(NO_UI) # define NO_UI # endif +# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST) +# define NO_UNIT_TEST +# endif # if defined(OPENSSL_NO_WHIRLPOOL) && !defined(NO_WHIRLPOOL) # define NO_WHIRLPOOL # endif @@ -446,3 +455,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* DES_DEFAULT_OPTIONS */ #endif /* HEADER_DES_LOCL_H */ +#ifdef __cplusplus +} +#endif diff --git a/app/openssl/include/openssl/opensslv.h b/app/openssl/include/openssl/opensslv.h index c3b6acec..f375967e 100644 --- a/app/openssl/include/openssl/opensslv.h +++ b/app/openssl/include/openssl/opensslv.h @@ -1,6 +1,10 @@ #ifndef HEADER_OPENSSLV_H #define HEADER_OPENSSLV_H +#ifdef __cplusplus +extern "C" { +#endif + /* Numeric release version identifier: * MNNFFPPS: major minor fix patch status * The status nibble has one of the values 0 for development, 1 to e for betas @@ -25,11 +29,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x1000108fL +#define OPENSSL_VERSION_NUMBER 0x100010afL #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h-fips 5 Jun 2014" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1j-fips 15 Oct 2014" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h 5 Jun 2014" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1j 15 Oct 2014" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT @@ -86,4 +90,7 @@ #define SHLIB_VERSION_NUMBER "1.0.0" +#ifdef __cplusplus +} +#endif #endif /* HEADER_OPENSSLV_H */ diff --git a/app/openssl/include/openssl/ossl_typ.h b/app/openssl/include/openssl/ossl_typ.h index ea9227f6..12cdd43b 100644 --- a/app/openssl/include/openssl/ossl_typ.h +++ b/app/openssl/include/openssl/ossl_typ.h @@ -55,6 +55,10 @@ #ifndef HEADER_OPENSSL_TYPES_H #define HEADER_OPENSSL_TYPES_H +#ifdef __cplusplus +extern "C" { +#endif + #include #ifdef NO_ASN1_TYPEDEFS @@ -199,4 +203,7 @@ typedef struct ocsp_req_ctx_st OCSP_REQ_CTX; typedef struct ocsp_response_st OCSP_RESPONSE; typedef struct ocsp_responder_id_st OCSP_RESPID; +#ifdef __cplusplus +} +#endif #endif /* def HEADER_OPENSSL_TYPES_H */ diff --git a/app/openssl/include/openssl/pkcs7.h b/app/openssl/include/openssl/pkcs7.h index 04f60379..5d54c4ac 100644 --- a/app/openssl/include/openssl/pkcs7.h +++ b/app/openssl/include/openssl/pkcs7.h @@ -233,10 +233,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7) (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) #define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) #define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) -#define PKCS7_type_is_encrypted(a) \ - (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) - -#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) #define PKCS7_set_detached(p,v) \ PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) diff --git a/app/openssl/include/openssl/pqueue.h b/app/openssl/include/openssl/pqueue.h index 87fc9037..26b53480 100644 --- a/app/openssl/include/openssl/pqueue.h +++ b/app/openssl/include/openssl/pqueue.h @@ -64,6 +64,9 @@ #include #include +#ifdef __cplusplus +extern "C" { +#endif typedef struct _pqueue *pqueue; typedef struct _pitem @@ -91,4 +94,7 @@ pitem *pqueue_next(piterator *iter); void pqueue_print(pqueue pq); int pqueue_size(pqueue pq); +#ifdef __cplusplus +} +#endif #endif /* ! HEADER_PQUEUE_H */ diff --git a/app/openssl/include/openssl/rsa.h b/app/openssl/include/openssl/rsa.h index 5f269e57..11853fee 100644 --- a/app/openssl/include/openssl/rsa.h +++ b/app/openssl/include/openssl/rsa.h @@ -559,6 +559,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158 #define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 #define RSA_R_PADDING_CHECK_FAILED 114 +#define RSA_R_PKCS_DECODING_ERROR 159 #define RSA_R_P_NOT_PRIME 128 #define RSA_R_Q_NOT_PRIME 129 #define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130 diff --git a/app/openssl/include/openssl/safestack.h b/app/openssl/include/openssl/safestack.h index ea3aa0d8..bc194cb2 100644 --- a/app/openssl/include/openssl/safestack.h +++ b/app/openssl/include/openssl/safestack.h @@ -57,6 +57,10 @@ #include +#ifdef __cplusplus +extern "C" { +#endif + #ifndef CHECKED_PTR_OF #define CHECKED_PTR_OF(type, p) \ ((void*) (1 ? p : (type*)0)) @@ -2660,4 +2664,8 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) #define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh) /* End of util/mkstack.pl block, you may now edit :-) */ + +#ifdef __cplusplus +} +#endif #endif /* !defined HEADER_SAFESTACK_H */ diff --git a/app/openssl/include/openssl/srtp.h b/app/openssl/include/openssl/srtp.h index c0cf33ef..24f23309 100644 --- a/app/openssl/include/openssl/srtp.h +++ b/app/openssl/include/openssl/srtp.h @@ -130,6 +130,8 @@ extern "C" { #define SRTP_NULL_SHA1_80 0x0005 #define SRTP_NULL_SHA1_32 0x0006 +#ifndef OPENSSL_NO_SRTP + int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles); int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles); SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); @@ -137,6 +139,8 @@ SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl); SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); +#endif + #ifdef __cplusplus } #endif diff --git a/app/openssl/include/openssl/ssl.h b/app/openssl/include/openssl/ssl.h index 7566f2df..7a1fce89 100644 --- a/app/openssl/include/openssl/ssl.h +++ b/app/openssl/include/openssl/ssl.h @@ -264,6 +264,7 @@ extern "C" { #define SSL_TXT_aGOST94 "aGOST94" #define SSL_TXT_aGOST01 "aGOST01" #define SSL_TXT_aGOST "aGOST" +#define SSL_TXT_aSRP "aSRP" #define SSL_TXT_DSS "DSS" #define SSL_TXT_DH "DH" @@ -664,11 +665,15 @@ struct ssl_session_st */ #define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L #define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L +/* Send TLS_FALLBACK_SCSV in the ClientHello. + * To be set by applications that reconnect with a downgraded protocol + * version; see draft-ietf-tls-downgrade-scsv-00 for details. */ +#define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L /* When set, clients may send application data before receipt of CCS * and Finished. This mode enables full-handshakes to 'complete' in * one RTT. */ -#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000080L +#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000200L /* When set, TLS 1.0 and SSLv3, multi-byte, CBC records will be split in two: * the first record will contain a single byte and the second will contain the @@ -1615,6 +1620,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE #define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE #define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */ +#define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK /* fatal */ #define SSL_ERROR_NONE 0 #define SSL_ERROR_SSL 1 @@ -1729,6 +1735,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82 #define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83 +#define SSL_CTRL_CHECK_PROTO_VERSION 119 + #define DTLSv1_get_timeout(ssl, arg) \ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) #define DTLSv1_handle_timeout(ssl) \ @@ -2191,6 +2199,10 @@ int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secre void SSL_set_debug(SSL *s, int debug); int SSL_cache_hit(SSL *s); +#ifndef OPENSSL_NO_UNIT_TEST +const struct openssl_ssl_test_functions *SSL_test_functions(void); +#endif + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -2459,6 +2471,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_BAD_SRP_B_LENGTH 348 #define SSL_R_BAD_SRP_G_LENGTH 349 #define SSL_R_BAD_SRP_N_LENGTH 350 +#define SSL_R_BAD_SRP_PARAMETERS 371 #define SSL_R_BAD_SRP_S_LENGTH 351 #define SSL_R_BAD_SRTP_MKI_VALUE 352 #define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353 @@ -2519,6 +2532,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_HTTPS_PROXY_REQUEST 155 #define SSL_R_HTTP_REQUEST 156 #define SSL_R_ILLEGAL_PADDING 283 +#define SSL_R_INAPPROPRIATE_FALLBACK 373 #define SSL_R_INCONSISTENT_COMPRESSION 340 #define SSL_R_INVALID_CHALLENGE_LENGTH 158 #define SSL_R_INVALID_COMMAND 280 @@ -2668,6 +2682,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 #define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 #define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 +#define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086 #define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 #define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 #define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 diff --git a/app/openssl/include/openssl/ssl3.h b/app/openssl/include/openssl/ssl3.h index 83d59bff..cba94345 100644 --- a/app/openssl/include/openssl/ssl3.h +++ b/app/openssl/include/openssl/ssl3.h @@ -128,9 +128,14 @@ extern "C" { #endif -/* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */ +/* Signalling cipher suite value from RFC 5746 + * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV) */ #define SSL3_CK_SCSV 0x030000FF +/* Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00 + * (TLS_FALLBACK_SCSV) */ +#define SSL3_CK_FALLBACK_SCSV 0x03005600 + #define SSL3_CK_RSA_NULL_MD5 0x03000001 #define SSL3_CK_RSA_NULL_SHA 0x03000002 #define SSL3_CK_RSA_RC4_40_MD5 0x03000003 diff --git a/app/openssl/include/openssl/tls1.h b/app/openssl/include/openssl/tls1.h index b9a0899e..dc36f79f 100644 --- a/app/openssl/include/openssl/tls1.h +++ b/app/openssl/include/openssl/tls1.h @@ -159,17 +159,19 @@ extern "C" { #define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0 +#define TLS1_VERSION 0x0301 +#define TLS1_1_VERSION 0x0302 #define TLS1_2_VERSION 0x0303 -#define TLS1_2_VERSION_MAJOR 0x03 -#define TLS1_2_VERSION_MINOR 0x03 +#define TLS_MAX_VERSION TLS1_2_VERSION + +#define TLS1_VERSION_MAJOR 0x03 +#define TLS1_VERSION_MINOR 0x01 -#define TLS1_1_VERSION 0x0302 #define TLS1_1_VERSION_MAJOR 0x03 #define TLS1_1_VERSION_MINOR 0x02 -#define TLS1_VERSION 0x0301 -#define TLS1_VERSION_MAJOR 0x03 -#define TLS1_VERSION_MINOR 0x01 +#define TLS1_2_VERSION_MAJOR 0x03 +#define TLS1_2_VERSION_MINOR 0x03 #define TLS1_get_version(s) \ ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0) @@ -187,6 +189,7 @@ extern "C" { #define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */ #define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */ #define TLS1_AD_INTERNAL_ERROR 80 /* fatal */ +#define TLS1_AD_INAPPROPRIATE_FALLBACK 86 /* fatal */ #define TLS1_AD_USER_CANCELLED 90 #define TLS1_AD_NO_RENEGOTIATION 100 /* codes 110-114 are from RFC3546 */ diff --git a/app/openssl/openssl.config b/app/openssl/openssl.config index 867711fe..9edd51e2 100644 --- a/app/openssl/openssl.config +++ b/app/openssl/openssl.config @@ -128,6 +128,7 @@ crypto/cmac/Makefile \ crypto/cms/Makefile \ crypto/comp/Makefile \ crypto/conf/Makefile \ +crypto/constant_time_test.c \ crypto/crypto-lib.com \ crypto/des/Makefile \ crypto/des/des-lib.com \ @@ -220,6 +221,7 @@ ssl/heartbeat_test.c \ ssl/install-ssl.com \ ssl/ssl-lib.com \ ssl/ssl_task.c \ +ssl/ssl_utst.c \ " NEEDED_SOURCES="\ @@ -237,6 +239,10 @@ OPENSSL_CRYPTO_DEFINES="\ NO_WINDOWS_BRAINDEATH \ " +OPENSSL_CRYPTO_CLANG_ASFLAGS_arm="\ +-no-integrated-as \ +" + OPENSSL_CRYPTO_DEFINES_arm="\ AES_ASM \ BSAES_ASM \ @@ -250,6 +256,10 @@ SHA256_ASM \ SHA512_ASM \ " +OPENSSL_CRYPTO_CLANG_ASFLAGS_arm64="\ +-no-integrated-as \ +" + OPENSSL_CRYPTO_DEFINES_arm64="\ DES_UNROLL \ OPENSSL_CPUID_OBJ \ @@ -491,6 +501,7 @@ crypto/conf/conf_lib.c \ crypto/conf/conf_mall.c \ crypto/conf/conf_mod.c \ crypto/conf/conf_sap.c \ +crypto/constant_time_locl.h \ crypto/des/cbc_cksm.c \ crypto/des/cbc_enc.c \ crypto/des/cfb64ede.c \ diff --git a/app/openssl/openssl.version b/app/openssl/openssl.version index ab2e62bf..293396f3 100644 --- a/app/openssl/openssl.version +++ b/app/openssl/openssl.version @@ -1 +1 @@ -OPENSSL_VERSION=1.0.1h +OPENSSL_VERSION=1.0.1j diff --git a/app/openssl/patches/README b/app/openssl/patches/README index 13e9bd8b..53444701 100644 --- a/app/openssl/patches/README +++ b/app/openssl/patches/README @@ -75,3 +75,8 @@ psk_client_callback_128_byte_id_bug.patch Fixes the issue where it was impossible to return a 128 byte long PSK identity (the maximum supported length) from psk_client_callback. + +tls_fallback_scsv.patch + +Adds the signalling cipher suite value (SCSV) from +https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 diff --git a/app/openssl/rules.mk b/app/openssl/rules.mk index 252dbbb3..1c3ae64f 100644 --- a/app/openssl/rules.mk +++ b/app/openssl/rules.mk @@ -26,6 +26,8 @@ MODULE_SRCS += $(addprefix $(LOCAL_DIR)/,$(LOCAL_SRC_FILES_$(ARCH))) MODULE_CFLAGS += $(LOCAL_CFLAGS) MODULE_CFLAGS += -Wno-error=implicit-function-declaration +MODULE_CFLAGS += -Wno-empty-body +MODULE_CFLAGS += -Wno-missing-field-initializers # Global for other modules which include openssl headers GLOBAL_DEFINES += OPENSSL_SYS_TRUSTY diff --git a/app/openssl/ssl/d1_both.c b/app/openssl/ssl/d1_both.c index 04aa2310..2e4250fc 100644 --- a/app/openssl/ssl/d1_both.c +++ b/app/openssl/ssl/d1_both.c @@ -587,29 +587,32 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok) return 0; } +/* dtls1_max_handshake_message_len returns the maximum number of bytes + * permitted in a DTLS handshake message for |s|. The minimum is 16KB, but may + * be greater if the maximum certificate list size requires it. */ +static unsigned long dtls1_max_handshake_message_len(const SSL *s) + { + unsigned long max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH; + if (max_len < (unsigned long)s->max_cert_list) + return s->max_cert_list; + return max_len; + } static int -dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) +dtls1_reassemble_fragment(SSL *s, const struct hm_header_st* msg_hdr, int *ok) { hm_fragment *frag = NULL; pitem *item = NULL; int i = -1, is_complete; unsigned char seq64be[8]; - unsigned long frag_len = msg_hdr->frag_len, max_len; + unsigned long frag_len = msg_hdr->frag_len; - if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len) + if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len || + msg_hdr->msg_len > dtls1_max_handshake_message_len(s)) goto err; - /* Determine maximum allowed message size. Depends on (user set) - * maximum certificate length, but 16k is minimum. - */ - if (DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH < s->max_cert_list) - max_len = s->max_cert_list; - else - max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH; - - if ((msg_hdr->frag_off+frag_len) > max_len) - goto err; + if (frag_len == 0) + return DTLS1_HM_FRAGMENT_RETRY; /* Try to find item in queue */ memset(seq64be,0,sizeof(seq64be)); @@ -639,7 +642,8 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) /* If message is already reassembled, this must be a - * retransmit and can be dropped. + * retransmit and can be dropped. In this case item != NULL and so frag + * does not need to be freed. */ if (frag->reassembly == NULL) { @@ -659,7 +663,9 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) /* read the body of the fragment (header has already been read */ i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, frag->fragment + msg_hdr->frag_off,frag_len,0); - if (i<=0 || (unsigned long)i!=frag_len) + if ((unsigned long)i!=frag_len) + i=-1; + if (i<=0) goto err; RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off, @@ -676,10 +682,6 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) if (item == NULL) { - memset(seq64be,0,sizeof(seq64be)); - seq64be[6] = (unsigned char)(msg_hdr->seq>>8); - seq64be[7] = (unsigned char)(msg_hdr->seq); - item = pitem_new(seq64be, frag); if (item == NULL) { @@ -687,21 +689,25 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) goto err; } - pqueue_insert(s->d1->buffered_messages, item); + item = pqueue_insert(s->d1->buffered_messages, item); + /* pqueue_insert fails iff a duplicate item is inserted. + * However, |item| cannot be a duplicate. If it were, + * |pqueue_find|, above, would have returned it and control + * would never have reached this branch. */ + OPENSSL_assert(item != NULL); } return DTLS1_HM_FRAGMENT_RETRY; err: - if (frag != NULL) dtls1_hm_fragment_free(frag); - if (item != NULL) OPENSSL_free(item); + if (frag != NULL && item == NULL) dtls1_hm_fragment_free(frag); *ok = 0; return i; } static int -dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok) +dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st* msg_hdr, int *ok) { int i=-1; hm_fragment *frag = NULL; @@ -721,7 +727,7 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok) /* If we already have an entry and this one is a fragment, * don't discard it and rather try to reassemble it. */ - if (item != NULL && frag_len < msg_hdr->msg_len) + if (item != NULL && frag_len != msg_hdr->msg_len) item = NULL; /* Discard the message if sequence number was already there, is @@ -746,9 +752,12 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok) } else { - if (frag_len && frag_len < msg_hdr->msg_len) + if (frag_len != msg_hdr->msg_len) return dtls1_reassemble_fragment(s, msg_hdr, ok); + if (frag_len > dtls1_max_handshake_message_len(s)) + goto err; + frag = dtls1_hm_fragment_new(frag_len, 0); if ( frag == NULL) goto err; @@ -760,26 +769,31 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok) /* read the body of the fragment (header has already been read */ i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, frag->fragment,frag_len,0); - if (i<=0 || (unsigned long)i!=frag_len) + if ((unsigned long)i!=frag_len) + i = -1; + if (i<=0) goto err; } - memset(seq64be,0,sizeof(seq64be)); - seq64be[6] = (unsigned char)(msg_hdr->seq>>8); - seq64be[7] = (unsigned char)(msg_hdr->seq); - item = pitem_new(seq64be, frag); if ( item == NULL) goto err; - pqueue_insert(s->d1->buffered_messages, item); + item = pqueue_insert(s->d1->buffered_messages, item); + /* pqueue_insert fails iff a duplicate item is inserted. + * However, |item| cannot be a duplicate. If it were, + * |pqueue_find|, above, would have returned it. Then, either + * |frag_len| != |msg_hdr->msg_len| in which case |item| is set + * to NULL and it will have been processed with + * |dtls1_reassemble_fragment|, above, or the record will have + * been discarded. */ + OPENSSL_assert(item != NULL); } return DTLS1_HM_FRAGMENT_RETRY; err: - if ( frag != NULL) dtls1_hm_fragment_free(frag); - if ( item != NULL) OPENSSL_free(item); + if (frag != NULL && item == NULL) dtls1_hm_fragment_free(frag); *ok = 0; return i; } @@ -1180,6 +1194,8 @@ dtls1_buffer_message(SSL *s, int is_ccs) OPENSSL_assert(s->init_off == 0); frag = dtls1_hm_fragment_new(s->init_num, 0); + if (!frag) + return 0; memcpy(frag->fragment, s->init_buf->data, s->init_num); @@ -1476,6 +1492,9 @@ dtls1_process_heartbeat(SSL *s) /* Read type and payload length first */ if (1 + 2 + 16 > s->s3->rrec.length) return 0; /* silently discard */ + if (s->s3->rrec.length > SSL3_RT_MAX_PLAIN_LENGTH) + return 0; /* silently discard per RFC 6520 sec. 4 */ + hbtype = *p++; n2s(p, payload); if (1 + 2 + payload + 16 > s->s3->rrec.length) diff --git a/app/openssl/ssl/d1_clnt.c b/app/openssl/ssl/d1_clnt.c index 5ee8f58e..37dd5483 100644 --- a/app/openssl/ssl/d1_clnt.c +++ b/app/openssl/ssl/d1_clnt.c @@ -882,12 +882,18 @@ int dtls1_client_hello(SSL *s) *(p++)=0; /* Add the NULL method */ #ifndef OPENSSL_NO_TLSEXT + /* TLS extensions*/ + if (ssl_prepare_clienthello_tlsext(s) <= 0) + { + SSLerr(SSL_F_DTLS1_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); + goto err; + } if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) { SSLerr(SSL_F_DTLS1_CLIENT_HELLO,ERR_R_INTERNAL_ERROR); goto err; } -#endif +#endif l=(p-d); d=buf; @@ -996,6 +1002,13 @@ int dtls1_send_client_key_exchange(SSL *s) RSA *rsa; unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; + if (s->session->sess_cert == NULL) + { + /* We should always have a server certificate with SSL_kRSA. */ + SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR); + goto err; + } + if (s->session->sess_cert->peer_rsa_tmp != NULL) rsa=s->session->sess_cert->peer_rsa_tmp; else @@ -1186,6 +1199,13 @@ int dtls1_send_client_key_exchange(SSL *s) { DH *dh_srvr,*dh_clnt; + if (s->session->sess_cert == NULL) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); + SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); + goto err; + } + if (s->session->sess_cert->peer_dh_tmp != NULL) dh_srvr=s->session->sess_cert->peer_dh_tmp; else @@ -1245,6 +1265,13 @@ int dtls1_send_client_key_exchange(SSL *s) int ecdh_clnt_cert = 0; int field_size = 0; + if (s->session->sess_cert == NULL) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); + SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); + goto err; + } + /* Did we send out the client's * ECDH share for use in premaster * computation as part of client certificate? @@ -1709,5 +1736,3 @@ int dtls1_send_client_certificate(SSL *s) /* SSL3_ST_CW_CERT_D */ return(dtls1_do_write(s,SSL3_RT_HANDSHAKE)); } - - diff --git a/app/openssl/ssl/d1_lib.c b/app/openssl/ssl/d1_lib.c index 6bde16fa..82ca6539 100644 --- a/app/openssl/ssl/d1_lib.c +++ b/app/openssl/ssl/d1_lib.c @@ -266,6 +266,16 @@ long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg) case DTLS_CTRL_LISTEN: ret = dtls1_listen(s, parg); break; + case SSL_CTRL_CHECK_PROTO_VERSION: + /* For library-internal use; checks that the current protocol + * is the highest enabled version (according to s->ctx->method, + * as version negotiation may have changed s->method). */ +#if DTLS_MAX_VERSION != DTLS1_VERSION +# error Code needs update for DTLS_method() support beyond DTLS1_VERSION. +#endif + /* Just one protocol version is supported so far; + * fail closed if the version is not as expected. */ + return s->version == DTLS_MAX_VERSION; default: ret = ssl3_ctrl(s, cmd, larg, parg); diff --git a/app/openssl/ssl/d1_srtp.c b/app/openssl/ssl/d1_srtp.c index ab9c4192..535539ba 100644 --- a/app/openssl/ssl/d1_srtp.c +++ b/app/openssl/ssl/d1_srtp.c @@ -168,25 +168,6 @@ static int find_profile_by_name(char *profile_name, return 1; } -static int find_profile_by_num(unsigned profile_num, - SRTP_PROTECTION_PROFILE **pptr) - { - SRTP_PROTECTION_PROFILE *p; - - p=srtp_known_profiles; - while(p->name) - { - if(p->id == profile_num) - { - *pptr=p; - return 0; - } - p++; - } - - return 1; - } - static int ssl_ctx_make_profiles(const char *profiles_string,STACK_OF(SRTP_PROTECTION_PROFILE) **out) { STACK_OF(SRTP_PROTECTION_PROFILE) *profiles; @@ -209,11 +190,19 @@ static int ssl_ctx_make_profiles(const char *profiles_string,STACK_OF(SRTP_PROTE if(!find_profile_by_name(ptr,&p, col ? col-ptr : (int)strlen(ptr))) { + if (sk_SRTP_PROTECTION_PROFILE_find(profiles,p) >= 0) + { + SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); + sk_SRTP_PROTECTION_PROFILE_free(profiles); + return 1; + } + sk_SRTP_PROTECTION_PROFILE_push(profiles,p); } else { SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); + sk_SRTP_PROTECTION_PROFILE_free(profiles); return 1; } @@ -305,13 +294,12 @@ int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int max int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al) { - SRTP_PROTECTION_PROFILE *cprof,*sprof; - STACK_OF(SRTP_PROTECTION_PROFILE) *clnt=0,*srvr; + SRTP_PROTECTION_PROFILE *sprof; + STACK_OF(SRTP_PROTECTION_PROFILE) *srvr; int ct; int mki_len; - int i,j; - int id; - int ret; + int i, srtp_pref; + unsigned int id; /* Length value + the MKI length */ if(len < 3) @@ -341,22 +329,32 @@ int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al return 1; } + srvr=SSL_get_srtp_profiles(s); + s->srtp_profile = NULL; + /* Search all profiles for a match initially */ + srtp_pref = sk_SRTP_PROTECTION_PROFILE_num(srvr); - clnt=sk_SRTP_PROTECTION_PROFILE_new_null(); - while(ct) { n2s(d,id); ct-=2; len-=2; - if(!find_profile_by_num(id,&cprof)) + /* + * Only look for match in profiles of higher preference than + * current match. + * If no profiles have been have been configured then this + * does nothing. + */ + for (i = 0; i < srtp_pref; i++) { - sk_SRTP_PROTECTION_PROFILE_push(clnt,cprof); - } - else - { - ; /* Ignore */ + sprof = sk_SRTP_PROTECTION_PROFILE_value(srvr, i); + if (sprof->id == id) + { + s->srtp_profile = sprof; + srtp_pref = i; + break; + } } } @@ -371,36 +369,7 @@ int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al return 1; } - srvr=SSL_get_srtp_profiles(s); - - /* Pick our most preferred profile. If no profiles have been - configured then the outer loop doesn't run - (sk_SRTP_PROTECTION_PROFILE_num() = -1) - and so we just return without doing anything */ - for(i=0;iid==sprof->id) - { - s->srtp_profile=sprof; - *al=0; - ret=0; - goto done; - } - } - } - - ret=0; - -done: - if(clnt) sk_SRTP_PROTECTION_PROFILE_free(clnt); - - return ret; + return 0; } int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) diff --git a/app/openssl/ssl/d1_srvr.c b/app/openssl/ssl/d1_srvr.c index c181db6d..03b20a27 100644 --- a/app/openssl/ssl/d1_srvr.c +++ b/app/openssl/ssl/d1_srvr.c @@ -598,10 +598,11 @@ int dtls1_accept(SSL *s) s->state = SSL3_ST_SR_CLNT_HELLO_C; } else { - /* could be sent for a DH cert, even if we - * have not asked for it :-) */ - ret=ssl3_get_client_certificate(s); - if (ret <= 0) goto end; + if (s->s3->tmp.cert_request) + { + ret=ssl3_get_client_certificate(s); + if (ret <= 0) goto end; + } s->init_num=0; s->state=SSL3_ST_SR_KEY_EXCH_A; } @@ -980,6 +981,11 @@ int dtls1_send_server_hello(SSL *s) #endif #ifndef OPENSSL_NO_TLSEXT + if (ssl_prepare_serverhello_tlsext(s) <= 0) + { + SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO,SSL_R_SERVERHELLO_TLSEXT); + return -1; + } if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) { SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR); diff --git a/app/openssl/ssl/dtls1.h b/app/openssl/ssl/dtls1.h index e65d5011..192c5def 100644 --- a/app/openssl/ssl/dtls1.h +++ b/app/openssl/ssl/dtls1.h @@ -84,6 +84,8 @@ extern "C" { #endif #define DTLS1_VERSION 0xFEFF +#define DTLS_MAX_VERSION DTLS1_VERSION + #define DTLS1_BAD_VER 0x0100 #if 0 @@ -284,4 +286,3 @@ typedef struct dtls1_record_data_st } #endif #endif - diff --git a/app/openssl/ssl/s23_clnt.c b/app/openssl/ssl/s23_clnt.c index 2bc92141..f02c275c 100644 --- a/app/openssl/ssl/s23_clnt.c +++ b/app/openssl/ssl/s23_clnt.c @@ -125,9 +125,11 @@ static const SSL_METHOD *ssl23_get_client_method(int ver) if (ver == SSL2_VERSION) return(SSLv2_client_method()); #endif +#ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) return(SSLv3_client_method()); - else if (ver == TLS1_VERSION) +#endif + if (ver == TLS1_VERSION) return(TLSv1_client_method()); else if (ver == TLS1_1_VERSION) return(TLSv1_1_client_method()); @@ -698,6 +700,7 @@ static int ssl23_get_server_hello(SSL *s) { /* we have sslv3 or tls1 (server hello or alert) */ +#ifndef OPENSSL_NO_SSL3 if ((p[2] == SSL3_VERSION_MINOR) && !(s->options & SSL_OP_NO_SSLv3)) { @@ -712,7 +715,9 @@ static int ssl23_get_server_hello(SSL *s) s->version=SSL3_VERSION; s->method=SSLv3_client_method(); } - else if ((p[2] == TLS1_VERSION_MINOR) && + else +#endif + if ((p[2] == TLS1_VERSION_MINOR) && !(s->options & SSL_OP_NO_TLSv1)) { s->version=TLS1_VERSION; @@ -736,6 +741,9 @@ static int ssl23_get_server_hello(SSL *s) goto err; } + /* ensure that TLS_MAX_VERSION is up-to-date */ + OPENSSL_assert(s->version <= TLS_MAX_VERSION); + if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) { /* fatal alert */ diff --git a/app/openssl/ssl/s23_lib.c b/app/openssl/ssl/s23_lib.c index 3bf72831..f3c29d1d 100644 --- a/app/openssl/ssl/s23_lib.c +++ b/app/openssl/ssl/s23_lib.c @@ -107,6 +107,13 @@ int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) long l; /* We can write SSLv2 and SSLv3 ciphers */ + /* but no ECC ciphers */ + if (c->algorithm_mkey == SSL_kECDHr || + c->algorithm_mkey == SSL_kECDHe || + c->algorithm_mkey == SSL_kEECDH || + c->algorithm_auth == SSL_aECDH || + c->algorithm_auth == SSL_aECDSA) + return 0; if (p != NULL) { l=c->id; diff --git a/app/openssl/ssl/s23_srvr.c b/app/openssl/ssl/s23_srvr.c index 48778490..93ca7d53 100644 --- a/app/openssl/ssl/s23_srvr.c +++ b/app/openssl/ssl/s23_srvr.c @@ -127,9 +127,11 @@ static const SSL_METHOD *ssl23_get_server_method(int ver) if (ver == SSL2_VERSION) return(SSLv2_server_method()); #endif +#ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) return(SSLv3_server_method()); - else if (ver == TLS1_VERSION) +#endif + if (ver == TLS1_VERSION) return(TLSv1_server_method()); else if (ver == TLS1_1_VERSION) return(TLSv1_1_server_method()); @@ -348,23 +350,19 @@ int ssl23_get_client_hello(SSL *s) * Client Hello message, this would be difficult, and we'd have * to read more records to find out. * No known SSL 3.0 client fragments ClientHello like this, - * so we simply assume TLS 1.0 to avoid protocol version downgrade - * attacks. */ + * so we simply reject such connections to avoid + * protocol version downgrade attacks. */ if (p[3] == 0 && p[4] < 6) { -#if 0 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL); goto err; -#else - v[1] = TLS1_VERSION_MINOR; -#endif } /* if major version number > 3 set minor to a value * which will use the highest version 3 we support. * If TLS 2.0 ever appears we will need to revise * this.... */ - else if (p[9] > SSL3_VERSION_MAJOR) + if (p[9] > SSL3_VERSION_MAJOR) v[1]=0xff; else v[1]=p[10]; /* minor version according to client_version */ @@ -425,6 +423,9 @@ int ssl23_get_client_hello(SSL *s) } } + /* ensure that TLS_MAX_VERSION is up-to-date */ + OPENSSL_assert(s->version <= TLS_MAX_VERSION); + #ifdef OPENSSL_FIPS if (FIPS_mode() && (s->version < TLS1_VERSION)) { @@ -444,14 +445,34 @@ int ssl23_get_client_hello(SSL *s) v[0] = p[3]; /* == SSL3_VERSION_MAJOR */ v[1] = p[4]; + /* An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2 + * header is sent directly on the wire, not wrapped as a TLS + * record. It's format is: + * Byte Content + * 0-1 msg_length + * 2 msg_type + * 3-4 version + * 5-6 cipher_spec_length + * 7-8 session_id_length + * 9-10 challenge_length + * ... ... + */ n=((p[0]&0x7f)<<8)|p[1]; if (n > (1024*4)) { SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); goto err; } + if (n < 9) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH); + goto err; + } j=ssl23_read_bytes(s,n+2); + /* We previously read 11 bytes, so if j > 0, we must have + * j == n+2 == s->packet_length. We have at least 11 valid + * packet bytes. */ if (j <= 0) return(j); ssl3_finish_mac(s, s->packet+2, s->packet_length-2); @@ -581,6 +602,12 @@ int ssl23_get_client_hello(SSL *s) if ((type == 2) || (type == 3)) { /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ + s->method = ssl23_get_server_method(s->version); + if (s->method == NULL) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); + goto err; + } if (!ssl_init_wbio_buffer(s,1)) goto err; @@ -608,14 +635,6 @@ int ssl23_get_client_hello(SSL *s) s->s3->rbuf.left=0; s->s3->rbuf.offset=0; } - if (s->version == TLS1_2_VERSION) - s->method = TLSv1_2_server_method(); - else if (s->version == TLS1_1_VERSION) - s->method = TLSv1_1_server_method(); - else if (s->version == TLS1_VERSION) - s->method = TLSv1_server_method(); - else - s->method = SSLv3_server_method(); #if 0 /* ssl3_get_client_hello does this */ s->client_version=(v[0]<<8)|v[1]; #endif diff --git a/app/openssl/ssl/s2_lib.c b/app/openssl/ssl/s2_lib.c index 99146041..c63be305 100644 --- a/app/openssl/ssl/s2_lib.c +++ b/app/openssl/ssl/s2_lib.c @@ -250,7 +250,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={ SSL_SSLV2, SSL_NOT_EXP|SSL_HIGH, 0, - 168, + 112, 168, }, @@ -391,6 +391,8 @@ long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_GET_SESSION_REUSED: ret=s->hit; break; + case SSL_CTRL_CHECK_PROTO_VERSION: + return ssl3_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, larg, parg); default: break; } @@ -437,7 +439,7 @@ int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) if (p != NULL) { l=c->id; - if ((l & 0xff000000) != 0x02000000) return(0); + if ((l & 0xff000000) != 0x02000000 && l != SSL3_CK_FALLBACK_SCSV) return(0); p[0]=((unsigned char)(l>>16L))&0xFF; p[1]=((unsigned char)(l>> 8L))&0xFF; p[2]=((unsigned char)(l ))&0xFF; diff --git a/app/openssl/ssl/s3_cbc.c b/app/openssl/ssl/s3_cbc.c index 443a31e7..11f13adb 100644 --- a/app/openssl/ssl/s3_cbc.c +++ b/app/openssl/ssl/s3_cbc.c @@ -53,6 +53,7 @@ * */ +#include "../crypto/constant_time_locl.h" #include "ssl_locl.h" #include @@ -67,37 +68,6 @@ * supported by TLS.) */ #define MAX_HASH_BLOCK_SIZE 128 -/* Some utility functions are needed: - * - * These macros return the given value with the MSB copied to all the other - * bits. They use the fact that arithmetic shift shifts-in the sign bit. - * However, this is not ensured by the C standard so you may need to replace - * them with something else on odd CPUs. */ -#define DUPLICATE_MSB_TO_ALL(x) ( (unsigned)( (int)(x) >> (sizeof(int)*8-1) ) ) -#define DUPLICATE_MSB_TO_ALL_8(x) ((unsigned char)(DUPLICATE_MSB_TO_ALL(x))) - -/* constant_time_lt returns 0xff if a=b and 0x00 otherwise. */ -static unsigned constant_time_ge(unsigned a, unsigned b) - { - a -= b; - return DUPLICATE_MSB_TO_ALL(~a); - } - -/* constant_time_eq_8 returns 0xff if a==b and 0x00 otherwise. */ -static unsigned char constant_time_eq_8(unsigned a, unsigned b) - { - unsigned c = a ^ b; - c--; - return DUPLICATE_MSB_TO_ALL_8(c); - } - /* ssl3_cbc_remove_padding removes padding from the decrypted, SSLv3, CBC * record in |rec| by updating |rec->length| in constant time. * @@ -126,8 +96,8 @@ int ssl3_cbc_remove_padding(const SSL* s, padding_length = good & (padding_length+1); rec->length -= padding_length; rec->type |= padding_length<<8; /* kludge: pass padding length */ - return (int)((good & 1) | (~good & -1)); -} + return constant_time_select_int(good, 1, -1); + } /* tls1_cbc_remove_padding removes the CBC padding from the decrypted, TLS, CBC * record in |rec| in constant time and returns 1 if the padding is valid and @@ -208,7 +178,7 @@ int tls1_cbc_remove_padding(const SSL* s, for (i = 0; i < to_check; i++) { - unsigned char mask = constant_time_ge(padding_length, i); + unsigned char mask = constant_time_ge_8(padding_length, i); unsigned char b = rec->data[rec->length-1-i]; /* The final |padding_length+1| bytes should all have the value * |padding_length|. Therefore the XOR should be zero. */ @@ -216,20 +186,14 @@ int tls1_cbc_remove_padding(const SSL* s, } /* If any of the final |padding_length+1| bytes had the wrong value, - * one or more of the lower eight bits of |good| will be cleared. We - * AND the bottom 8 bits together and duplicate the result to all the - * bits. */ - good &= good >> 4; - good &= good >> 2; - good &= good >> 1; - good <<= sizeof(good)*8-1; - good = DUPLICATE_MSB_TO_ALL(good); - + * one or more of the lower eight bits of |good| will be cleared. + */ + good = constant_time_eq(0xff, good & 0xff); padding_length = good & (padding_length+1); rec->length -= padding_length; rec->type |= padding_length<<8; /* kludge: pass padding length */ - return (int)((good & 1) | (~good & -1)); + return constant_time_select_int(good, 1, -1); } /* ssl3_cbc_copy_mac copies |md_size| bytes from the end of |rec| to |out| in @@ -296,8 +260,8 @@ void ssl3_cbc_copy_mac(unsigned char* out, memset(rotated_mac, 0, md_size); for (i = scan_start, j = 0; i < orig_len; i++) { - unsigned char mac_started = constant_time_ge(i, mac_start); - unsigned char mac_ended = constant_time_ge(i, mac_end); + unsigned char mac_started = constant_time_ge_8(i, mac_start); + unsigned char mac_ended = constant_time_ge_8(i, mac_end); unsigned char b = rec->data[i]; rotated_mac[j++] |= b & mac_started & ~mac_ended; j &= constant_time_lt(j,md_size); @@ -683,12 +647,12 @@ void ssl3_cbc_digest_record( b = data[k-header_length]; k++; - is_past_c = is_block_a & constant_time_ge(j, c); - is_past_cp1 = is_block_a & constant_time_ge(j, c+1); + is_past_c = is_block_a & constant_time_ge_8(j, c); + is_past_cp1 = is_block_a & constant_time_ge_8(j, c+1); /* If this is the block containing the end of the * application data, and we are at the offset for the * 0x80 value, then overwrite b with 0x80. */ - b = (b&~is_past_c) | (0x80&is_past_c); + b = constant_time_select_8(is_past_c, 0x80, b); /* If this the the block containing the end of the * application data and we're past the 0x80 value then * just write zero. */ @@ -704,7 +668,8 @@ void ssl3_cbc_digest_record( if (j >= md_block_size - md_length_size) { /* If this is index_b, write a length byte. */ - b = (b&~is_block_b) | (is_block_b&length_bytes[j-(md_block_size-md_length_size)]); + b = constant_time_select_8( + is_block_b, length_bytes[j-(md_block_size-md_length_size)], b); } block[j] = b; } diff --git a/app/openssl/ssl/s3_clnt.c b/app/openssl/ssl/s3_clnt.c index 486f538b..8a81793e 100644 --- a/app/openssl/ssl/s3_clnt.c +++ b/app/openssl/ssl/s3_clnt.c @@ -332,9 +332,9 @@ int ssl3_connect(SSL *s) break; } #endif - /* Check if it is anon DH/ECDH */ + /* Check if it is anon DH/ECDH, SRP auth */ /* or non-RSA PSK */ - if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) && + if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aSRP)) && !((s->s3->tmp.new_cipher->algorithm_auth & SSL_aPSK) && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kRSA))) { @@ -530,6 +530,7 @@ int ssl3_connect(SSL *s) s->method->ssl3_enc->client_finished_label, s->method->ssl3_enc->client_finished_label_len); if (ret <= 0) goto end; + s->s3->flags |= SSL3_FLAGS_CCS_OK; s->state=SSL3_ST_CW_FLUSH; /* clear flags */ @@ -975,6 +976,7 @@ int ssl3_get_server_hello(SSL *s) { s->session->cipher = pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s, p+j); + s->s3->flags |= SSL3_FLAGS_CCS_OK; } } #endif /* OPENSSL_NO_TLSEXT */ @@ -1032,6 +1034,15 @@ int ssl3_get_server_hello(SSL *s) SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED); goto f_err; } +#ifndef OPENSSL_NO_SRP + if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) && + !(s->srp_ctx.srp_Mask & SSL_kSRP)) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED); + goto f_err; + } +#endif /* OPENSSL_NO_SRP */ p+=ssl_put_cipher_by_char(s,NULL,NULL); sk=ssl_get_ciphers_by_id(s); @@ -1346,8 +1357,8 @@ int ssl3_get_key_exchange(SSL *s) #endif EVP_MD_CTX md_ctx; unsigned char *param,*p; - int al,i,j,param_len,ok; - long n,alg_k,alg_a; + int al,j,ok; + long i,param_len,n,alg_k,alg_a; EVP_PKEY *pkey=NULL; const EVP_MD *md = NULL; #ifndef OPENSSL_NO_RSA @@ -1425,19 +1436,29 @@ int ssl3_get_key_exchange(SSL *s) s->session->sess_cert=ssl_sess_cert_new(); } + /* Total length of the parameters including the length prefix */ param_len=0; + alg_k=s->s3->tmp.new_cipher->algorithm_mkey; alg_a=s->s3->tmp.new_cipher->algorithm_auth; EVP_MD_CTX_init(&md_ctx); + al=SSL_AD_DECODE_ERROR; + #ifndef OPENSSL_NO_PSK if (alg_a & SSL_aPSK) { char tmp_id_hint[PSK_MAX_IDENTITY_LEN+1]; - al=SSL_AD_HANDSHAKE_FAILURE; + param_len = 2; + if (param_len > n) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } n2s(p,i); - param_len=i+2; + if (s->session->psk_identity_hint) { OPENSSL_free(s->session->psk_identity_hint); @@ -1451,17 +1472,19 @@ int ssl3_get_key_exchange(SSL *s) * long as the maximum length of a PSK identity. */ if (i > PSK_MAX_IDENTITY_LEN) { + al=SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); goto f_err; } - if (param_len > n) + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH); goto f_err; } + param_len += i; + /* If received PSK identity hint contains NULL * characters, the hint is truncated from the first * NULL. p may not be ending with NULL, so create a @@ -1471,6 +1494,7 @@ int ssl3_get_key_exchange(SSL *s) s->session->psk_identity_hint = BUF_strdup(tmp_id_hint); if (s->session->psk_identity_hint == NULL) { + al=SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); goto f_err; } @@ -1484,14 +1508,22 @@ int ssl3_get_key_exchange(SSL *s) #ifndef OPENSSL_NO_SRP else if (alg_k & SSL_kSRP) { - n2s(p,i); - param_len=i+2; + param_len = 2; if (param_len > n) { - al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + n2s(p,i); + + if (i > n - param_len) + { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_N_LENGTH); goto f_err; } + param_len += i; + if (!(s->srp_ctx.N=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1499,14 +1531,24 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + + if (2 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 2; + n2s(p,i); - param_len+=i+2; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_G_LENGTH); goto f_err; } + param_len += i; + if (!(s->srp_ctx.g=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1514,15 +1556,25 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + + if (1 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 1; + i = (unsigned int)(p[0]); p++; - param_len+=i+1; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_S_LENGTH); goto f_err; } + param_len += i; + if (!(s->srp_ctx.s=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1530,14 +1582,23 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + if (2 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 2; + n2s(p,i); - param_len+=i+2; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_B_LENGTH); goto f_err; } + param_len += i; + if (!(s->srp_ctx.B=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1546,6 +1607,12 @@ int ssl3_get_key_exchange(SSL *s) p+=i; n-=param_len; + if (!srp_verify_server_param(s, &al)) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_PARAMETERS); + goto f_err; + } + /* We must check if there is a certificate */ #ifndef OPENSSL_NO_RSA if (alg_a & SSL_aRSA) @@ -1568,14 +1635,23 @@ int ssl3_get_key_exchange(SSL *s) SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); goto err; } - n2s(p,i); - param_len=i+2; + + param_len = 2; if (param_len > n) { - al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + n2s(p,i); + + if (i > n - param_len) + { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH); goto f_err; } + param_len += i; + if (!(rsa->n=BN_bin2bn(p,i,rsa->n))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1583,14 +1659,23 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + if (2 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 2; + n2s(p,i); - param_len+=i+2; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH); goto f_err; } + param_len += i; + if (!(rsa->e=BN_bin2bn(p,i,rsa->e))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1619,14 +1704,23 @@ int ssl3_get_key_exchange(SSL *s) SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB); goto err; } - n2s(p,i); - param_len=i+2; + + param_len = 2; if (param_len > n) { - al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + n2s(p,i); + + if (i > n - param_len) + { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH); goto f_err; } + param_len += i; + if (!(dh->p=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1634,14 +1728,23 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + if (2 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 2; + n2s(p,i); - param_len+=i+2; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH); goto f_err; } + param_len += i; + if (!(dh->g=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1649,14 +1752,23 @@ int ssl3_get_key_exchange(SSL *s) } p+=i; + if (2 > n - param_len) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + param_len += 2; + n2s(p,i); - param_len+=i+2; - if (param_len > n) + + if (i > n - param_len) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH); goto f_err; } + param_len += i; + if (!(dh->pub_key=BN_bin2bn(p,i,NULL))) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); @@ -1708,12 +1820,19 @@ int ssl3_get_key_exchange(SSL *s) */ /* XXX: For now we only support named (not generic) curves - * and the ECParameters in this case is just three bytes. + * and the ECParameters in this case is just three bytes. We + * also need one byte for the length of the encoded point */ - param_len=3; - if ((param_len > n) || - (*p != NAMED_CURVE_TYPE) || - ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0)) + param_len=4; + if (param_len > n) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + + if ((*p != NAMED_CURVE_TYPE) || + ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0)) { al=SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS); @@ -1755,15 +1874,15 @@ int ssl3_get_key_exchange(SSL *s) encoded_pt_len = *p; /* length of encoded point */ p+=1; - param_len += (1 + encoded_pt_len); - if ((param_len > n) || + + if ((encoded_pt_len > n - param_len) || (EC_POINT_oct2point(group, srvr_ecpoint, p, encoded_pt_len, bn_ctx) == 0)) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_ECPOINT); goto f_err; } + param_len += encoded_pt_len; n-=param_len; p+=encoded_pt_len; @@ -1806,7 +1925,15 @@ int ssl3_get_key_exchange(SSL *s) { if (TLS1_get_version(s) >= TLS1_2_VERSION) { - int sigalg = tls12_get_sigid(pkey); + int sigalg; + if (2 > n) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + + sigalg = tls12_get_sigid(pkey); /* Should never happen */ if (sigalg == -1) { @@ -1824,7 +1951,6 @@ int ssl3_get_key_exchange(SSL *s) if (md == NULL) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNKNOWN_DIGEST); - al=SSL_AD_DECODE_ERROR; goto f_err; } #ifdef SSL_DEBUG @@ -1835,15 +1961,21 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); } else md = EVP_sha1(); - + + if (2 > n) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, + SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } n2s(p,i); n-=2; j=EVP_PKEY_size(pkey); + /* Check signature length. If n is 0 then signature is empty */ if ((i != n) || (n > j) || (n <= 0)) { /* wrong packet length */ - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH); goto f_err; } @@ -1852,6 +1984,7 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); if (pkey->type == EVP_PKEY_RSA && TLS1_get_version(s) < TLS1_2_VERSION) { int num; + unsigned int size; j=0; q=md_buf; @@ -1864,9 +1997,9 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); EVP_DigestUpdate(&md_ctx,param,param_len); - EVP_DigestFinal_ex(&md_ctx,q,(unsigned int *)&i); - q+=i; - j+=i; + EVP_DigestFinal_ex(&md_ctx,q,&size); + q+=size; + j+=size; } i=RSA_verify(NID_md5_sha1, md_buf, j, p, n, pkey->pkey.rsa); @@ -1902,7 +2035,7 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); } else { - if (!(alg_a & SSL_aNULL) && + if (!(alg_a & (SSL_aNULL|SSL_aSRP)) && /* Among PSK ciphers only RSA_PSK needs a public key */ !((alg_a & SSL_aPSK) && !(alg_k & SSL_kRSA))) { @@ -1912,7 +2045,6 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); /* still data left over */ if (n != 0) { - al=SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE); goto f_err; } @@ -2338,7 +2470,10 @@ int ssl3_send_client_key_exchange(SSL *s) #ifndef OPENSSL_NO_PSK if (alg_a & SSL_aPSK) { - char identity[PSK_MAX_IDENTITY_LEN + 1]; + /* The callback needs PSK_MAX_IDENTITY_LEN + 1 bytes + * to return a \0-terminated identity. The last byte + * is for us for simulating strnlen. */ + char identity[PSK_MAX_IDENTITY_LEN + 2]; size_t identity_len; unsigned char *t = NULL; unsigned char pre_ms[PSK_MAX_PSK_LEN*2+4]; @@ -2355,7 +2490,7 @@ int ssl3_send_client_key_exchange(SSL *s) memset(identity, 0, sizeof(identity)); psk_len = s->psk_client_callback(s, s->session->psk_identity_hint, - identity, sizeof(identity), psk, sizeof(psk)); + identity, sizeof(identity - 1), psk, sizeof(psk)); if (psk_len > PSK_MAX_PSK_LEN) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, @@ -2368,14 +2503,14 @@ int ssl3_send_client_key_exchange(SSL *s) SSL_R_PSK_IDENTITY_NOT_FOUND); goto psk_err; } - identity_len = strnlen(identity, sizeof(identity)); + identity[PSK_MAX_IDENTITY_LEN + 1] = '\0'; + identity_len = strlen(identity); if (identity_len > PSK_MAX_IDENTITY_LEN) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto psk_err; } - if (!(alg_k & SSL_kEECDH)) { /* Create the shared secret now if we're not using ECDHE-PSK.*/ @@ -2407,7 +2542,7 @@ int ssl3_send_client_key_exchange(SSL *s) } psk_err = 0; psk_err: - OPENSSL_cleanse(identity, PSK_MAX_IDENTITY_LEN); + OPENSSL_cleanse(identity, sizeof(identity)); OPENSSL_cleanse(pre_ms, sizeof(pre_ms)); if (psk_err != 0) { @@ -2424,6 +2559,13 @@ int ssl3_send_client_key_exchange(SSL *s) RSA *rsa; unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; + if (s->session->sess_cert == NULL) + { + /* We should always have a server certificate with SSL_kRSA. */ + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR); + goto err; + } + if (s->session->sess_cert->peer_rsa_tmp != NULL) rsa=s->session->sess_cert->peer_rsa_tmp; else @@ -2820,7 +2962,7 @@ int ssl3_send_client_key_exchange(SSL *s) /* ECDHE PSK ciphersuites from RFC 5489 */ if ((alg_a & SSL_aPSK) && psk_len != 0) { - pre_ms_len = 2+psk_len+2+n; + pre_ms_len = 2+n+2+psk_len; pre_ms = OPENSSL_malloc(pre_ms_len); if (pre_ms == NULL) { @@ -2830,11 +2972,11 @@ int ssl3_send_client_key_exchange(SSL *s) } memset(pre_ms, 0, pre_ms_len); t = pre_ms; - s2n(psk_len, t); - memcpy(t, psk, psk_len); - t += psk_len; s2n(n, t); memcpy(t, p, n); + t += n; + s2n(psk_len, t); + memcpy(t, psk, psk_len); s->session->master_key_length = s->method->ssl3_enc \ -> generate_master_secret(s, s->session->master_key, pre_ms, pre_ms_len); @@ -3341,7 +3483,7 @@ int ssl3_check_cert_and_algorithm(SSL *s) alg_a=s->s3->tmp.new_cipher->algorithm_auth; /* we don't have a certificate */ - if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || ((alg_a & SSL_aPSK) && !(alg_k & SSL_kRSA))) + if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK)) return(1); sc=s->session->sess_cert; diff --git a/app/openssl/ssl/s3_enc.c b/app/openssl/ssl/s3_enc.c index 53b94b7c..bcb65d48 100644 --- a/app/openssl/ssl/s3_enc.c +++ b/app/openssl/ssl/s3_enc.c @@ -641,10 +641,18 @@ int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p) int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) { - int ret; + int ret, sha1len; ret=ssl3_handshake_mac(s,NID_md5,sender,len,p); + if(ret == 0) + return 0; + p+=ret; - ret+=ssl3_handshake_mac(s,NID_sha1,sender,len,p); + + sha1len=ssl3_handshake_mac(s,NID_sha1,sender,len,p); + if(sha1len == 0) + return 0; + + ret+=sha1len; return(ret); } static int ssl3_handshake_mac(SSL *s, int md_nid, @@ -891,7 +899,7 @@ int ssl3_alert_code(int code) case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(SSL3_AD_HANDSHAKE_FAILURE); case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(SSL3_AD_HANDSHAKE_FAILURE); case SSL_AD_UNKNOWN_PSK_IDENTITY:return(TLS1_AD_UNKNOWN_PSK_IDENTITY); + case SSL_AD_INAPPROPRIATE_FALLBACK:return(TLS1_AD_INAPPROPRIATE_FALLBACK); default: return(-1); } } - diff --git a/app/openssl/ssl/s3_lib.c b/app/openssl/ssl/s3_lib.c index 896d1e19..c378dd60 100644 --- a/app/openssl/ssl/s3_lib.c +++ b/app/openssl/ssl/s3_lib.c @@ -328,7 +328,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -377,7 +377,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -425,7 +425,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -474,7 +474,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -522,7 +522,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -602,7 +602,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -687,7 +687,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -751,7 +751,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -1685,7 +1685,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2062,7 +2062,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2142,7 +2142,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2222,7 +2222,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2302,7 +2302,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2382,7 +2382,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2426,13 +2426,13 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_3DES, SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2448,7 +2448,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2464,7 +2464,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2474,7 +2474,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_AES128, SSL_SHA1, SSL_TLSV1, @@ -2522,7 +2522,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_AES256, SSL_SHA1, SSL_TLSV1, @@ -3439,6 +3439,33 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return 64; #endif /* !OPENSSL_NO_TLSEXT */ + + case SSL_CTRL_CHECK_PROTO_VERSION: + /* For library-internal use; checks that the current protocol + * is the highest enabled version (according to s->ctx->method, + * as version negotiation may have changed s->method). */ + if (s->version == s->ctx->method->version) + return 1; + /* Apparently we're using a version-flexible SSL_METHOD + * (not at its highest protocol version). */ + if (s->ctx->method->version == SSLv23_method()->version) + { +#if TLS_MAX_VERSION != TLS1_2_VERSION +# error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION. +#endif + if (!(s->options & SSL_OP_NO_TLSv1_2)) + return s->version == TLS1_2_VERSION; + if (!(s->options & SSL_OP_NO_TLSv1_1)) + return s->version == TLS1_1_VERSION; + if (!(s->options & SSL_OP_NO_TLSv1)) + return s->version == TLS1_VERSION; + if (!(s->options & SSL_OP_NO_SSLv3)) + return s->version == SSL3_VERSION; + if (!(s->options & SSL_OP_NO_SSLv2)) + return s->version == SSL2_VERSION; + } + return 0; /* Unexpected state; fail closed. */ + default: break; } @@ -3816,6 +3843,7 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) break; #endif #endif + default: return(0); } @@ -3924,10 +3952,15 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, emask_k = cert->export_mask_k; emask_a = cert->export_mask_a; #ifndef OPENSSL_NO_SRP - mask_k=cert->mask_k | s->srp_ctx.srp_Mask; - emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask; + if (s->srp_ctx.srp_Mask & SSL_kSRP) + { + mask_k |= SSL_kSRP; + emask_k |= SSL_kSRP; + mask_a |= SSL_aSRP; + emask_a |= SSL_aSRP; + } #endif - + #ifdef KSSL_DEBUG /* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/ #endif /* KSSL_DEBUG */ @@ -4406,4 +4439,3 @@ long ssl_get_algorithm2(SSL *s) return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; return alg2; } - diff --git a/app/openssl/ssl/s3_pkt.c b/app/openssl/ssl/s3_pkt.c index df436cf7..4a2f5d6c 100644 --- a/app/openssl/ssl/s3_pkt.c +++ b/app/openssl/ssl/s3_pkt.c @@ -273,6 +273,12 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) return(n); } +/* MAX_EMPTY_RECORDS defines the number of consecutive, empty records that will + * be processed per call to ssl3_get_record. Without this limit an attacker + * could send empty records at a faster rate than we can process and cause + * ssl3_get_record to loop forever. */ +#define MAX_EMPTY_RECORDS 32 + /* Call this to get a new input record. * It will return <= 0 if more data is needed, normally due to an error * or non-blocking IO. @@ -293,6 +299,7 @@ static int ssl3_get_record(SSL *s) short version; unsigned mac_size, orig_len; size_t extra; + unsigned empty_record_count = 0; rr= &(s->s3->rrec); sess=s->session; @@ -523,7 +530,17 @@ printf("\n"); s->packet_length=0; /* just read a 0 length packet */ - if (rr->length == 0) goto again; + if (rr->length == 0) + { + empty_record_count++; + if (empty_record_count > MAX_EMPTY_RECORDS) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_RECORD_TOO_SMALL); + goto f_err; + } + goto again; + } #if 0 fprintf(stderr, "Ultimate Record type=%d, Length=%d\n", rr->type, rr->length); @@ -979,7 +996,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) if (!ssl3_setup_read_buffer(s)) return(-1); - if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) || + if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE)) || (peek && (type != SSL3_RT_APPLICATION_DATA))) { SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR); diff --git a/app/openssl/ssl/s3_srvr.c b/app/openssl/ssl/s3_srvr.c index f83c9366..a42fc9e3 100644 --- a/app/openssl/ssl/s3_srvr.c +++ b/app/openssl/ssl/s3_srvr.c @@ -154,6 +154,7 @@ #include #include "ssl_locl.h" #include "kssl_lcl.h" +#include "../crypto/constant_time_locl.h" #include #include #include @@ -414,11 +415,10 @@ int ssl3_accept(SSL *s) case SSL3_ST_SW_CERT_B: /* Check if it is anon DH or anon ECDH, */ /* non-RSA PSK or KRB5 or SRP */ - if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) + if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aKRB5|SSL_aSRP)) /* Among PSK ciphersuites only RSA_PSK uses server certificate */ && !(s->s3->tmp.new_cipher->algorithm_auth & SSL_aPSK && - !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kRSA)) - && !(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)) + !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kRSA))) { ret=ssl3_send_server_certificate(s); if (ret <= 0) goto end; @@ -524,7 +524,9 @@ int ssl3_accept(SSL *s) * (against the specs, but s3_clnt.c accepts this for SSL 3) */ !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) || /* never request cert in Kerberos ciphersuites */ - (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) + (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) || + /* don't request certificate for SRP auth */ + (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSRP) /* With normal PSK Certificates and * Certificate Requests are omitted */ || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) @@ -1905,7 +1907,7 @@ int ssl3_send_server_key_exchange(SSL *s) n+=2+nr[i]; } - if (!(alg_a & SSL_aNULL) + if (!(alg_a & (SSL_aNULL|SSL_aSRP)) /* Among PSK ciphersuites only RSA uses a certificate */ && !((alg_a & SSL_aPSK) && !(alg_k & SSL_kRSA))) { @@ -2325,6 +2327,10 @@ int ssl3_get_client_key_exchange(SSL *s) #ifndef OPENSSL_NO_RSA if (alg_k & SSL_kRSA) { + unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH]; + int decrypt_len; + unsigned char decrypt_good, version_good; + /* FIX THIS UP EAY EAY EAY EAY */ if (s->s3->tmp.use_rsa_tmp) { @@ -2372,54 +2378,61 @@ int ssl3_get_client_key_exchange(SSL *s) n=i; } - i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING); - - al = -1; - - if (i != SSL_MAX_MASTER_KEY_LENGTH) - { - al=SSL_AD_DECODE_ERROR; - /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); */ - } + /* We must not leak whether a decryption failure occurs because + * of Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see + * RFC 2246, section 7.4.7.1). The code follows that advice of + * the TLS RFC and generates a random premaster secret for the + * case that the decrypt fails. See + * https://tools.ietf.org/html/rfc5246#section-7.4.7.1 */ - if ((al == -1) && !((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff)))) - { - /* The premaster secret must contain the same version number as the - * ClientHello to detect version rollback attacks (strangely, the - * protocol does not offer such protection for DH ciphersuites). - * However, buggy clients exist that send the negotiated protocol - * version instead if the server does not support the requested - * protocol version. - * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */ - if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) && - (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff)))) - { - al=SSL_AD_DECODE_ERROR; - /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */ - - /* The Klima-Pokorny-Rosa extension of Bleichenbacher's attack - * (http://eprint.iacr.org/2003/052/) exploits the version - * number check as a "bad version oracle" -- an alert would - * reveal that the plaintext corresponding to some ciphertext - * made up by the adversary is properly formatted except - * that the version number is wrong. To avoid such attacks, - * we should treat this just like any other decryption error. */ - } + /* should be RAND_bytes, but we cannot work around a failure. */ + if (RAND_pseudo_bytes(rand_premaster_secret, + sizeof(rand_premaster_secret)) <= 0) + goto err; + decrypt_len = RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING); + ERR_clear_error(); + + /* decrypt_len should be SSL_MAX_MASTER_KEY_LENGTH. + * decrypt_good will be 0xff if so and zero otherwise. */ + decrypt_good = constant_time_eq_int_8(decrypt_len, SSL_MAX_MASTER_KEY_LENGTH); + + /* If the version in the decrypted pre-master secret is correct + * then version_good will be 0xff, otherwise it'll be zero. + * The Klima-Pokorny-Rosa extension of Bleichenbacher's attack + * (http://eprint.iacr.org/2003/052/) exploits the version + * number check as a "bad version oracle". Thus version checks + * are done in constant time and are treated like any other + * decryption error. */ + version_good = constant_time_eq_8(p[0], (unsigned)(s->client_version>>8)); + version_good &= constant_time_eq_8(p[1], (unsigned)(s->client_version&0xff)); + + /* The premaster secret must contain the same version number as + * the ClientHello to detect version rollback attacks + * (strangely, the protocol does not offer such protection for + * DH ciphersuites). However, buggy clients exist that send the + * negotiated protocol version instead if the server does not + * support the requested protocol version. If + * SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */ + if (s->options & SSL_OP_TLS_ROLLBACK_BUG) + { + unsigned char workaround_good; + workaround_good = constant_time_eq_8(p[0], (unsigned)(s->version>>8)); + workaround_good &= constant_time_eq_8(p[1], (unsigned)(s->version&0xff)); + version_good |= workaround_good; + } + + /* Both decryption and version must be good for decrypt_good + * to remain non-zero (0xff). */ + decrypt_good &= version_good; + + /* Now copy rand_premaster_secret over p using + * decrypt_good_mask. */ + for (i = 0; i < (int) sizeof(rand_premaster_secret); i++) + { + p[i] = constant_time_select_8(decrypt_good, p[i], + rand_premaster_secret[i]); } - if (al != -1) - { - /* Some decryption failure -- use random value instead as countermeasure - * against Bleichenbacher's attack on PKCS #1 v1.5 RSA padding - * (see RFC 2246, section 7.4.7.1). */ - ERR_clear_error(); - i = SSL_MAX_MASTER_KEY_LENGTH; - p[0] = s->client_version >> 8; - p[1] = s->client_version & 0xff; - if (RAND_pseudo_bytes(p+2, i-2) <= 0) /* should be RAND_bytes, but we cannot work around a failure */ - goto err; - } - s->session->master_key_length= s->method->ssl3_enc->generate_master_secret(s, s->session->master_key, @@ -2837,7 +2850,7 @@ int ssl3_get_client_key_exchange(SSL *s) /* ECDHE PSK ciphersuites from RFC 5489 */ if ((alg_a & SSL_aPSK) && psk_len != 0) { - pre_ms_len = 2+psk_len+2+i; + pre_ms_len = 2+i+2+psk_len; pre_ms = OPENSSL_malloc(pre_ms_len); if (pre_ms == NULL) { @@ -2847,11 +2860,11 @@ int ssl3_get_client_key_exchange(SSL *s) } memset(pre_ms, 0, pre_ms_len); t = pre_ms; - s2n(psk_len, t); - memcpy(t, psk, psk_len); - t += psk_len; s2n(i, t); memcpy(t, p, i); + t += i; + s2n(psk_len, t); + memcpy(t, psk, psk_len); s->session->master_key_length = s->method->ssl3_enc \ -> generate_master_secret(s, s->session->master_key, pre_ms, pre_ms_len); @@ -3009,7 +3022,7 @@ int ssl3_get_cert_verify(SSL *s) SSL3_ST_SR_CERT_VRFY_A, SSL3_ST_SR_CERT_VRFY_B, -1, - 516, /* Enough for 4096 bit RSA key with TLS v1.2 */ + SSL3_RT_MAX_PLAIN_LENGTH, &ok); if (!ok) return((int)n); diff --git a/app/openssl/ssl/srtp.h b/app/openssl/ssl/srtp.h index c0cf33ef..24f23309 100644 --- a/app/openssl/ssl/srtp.h +++ b/app/openssl/ssl/srtp.h @@ -130,6 +130,8 @@ extern "C" { #define SRTP_NULL_SHA1_80 0x0005 #define SRTP_NULL_SHA1_32 0x0006 +#ifndef OPENSSL_NO_SRTP + int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles); int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles); SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); @@ -137,6 +139,8 @@ SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl); SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); +#endif + #ifdef __cplusplus } #endif diff --git a/app/openssl/ssl/ssl.h b/app/openssl/ssl/ssl.h index 7566f2df..7a1fce89 100644 --- a/app/openssl/ssl/ssl.h +++ b/app/openssl/ssl/ssl.h @@ -264,6 +264,7 @@ extern "C" { #define SSL_TXT_aGOST94 "aGOST94" #define SSL_TXT_aGOST01 "aGOST01" #define SSL_TXT_aGOST "aGOST" +#define SSL_TXT_aSRP "aSRP" #define SSL_TXT_DSS "DSS" #define SSL_TXT_DH "DH" @@ -664,11 +665,15 @@ struct ssl_session_st */ #define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L #define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L +/* Send TLS_FALLBACK_SCSV in the ClientHello. + * To be set by applications that reconnect with a downgraded protocol + * version; see draft-ietf-tls-downgrade-scsv-00 for details. */ +#define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L /* When set, clients may send application data before receipt of CCS * and Finished. This mode enables full-handshakes to 'complete' in * one RTT. */ -#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000080L +#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000200L /* When set, TLS 1.0 and SSLv3, multi-byte, CBC records will be split in two: * the first record will contain a single byte and the second will contain the @@ -1615,6 +1620,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE #define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE #define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */ +#define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK /* fatal */ #define SSL_ERROR_NONE 0 #define SSL_ERROR_SSL 1 @@ -1729,6 +1735,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82 #define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83 +#define SSL_CTRL_CHECK_PROTO_VERSION 119 + #define DTLSv1_get_timeout(ssl, arg) \ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) #define DTLSv1_handle_timeout(ssl) \ @@ -2191,6 +2199,10 @@ int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secre void SSL_set_debug(SSL *s, int debug); int SSL_cache_hit(SSL *s); +#ifndef OPENSSL_NO_UNIT_TEST +const struct openssl_ssl_test_functions *SSL_test_functions(void); +#endif + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -2459,6 +2471,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_BAD_SRP_B_LENGTH 348 #define SSL_R_BAD_SRP_G_LENGTH 349 #define SSL_R_BAD_SRP_N_LENGTH 350 +#define SSL_R_BAD_SRP_PARAMETERS 371 #define SSL_R_BAD_SRP_S_LENGTH 351 #define SSL_R_BAD_SRTP_MKI_VALUE 352 #define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353 @@ -2519,6 +2532,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_HTTPS_PROXY_REQUEST 155 #define SSL_R_HTTP_REQUEST 156 #define SSL_R_ILLEGAL_PADDING 283 +#define SSL_R_INAPPROPRIATE_FALLBACK 373 #define SSL_R_INCONSISTENT_COMPRESSION 340 #define SSL_R_INVALID_CHALLENGE_LENGTH 158 #define SSL_R_INVALID_COMMAND 280 @@ -2668,6 +2682,7 @@ void ERR_load_SSL_strings(void); #define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 #define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 #define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 +#define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086 #define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 #define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 #define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 diff --git a/app/openssl/ssl/ssl3.h b/app/openssl/ssl/ssl3.h index 83d59bff..cba94345 100644 --- a/app/openssl/ssl/ssl3.h +++ b/app/openssl/ssl/ssl3.h @@ -128,9 +128,14 @@ extern "C" { #endif -/* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */ +/* Signalling cipher suite value from RFC 5746 + * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV) */ #define SSL3_CK_SCSV 0x030000FF +/* Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00 + * (TLS_FALLBACK_SCSV) */ +#define SSL3_CK_FALLBACK_SCSV 0x03005600 + #define SSL3_CK_RSA_NULL_MD5 0x03000001 #define SSL3_CK_RSA_NULL_SHA 0x03000002 #define SSL3_CK_RSA_RC4_40_MD5 0x03000003 diff --git a/app/openssl/ssl/ssl_ciph.c b/app/openssl/ssl/ssl_ciph.c index e8794d4b..cd9f1082 100644 --- a/app/openssl/ssl/ssl_ciph.c +++ b/app/openssl/ssl/ssl_ciph.c @@ -270,6 +270,7 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_aGOST94,0,0,SSL_aGOST94,0,0,0,0,0,0,0}, {0,SSL_TXT_aGOST01,0,0,SSL_aGOST01,0,0,0,0,0,0,0}, {0,SSL_TXT_aGOST,0,0,SSL_aGOST94|SSL_aGOST01,0,0,0,0,0,0,0}, + {0,SSL_TXT_aSRP,0, 0,SSL_aSRP, 0,0,0,0,0,0,0}, /* aliases combining key exchange and server authentication */ {0,SSL_TXT_EDH,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0}, @@ -562,7 +563,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, break; } - if ((i < 0) || (i > SSL_ENC_NUM_IDX)) + if ((i < 0) || (i >= SSL_ENC_NUM_IDX)) *enc=NULL; else { @@ -596,7 +597,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, i= -1; break; } - if ((i < 0) || (i > SSL_MD_NUM_IDX)) + if ((i < 0) || (i >= SSL_MD_NUM_IDX)) { *md=NULL; if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef; @@ -925,7 +926,7 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id, int rule, int strength_bits, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) { - CIPHER_ORDER *head, *tail, *curr, *curr2, *last; + CIPHER_ORDER *head, *tail, *curr, *next, *last; const SSL_CIPHER *cp; int reverse = 0; @@ -942,21 +943,25 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id, if (reverse) { - curr = tail; + next = tail; last = head; } else { - curr = head; + next = head; last = tail; } - curr2 = curr; + curr = NULL; for (;;) { - if ((curr == NULL) || (curr == last)) break; - curr = curr2; - curr2 = reverse ? curr->prev : curr->next; + if (curr == last) break; + + curr = next; + + if (curr == NULL) break; + + next = reverse ? curr->prev : curr->next; cp = curr->cipher; @@ -1598,6 +1603,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_kSRP: kx="SRP"; break; + case SSL_kGOST: + kx="GOST"; + break; default: kx="unknown"; } @@ -1628,6 +1636,15 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_aPSK: au="PSK"; break; + case SSL_aSRP: + au="SRP"; + break; + case SSL_aGOST94: + au="GOST94"; + break; + case SSL_aGOST01: + au="GOST01"; + break; default: au="unknown"; break; @@ -1675,6 +1692,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_SEED: enc="SEED(128)"; break; + case SSL_eGOST2814789CNT: + enc="GOST89(256)"; + break; default: enc="unknown"; break; @@ -1697,6 +1717,12 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_AEAD: mac="AEAD"; break; + case SSL_GOST89MAC: + mac="GOST89"; + break; + case SSL_GOST94: + mac="GOST94"; + break; default: mac="unknown"; break; diff --git a/app/openssl/ssl/ssl_err.c b/app/openssl/ssl/ssl_err.c index ac0aad9b..0e92ccb0 100644 --- a/app/openssl/ssl/ssl_err.c +++ b/app/openssl/ssl/ssl_err.c @@ -331,6 +331,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH) ,"bad srp b length"}, {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH) ,"bad srp g length"}, {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH) ,"bad srp n length"}, +{ERR_REASON(SSL_R_BAD_SRP_PARAMETERS) ,"bad srp parameters"}, {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH) ,"bad srp s length"}, {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE) ,"bad srtp mki value"}, {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),"bad srtp protection profile list"}, @@ -391,6 +392,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) ,"https proxy request"}, {ERR_REASON(SSL_R_HTTP_REQUEST) ,"http request"}, {ERR_REASON(SSL_R_ILLEGAL_PADDING) ,"illegal padding"}, +{ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK),"inappropriate fallback"}, {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION),"inconsistent compression"}, {ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH),"invalid challenge length"}, {ERR_REASON(SSL_R_INVALID_COMMAND) ,"invalid command"}, @@ -540,6 +542,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),"tlsv1 alert decryption failed"}, {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR),"tlsv1 alert decrypt error"}, {ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION),"tlsv1 alert export restriction"}, +{ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK),"tlsv1 alert inappropriate fallback"}, {ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY),"tlsv1 alert insufficient security"}, {ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR),"tlsv1 alert internal error"}, {ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),"tlsv1 alert no renegotiation"}, diff --git a/app/openssl/ssl/ssl_lib.c b/app/openssl/ssl/ssl_lib.c index 3de68a78..eb1ae782 100644 --- a/app/openssl/ssl/ssl_lib.c +++ b/app/openssl/ssl/ssl_lib.c @@ -1441,6 +1441,8 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p, if (sk == NULL) return(0); q=p; + if (put_cb == NULL) + put_cb = s->method->put_cipher_by_char; for (i=0; ipsk_client_callback == NULL) continue; #endif /* OPENSSL_NO_PSK */ - j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p); +#ifndef OPENSSL_NO_SRP + if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) && + !(s->srp_ctx.srp_Mask & SSL_kSRP)) + continue; +#endif /* OPENSSL_NO_SRP */ + j = put_cb(c,p); p+=j; } - /* If p == q, no ciphers and caller indicates an error. Otherwise - * add SCSV if not renegotiating. - */ - if (p != q && !s->renegotiate) + /* If p == q, no ciphers; caller indicates an error. + * Otherwise, add applicable SCSVs. */ + if (p != q) { - static SSL_CIPHER scsv = + if (!s->renegotiate) { - 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0 - }; - j = put_cb ? put_cb(&scsv,p) : ssl_put_cipher_by_char(s,&scsv,p); - p+=j; + static SSL_CIPHER scsv = + { + 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0 + }; + j = put_cb(&scsv,p); + p+=j; #ifdef OPENSSL_RI_DEBUG - fprintf(stderr, "SCSV sent by client\n"); + fprintf(stderr, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n"); #endif - } + } + + if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) + { + static SSL_CIPHER scsv = + { + 0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0 + }; + j = put_cb(&scsv,p); + p+=j; + } + } return(p-q); } @@ -1488,11 +1507,12 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, const SSL_CIPHER *c; STACK_OF(SSL_CIPHER) *sk; int i,n; + if (s->s3) s->s3->send_connection_binding = 0; n=ssl_put_cipher_by_char(s,NULL,NULL); - if ((num%n) != 0) + if (n == 0 || (num%n) != 0) { SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); return(NULL); @@ -1507,7 +1527,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, for (i=0; is3 && (n != 3 || !p[0]) && (p[n-2] == ((SSL3_CK_SCSV >> 8) & 0xff)) && (p[n-1] == (SSL3_CK_SCSV & 0xff))) @@ -1527,6 +1547,23 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, continue; } + /* Check for TLS_FALLBACK_SCSV */ + if ((n != 3 || !p[0]) && + (p[n-2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) && + (p[n-1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) + { + /* The SCSV indicates that the client previously tried a higher version. + * Fail if the current version is an unexpected downgrade. */ + if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) + { + SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_INAPPROPRIATE_FALLBACK); + if (s->s3) + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INAPPROPRIATE_FALLBACK); + goto err; + } + continue; + } + c=ssl_get_cipher_by_char(s,p); p+=n; if (c != NULL) diff --git a/app/openssl/ssl/ssl_locl.h b/app/openssl/ssl/ssl_locl.h index 6b7731a4..ca399078 100644 --- a/app/openssl/ssl/ssl_locl.h +++ b/app/openssl/ssl/ssl_locl.h @@ -311,6 +311,7 @@ #define SSL_aPSK 0x00000080L /* PSK auth */ #define SSL_aGOST94 0x00000100L /* GOST R 34.10-94 signature auth */ #define SSL_aGOST01 0x00000200L /* GOST R 34.10-2001 signature auth */ +#define SSL_aSRP 0x00000400L /* SRP auth */ /* Bits for algorithm_enc (symmetric encryption) */ @@ -809,6 +810,16 @@ const SSL_METHOD *func_name(void) \ return &func_name##_data; \ } +struct openssl_ssl_test_functions + { + int (*p_ssl_init_wbio_buffer)(SSL *s, int push); + int (*p_ssl3_setup_buffers)(SSL *s); + int (*p_tls1_process_heartbeat)(SSL *s); + int (*p_dtls1_process_heartbeat)(SSL *s); + }; + +#ifndef OPENSSL_UNIT_TEST + void ssl_clear_cipher_ctx(SSL *s); int ssl_clear_bad_session(SSL *s); CERT *ssl_cert_new(void); @@ -1096,8 +1107,8 @@ int tls1_ec_nid2curve_id(int nid); #endif /* OPENSSL_NO_EC */ #ifndef OPENSSL_NO_TLSEXT -unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); -unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); +unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit); +unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit); int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al); int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al); int ssl_prepare_clienthello_tlsext(SSL *s); @@ -1179,4 +1190,14 @@ void tls_fips_digest_extra( const EVP_CIPHER_CTX *cipher_ctx, EVP_MD_CTX *mac_ctx, const unsigned char *data, size_t data_len, size_t orig_len); +int srp_verify_server_param(SSL *s, int *al); + +#else + +#define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer +#define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers +#define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat +#define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat + +#endif #endif diff --git a/app/openssl/ssl/ssl_stat.c b/app/openssl/ssl/ssl_stat.c index 144b81e5..c5a15ce5 100644 --- a/app/openssl/ssl/ssl_stat.c +++ b/app/openssl/ssl/ssl_stat.c @@ -212,7 +212,6 @@ case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break; case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break; #endif -#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) /* SSLv2/v3 compatibility states */ /* client */ case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break; @@ -222,7 +221,6 @@ case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break; /* server */ case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break; case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break; -#endif /* DTLS */ case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str="DTLS1 read hello verify request A"; break; @@ -366,7 +364,6 @@ case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break; case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break; #endif -#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) /* SSLv2/v3 compatibility states */ /* client */ case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break; @@ -376,7 +373,7 @@ case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break; /* server */ case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break; case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break; -#endif + /* DTLS */ case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str="DRCHVA"; break; case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: str="DRCHVB"; break; diff --git a/app/openssl/ssl/t1_enc.c b/app/openssl/ssl/t1_enc.c index 22dd3cab..455992ad 100644 --- a/app/openssl/ssl/t1_enc.c +++ b/app/openssl/ssl/t1_enc.c @@ -1153,7 +1153,7 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, int rv; #ifdef KSSL_DEBUG - printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, p, plen); + printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, context, contextlen); #endif /* KSSL_DEBUG */ buff = OPENSSL_malloc(olen); @@ -1266,6 +1266,7 @@ int tls1_alert_code(int code) case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE); case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(TLS1_AD_BAD_CERTIFICATE_HASH_VALUE); case SSL_AD_UNKNOWN_PSK_IDENTITY:return(TLS1_AD_UNKNOWN_PSK_IDENTITY); + case SSL_AD_INAPPROPRIATE_FALLBACK:return(TLS1_AD_INAPPROPRIATE_FALLBACK); #if 0 /* not appropriate for TLS, not used for DTLS */ case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE); diff --git a/app/openssl/ssl/t1_lib.c b/app/openssl/ssl/t1_lib.c index 122a25f5..d0b893b5 100644 --- a/app/openssl/ssl/t1_lib.c +++ b/app/openssl/ssl/t1_lib.c @@ -352,15 +352,16 @@ int tls12_get_req_sig_algs(SSL *s, unsigned char *p) return (int)slen; } -unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) +unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit) { int extdatalen=0; - unsigned char *ret = p; + unsigned char *orig = buf; + unsigned char *ret = buf; /* don't add extensions for SSLv3 unless doing secure renegotiation */ if (s->client_version == SSL3_VERSION && !s->s3->send_connection_binding) - return p; + return orig; ret+=2; @@ -409,7 +410,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha return NULL; } - if((limit - p - 4 - el) < 0) return NULL; + if((limit - ret - 4 - el) < 0) return NULL; s2n(TLSEXT_TYPE_renegotiate,ret); s2n(el,ret); @@ -452,8 +453,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha #endif #ifndef OPENSSL_NO_EC - if (s->tlsext_ecpointformatlist != NULL && - s->version != DTLS1_VERSION) + if (s->tlsext_ecpointformatlist != NULL) { /* Add TLS extension ECPointFormats to the ClientHello message */ long lenmax; @@ -472,8 +472,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha memcpy(ret, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length); ret+=s->tlsext_ecpointformatlist_length; } - if (s->tlsext_ellipticcurvelist != NULL && - s->version != DTLS1_VERSION) + if (s->tlsext_ellipticcurvelist != NULL) { /* Add TLS extension EllipticCurves to the ClientHello message */ long lenmax; @@ -669,13 +668,13 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha } #ifndef OPENSSL_NO_SRTP - if(SSL_get_srtp_profiles(s)) + if(SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) { int el; ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0); - if((limit - p - 4 - el) < 0) return NULL; + if((limit - ret - 4 - el) < 0) return NULL; s2n(TLSEXT_TYPE_use_srtp,ret); s2n(el,ret); @@ -718,24 +717,25 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha } } - if ((extdatalen = ret-p-2)== 0) - return p; + if ((extdatalen = ret-orig-2)== 0) + return orig; - s2n(extdatalen,p); + s2n(extdatalen, orig); return ret; } -unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) +unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit) { int extdatalen=0; - unsigned char *ret = p; + unsigned char *orig = buf; + unsigned char *ret = buf; #ifndef OPENSSL_NO_NEXTPROTONEG int next_proto_neg_seen; #endif /* don't add extensions for SSLv3, unless doing secure renegotiation */ if (s->version == SSL3_VERSION && !s->s3->send_connection_binding) - return p; + return orig; ret+=2; if (ret>=limit) return NULL; /* this really never occurs, but ... */ @@ -758,7 +758,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha return NULL; } - if((limit - p - 4 - el) < 0) return NULL; + if((limit - ret - 4 - el) < 0) return NULL; s2n(TLSEXT_TYPE_renegotiate,ret); s2n(el,ret); @@ -773,8 +773,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha } #ifndef OPENSSL_NO_EC - if (s->tlsext_ecpointformatlist != NULL && - s->version != DTLS1_VERSION) + if (s->tlsext_ecpointformatlist != NULL) { /* Add TLS extension ECPointFormats to the ServerHello message */ long lenmax; @@ -832,13 +831,13 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha #endif #ifndef OPENSSL_NO_SRTP - if(s->srtp_profile) + if(SSL_IS_DTLS(s) && s->srtp_profile) { int el; ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0); - if((limit - p - 4 - el) < 0) return NULL; + if((limit - ret - 4 - el) < 0) return NULL; s2n(TLSEXT_TYPE_use_srtp,ret); s2n(el,ret); @@ -937,10 +936,10 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha ret += len; } - if ((extdatalen = ret-p-2)== 0) - return p; + if ((extdatalen = ret-orig-2)== 0) + return orig; - s2n(extdatalen,p); + s2n(extdatalen, orig); return ret; } @@ -1288,8 +1287,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in #endif #ifndef OPENSSL_NO_EC - else if (type == TLSEXT_TYPE_ec_point_formats && - s->version != DTLS1_VERSION) + else if (type == TLSEXT_TYPE_ec_point_formats) { unsigned char *sdata = data; int ecpointformatlist_length = *(sdata++); @@ -1323,8 +1321,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in fprintf(stderr,"\n"); #endif } - else if (type == TLSEXT_TYPE_elliptic_curves && - s->version != DTLS1_VERSION) + else if (type == TLSEXT_TYPE_elliptic_curves) { unsigned char *sdata = data; int ellipticcurvelist_length = (*(sdata++) << 8); @@ -1600,7 +1597,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in /* session ticket processed earlier */ #ifndef OPENSSL_NO_SRTP - else if (type == TLSEXT_TYPE_use_srtp) + else if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s) + && type == TLSEXT_TYPE_use_srtp) { if(ssl_parse_clienthello_use_srtp_ext(s, data, size, al)) @@ -1706,8 +1704,7 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in } #ifndef OPENSSL_NO_EC - else if (type == TLSEXT_TYPE_ec_point_formats && - s->version != DTLS1_VERSION) + else if (type == TLSEXT_TYPE_ec_point_formats) { unsigned char *sdata = data; int ecpointformatlist_length = *(sdata++); @@ -1718,15 +1715,18 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in *al = TLS1_AD_DECODE_ERROR; return 0; } - s->session->tlsext_ecpointformatlist_length = 0; - if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist); - if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) + if (!s->hit) { - *al = TLS1_AD_INTERNAL_ERROR; - return 0; + s->session->tlsext_ecpointformatlist_length = 0; + if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist); + if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) + { + *al = TLS1_AD_INTERNAL_ERROR; + return 0; + } + s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length; + memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length); } - s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length; - memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length); #if 0 fprintf(stderr,"ssl_parse_serverhello_tlsext s->session->tlsext_ecpointformatlist "); sdata = s->session->tlsext_ecpointformatlist; @@ -1912,7 +1912,7 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in } #endif #ifndef OPENSSL_NO_SRTP - else if (type == TLSEXT_TYPE_use_srtp) + else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) { if(ssl_parse_serverhello_use_srtp_ext(s, data, size, al)) @@ -2561,7 +2561,10 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, HMAC_Final(&hctx, tick_hmac, NULL); HMAC_CTX_cleanup(&hctx); if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen)) + { + EVP_CIPHER_CTX_cleanup(&ctx); return 2; + } /* Attempt to decrypt session data */ /* Move p after IV to start of encrypted ticket, update length */ p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx); @@ -2574,7 +2577,11 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, } EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen); if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) + { + EVP_CIPHER_CTX_cleanup(&ctx); + OPENSSL_free(sdec); return 2; + } slen += mlen; EVP_CIPHER_CTX_cleanup(&ctx); p = sdec; diff --git a/app/openssl/ssl/tls1.h b/app/openssl/ssl/tls1.h index b9a0899e..dc36f79f 100644 --- a/app/openssl/ssl/tls1.h +++ b/app/openssl/ssl/tls1.h @@ -159,17 +159,19 @@ extern "C" { #define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0 +#define TLS1_VERSION 0x0301 +#define TLS1_1_VERSION 0x0302 #define TLS1_2_VERSION 0x0303 -#define TLS1_2_VERSION_MAJOR 0x03 -#define TLS1_2_VERSION_MINOR 0x03 +#define TLS_MAX_VERSION TLS1_2_VERSION + +#define TLS1_VERSION_MAJOR 0x03 +#define TLS1_VERSION_MINOR 0x01 -#define TLS1_1_VERSION 0x0302 #define TLS1_1_VERSION_MAJOR 0x03 #define TLS1_1_VERSION_MINOR 0x02 -#define TLS1_VERSION 0x0301 -#define TLS1_VERSION_MAJOR 0x03 -#define TLS1_VERSION_MINOR 0x01 +#define TLS1_2_VERSION_MAJOR 0x03 +#define TLS1_2_VERSION_MINOR 0x03 #define TLS1_get_version(s) \ ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0) @@ -187,6 +189,7 @@ extern "C" { #define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */ #define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */ #define TLS1_AD_INTERNAL_ERROR 80 /* fatal */ +#define TLS1_AD_INAPPROPRIATE_FALLBACK 86 /* fatal */ #define TLS1_AD_USER_CANCELLED 90 #define TLS1_AD_NO_RENEGOTIATION 100 /* codes 110-114 are from RFC3546 */ diff --git a/app/openssl/ssl/tls_srp.c b/app/openssl/ssl/tls_srp.c index 2315a7c0..e7368a8f 100644 --- a/app/openssl/ssl/tls_srp.c +++ b/app/openssl/ssl/tls_srp.c @@ -408,16 +408,46 @@ err: return ret; } -int SRP_Calc_A_param(SSL *s) +int srp_verify_server_param(SSL *s, int *al) { - unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH]; + SRP_CTX *srp = &s->srp_ctx; + /* Sanity check parameters: we can quickly check B % N == 0 + * by checking B != 0 since B < N + */ + if (BN_ucmp(srp->g, srp->N) >=0 || BN_ucmp(srp->B, srp->N) >= 0 + || BN_is_zero(srp->B)) + { + *al = SSL3_AD_ILLEGAL_PARAMETER; + return 0; + } - if (BN_num_bits(s->srp_ctx.N) < s->srp_ctx.strength) - return -1; + if (BN_num_bits(srp->N) < srp->strength) + { + *al = TLS1_AD_INSUFFICIENT_SECURITY; + return 0; + } - if (s->srp_ctx.SRP_verify_param_callback ==NULL && - !SRP_check_known_gN_param(s->srp_ctx.g,s->srp_ctx.N)) - return -1 ; + if (srp->SRP_verify_param_callback) + { + if (srp->SRP_verify_param_callback(s, srp->SRP_cb_arg) <= 0) + { + *al = TLS1_AD_INSUFFICIENT_SECURITY; + return 0; + } + } + else if(!SRP_check_known_gN_param(srp->g, srp->N)) + { + *al = TLS1_AD_INSUFFICIENT_SECURITY; + return 0; + } + + return 1; + } + + +int SRP_Calc_A_param(SSL *s) + { + unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH]; RAND_bytes(rnd, sizeof(rnd)); s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a); @@ -426,10 +456,6 @@ int SRP_Calc_A_param(SSL *s) if (!(s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a,s->srp_ctx.N,s->srp_ctx.g))) return -1; - /* We can have a callback to verify SRP param!! */ - if (s->srp_ctx.SRP_verify_param_callback !=NULL) - return s->srp_ctx.SRP_verify_param_callback(s,s->srp_ctx.SRP_cb_arg); - return 1; } diff --git a/app/openvpn/.gitignore b/app/openvpn/.gitignore deleted file mode 100644 index 538c0208..00000000 --- a/app/openvpn/.gitignore +++ /dev/null @@ -1,59 +0,0 @@ -*.[oa] -*.l[oa] -*.dll -*.exe -*.exe.* -*.obj -*.pyc -*.so -*~ -*.idb -*.suo -*.ncb -*.vcproj.* -*.vcxproj.user -*.sln.cache -*.log -Release -Debug -Win32-Output -.deps -.libs -Makefile -Makefile.in -aclocal.m4 -autodefs.h -autom4te.cache -config.guess -config.h -config.h.in -config.log -config.status -config.sub -configure -configure.h -depcomp -stamp-h1 -install-sh -missing -ltmain.sh -libtool -m4/libtool.m4 -m4/ltoptions.m4 -m4/ltsugar.m4 -m4/ltversion.m4 -m4/lt~obsolete.m4 - -version.sh -msvc-env-local.bat -config-msvc-local.h -config-msvc-version.h -doc/openvpn.8.html -distro/rpm/openvpn.spec -tests/t_client.sh -tests/t_client-*-20??????-??????/ -src/openvpn/openvpn -config-version.h -nbproject -test-driver -compile diff --git a/app/openvpn/distro/rpm/openvpn.spec b/app/openvpn/distro/rpm/openvpn.spec new file mode 100644 index 00000000..86ed85c9 --- /dev/null +++ b/app/openvpn/distro/rpm/openvpn.spec @@ -0,0 +1,248 @@ +# OpenVPN spec file, used to drive rpmbuild + +# OPTIONS +# +# Disable LZO +# rpmbuild -tb [openvpn.x.tar.gz] --define 'without_lzo 1' +# +# Disable PAM plugin +# rpmbuild -tb [openvpn.x.tar.gz] --define 'without_pam 1' +# +# Allow passwords to be read from files +# rpmbuild -tb [openvpn.x.tar.gz] --define 'with_password_save 1' + +Summary: OpenVPN is a robust and highly flexible VPN daemon by James Yonan. +Name: openvpn +Version: 2.3_master +Release: 1 +URL: http://openvpn.net/ +Source0: http://prdownloads.sourceforge.net/openvpn/%{name}-%{version}.tar.gz + +License: GPL +Group: Applications/Internet +Vendor: James Yonan +Packager: James Yonan +BuildRoot: %{_tmppath}/%{name}-%(id -un) + +# +# Include dependencies manually +# + +AutoReq: 0 + +BuildRequires: openssl-devel >= 0.9.7 +Requires: openssl >= 0.9.7 + +%if "%{_vendor}" == "Mandrakesoft" +%{!?without_lzo:BuildRequires: liblzo1-devel >= 1.07} +%{!?without_lzo:Requires: liblzo1 >= 1.07} +%else +%if "%{_vendor}" == "MandrakeSoft" +%{!?without_lzo:BuildRequires: liblzo1-devel >= 1.07} +%{!?without_lzo:Requires: liblzo1 >= 1.07} +%else +%{!?without_lzo:BuildRequires: lzo-devel >= 1.07} +%{!?without_lzo:Requires: lzo >= 1.07} +%endif +%endif + +%{!?without_pam:BuildRequires: pam-devel} +%{!?without_pam:Requires: pam} + +%{?with_pkcs11:BuildRequires: pkcs11-helper-devel} +%{?with_pkcs11:Requires: pkcs11-helper} + +# +# Description +# + +%description +OpenVPN is a robust and highly flexible VPN daemon by James Yonan. +OpenVPN supports SSL/TLS security, +ethernet bridging, +TCP or UDP tunnel transport through proxies or NAT, +support for dynamic IP addresses and DHCP, +scalability to hundreds or thousands of users, +and portability to most major OS platforms. + +%package devel +Summary: OpenVPN is a robust and highly flexible VPN daemon by James Yonan. +Group: Applications/Internet +Requires: %{name} +%description devel +Development support for OpenVPN. + +# +# Define vendor type +# + +%if "%{_vendor}" == "suse" || "%{_vendor}" == "pc" +%define VENDOR SuSE +%else +%define VENDOR %_vendor +%endif + +# +# Other definitions +# + +%define debug_package %{nil} + +# +# Build OpenVPN binary +# + +%prep +%setup -q + +%build +%configure \ + --disable-dependency-tracking \ + --docdir="%{_docdir}/%{name}-%{version}" \ + %{?with_password_save:--enable-password-save} \ + %{!?without_lzo:--enable-lzo} \ + %{?with_pkcs11:--enable-pkcs11} \ + %{?without_pam:--disable-plugin-auth-pam} +%__make + +# +# Installation section +# + +%install +[ %{buildroot} != "/" ] && rm -rf %{buildroot} +%__make install DESTDIR="%{buildroot}" + +# Install init script +%if "%{VENDOR}" == "SuSE" +%__install -c -d -m 755 "%{buildroot}/etc/init.d" +%__install -c -m 755 "distro/rpm/%{name}.init.d.suse" "%{buildroot}/etc/init.d/%{name}" +%else +%__install -c -d -m 755 "%{buildroot}/etc/rc.d/init.d" +%__install -c -m 755 distro/rpm/%{name}.init.d.rhel "%{buildroot}/etc/rc.d/init.d/%{name}" +%endif + +# Install /etc/openvpn +%__install -c -d -m 755 "%{buildroot}/etc/%{name}" + +# Install extra %doc stuff +cp -r AUTHORS ChangeLog NEWS contrib/ sample/ \ + "%{buildroot}/%{_docdir}/%{name}-%{version}" + +# +# Clean section +# + +%clean +[ %{buildroot} != "/" ] && rm -rf "%{buildroot}" + +# +# On Linux 2.4, make the device node +# + +%post +case "`uname -r`" in +2.4*) + /bin/mkdir /dev/net >/dev/null 2>&1 + /bin/mknod /dev/net/tun c 10 200 >/dev/null 2>&1 + ;; +esac + +# +# Handle the init script +# + +/sbin/chkconfig --add %{name} +%if "%{VENDOR}" == "SuSE" +/etc/init.d/openvpn restart +%else +/sbin/service %{name} condrestart +%endif +%preun +if [ "$1" = 0 ] +then + %if "%{VENDOR}" == "SuSE" + /etc/init.d/openvpn stop + %else + /sbin/service %{name} stop + %endif + /sbin/chkconfig --del %{name} +fi + +# +# Files section +# +# don't use %doc as old rpmbuild removes it[1]. +# [1] http://rpm.org/ticket/836 + +%files +%defattr(-,root,root) +%{_mandir} +%{_sbindir}/%{name} +%{_libdir}/%{name} +%{_docdir}/%{name}-%{version} +%dir /etc/%{name} +%if "%{VENDOR}" == "SuSE" +/etc/init.d/%{name} +%else +/etc/rc.d/init.d/%{name} +%endif + +%files devel +%defattr(-,root,root) +%{_includedir}/* + +%changelog +* Thu Jul 30 2009 David Sommerseth +- Removed management/ directory from %doc + +* Thu Dec 14 2006 Alon Bar-Lev +- Added with_pkcs11 + +* Mon Aug 2 2005 James Yonan +- Fixed build problem with --define 'without_pam 1' + +* Mon Apr 4 2005 James Yonan +- Moved some files from /usr/share/openvpn to %doc for compatibility + with Dag Wieers' RPM repository + +* Sat Mar 12 2005 Tom Walsh +- Added MandrakeSoft liblzo1 require + +* Fri Dec 10 2004 James Yonan +- Added AutoReq: 0 for manual dependencies + +* Fri Dec 10 2004 James Yonan +- Packaged the plugins + +* Sun Nov 7 2004 Umberto Nicoletti +- SuSE support + +* Wed Aug 18 2004 Bishop Clark (LC957) +- restrict what we claim in /etc/ to avoid ownership conflicts + +* Sun Feb 23 2003 Matthias Andree 1.3.2.14-1. +- Have the version number filled in by autoconf. + +* Wed Jul 10 2002 James Yonan 1.3.1-1 +- Fixed %preun to only remove service on final uninstall + +* Mon Jun 17 2002 bishop clark (LC957) 1.2.2-1 +- Added condrestart to openvpn.spec & openvpn.init. + +* Wed May 22 2002 James Yonan 1.2.0-1 +- Added mknod for Linux 2.4. + +* Wed May 15 2002 Doug Keller 1.1.1.16-2 +- Added init scripts +- Added conf file support + +* Mon May 13 2002 bishop clark (LC957) 1.1.1.14-1 +- Added new directories for config examples and such + +* Sun May 12 2002 bishop clark (LC957) 1.1.1.13-1 +- Updated buildroot directive and cleanup command +- added easy-rsa utilities + +* Mon Mar 25 2002 bishop clark (LC957) 1.0-1 +- Initial build. diff --git a/app/openvpn/src/plugins/Makefile.in b/app/openvpn/src/plugins/Makefile.in new file mode 100644 index 00000000..6a366c4b --- /dev/null +++ b/app/openvpn/src/plugins/Makefile.in @@ -0,0 +1,546 @@ +# Makefile.in generated by automake 1.10 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# +# OpenVPN -- An application to securely tunnel IP networks +# over a single UDP port, with support for SSL/TLS-based +# session authentication and key exchange, +# packet encryption, packet authentication, and +# packet compression. +# +# Copyright (C) 2002-2010 OpenVPN Technologies, Inc. +# Copyright (C) 2006-2012 Alon Bar-Lev +# +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/plugins +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_emptyarray.m4 \ + $(top_srcdir)/m4/ax_socklen_t.m4 \ + $(top_srcdir)/m4/ax_varargs.m4 $(top_srcdir)/m4/libtool.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/version.m4 \ + $(top_srcdir)/compat.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +SOURCES = +DIST_SOURCES = +RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ + html-recursive info-recursive install-data-recursive \ + install-dvi-recursive install-exec-recursive \ + install-html-recursive install-info-recursive \ + install-pdf-recursive install-ps-recursive install-recursive \ + installcheck-recursive installdirs-recursive pdf-recursive \ + ps-recursive uninstall-recursive +RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ + distclean-recursive maintainer-clean-recursive +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AS = @AS@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DL_LIBS = @DL_LIBS@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GIT = @GIT@ +GREP = @GREP@ +IFCONFIG = @IFCONFIG@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPROUTE = @IPROUTE@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBPAM_CFLAGS = @LIBPAM_CFLAGS@ +LIBPAM_LIBS = @LIBPAM_LIBS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LZO_CFLAGS = @LZO_CFLAGS@ +LZO_LIBS = @LZO_LIBS@ +MAKEINFO = @MAKEINFO@ +MAN2HTML = @MAN2HTML@ +MKDIR_P = @MKDIR_P@ +NETSTAT = @NETSTAT@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_CRYPTO_CFLAGS = @OPENSSL_CRYPTO_CFLAGS@ +OPENSSL_CRYPTO_LIBS = @OPENSSL_CRYPTO_LIBS@ +OPENSSL_SSL_CFLAGS = @OPENSSL_SSL_CFLAGS@ +OPENSSL_SSL_LIBS = @OPENSSL_SSL_LIBS@ +OPTIONAL_CRYPTO_CFLAGS = @OPTIONAL_CRYPTO_CFLAGS@ +OPTIONAL_CRYPTO_LIBS = @OPTIONAL_CRYPTO_LIBS@ +OPTIONAL_DL_LIBS = @OPTIONAL_DL_LIBS@ +OPTIONAL_LZO_CFLAGS = @OPTIONAL_LZO_CFLAGS@ +OPTIONAL_LZO_LIBS = @OPTIONAL_LZO_LIBS@ +OPTIONAL_PKCS11_HELPER_CFLAGS = @OPTIONAL_PKCS11_HELPER_CFLAGS@ +OPTIONAL_PKCS11_HELPER_LIBS = @OPTIONAL_PKCS11_HELPER_LIBS@ +OPTIONAL_SELINUX_LIBS = @OPTIONAL_SELINUX_LIBS@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKCS11_HELPER_CFLAGS = @PKCS11_HELPER_CFLAGS@ +PKCS11_HELPER_LIBS = @PKCS11_HELPER_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PLUGIN_AUTH_PAM_CFLAGS = @PLUGIN_AUTH_PAM_CFLAGS@ +PLUGIN_AUTH_PAM_LIBS = @PLUGIN_AUTH_PAM_LIBS@ +POLARSSL_CFLAGS = @POLARSSL_CFLAGS@ +POLARSSL_LIBS = @POLARSSL_LIBS@ +RANLIB = @RANLIB@ +RC = @RC@ +ROUTE = @ROUTE@ +SED = @SED@ +SELINUX_LIBS = @SELINUX_LIBS@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKETS_LIBS = @SOCKETS_LIBS@ +STRIP = @STRIP@ +TAP_CFLAGS = @TAP_CFLAGS@ +TAP_WIN_COMPONENT_ID = @TAP_WIN_COMPONENT_ID@ +TAP_WIN_MIN_MAJOR = @TAP_WIN_MIN_MAJOR@ +TAP_WIN_MIN_MINOR = @TAP_WIN_MIN_MINOR@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +plugindir = @plugindir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sampledir = @sampledir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +MAINTAINERCLEANFILES = \ + $(srcdir)/Makefile.in + +SUBDIRS = auth-pam down-root +all: all-recursive + +.SUFFIXES: +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/plugins/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --foreign src/plugins/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +# This directory's subdirectories are mostly independent; you can cd +# into them and run `make' without going through this Makefile. +# To change the values of `make' variables: instead of editing Makefiles, +# (1) if the variable is set in `config.status', edit `config.status' +# (which will cause the Makefiles to be regenerated when you run `make'); +# (2) otherwise, pass the desired values on the `make' command line. +$(RECURSIVE_TARGETS): + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +$(RECURSIVE_CLEAN_TARGETS): + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ + dot_seen=no; \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + rev=''; for subdir in $$list; do \ + if test "$$subdir" = "."; then :; else \ + rev="$$subdir $$rev"; \ + fi; \ + done; \ + rev="$$rev ."; \ + target=`echo $@ | sed s/-recursive//`; \ + for subdir in $$rev; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done && test -z "$$fail" +tags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + done +ctags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + done + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test ! -f $$subdir/TAGS || \ + tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ + fi; \ + done; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test -d "$(distdir)/$$subdir" \ + || $(MKDIR_P) "$(distdir)/$$subdir" \ + || exit 1; \ + distdir=`$(am__cd) $(distdir) && pwd`; \ + top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ + (cd $$subdir && \ + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$$top_distdir" \ + distdir="$$distdir/$$subdir" \ + am__remove_distdir=: \ + am__skip_length_check=: \ + distdir) \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-recursive +all-am: Makefile +installdirs: installdirs-recursive +installdirs-am: +install: install-recursive +install-exec: install-exec-recursive +install-data: install-data-recursive +uninstall: uninstall-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-recursive +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." + -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) +clean: clean-recursive + +clean-am: clean-generic clean-libtool mostlyclean-am + +distclean: distclean-recursive + -rm -f Makefile +distclean-am: clean-am distclean-generic distclean-tags + +dvi: dvi-recursive + +dvi-am: + +html: html-recursive + +info: info-recursive + +info-am: + +install-data-am: + +install-dvi: install-dvi-recursive + +install-exec-am: + +install-html: install-html-recursive + +install-info: install-info-recursive + +install-man: + +install-pdf: install-pdf-recursive + +install-ps: install-ps-recursive + +installcheck-am: + +maintainer-clean: maintainer-clean-recursive + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-recursive + +mostlyclean-am: mostlyclean-generic mostlyclean-libtool + +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + +uninstall-am: + +.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ + install-strip + +.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ + all all-am check check-am clean clean-generic clean-libtool \ + ctags ctags-recursive distclean distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs installdirs-am maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ + uninstall uninstall-am + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/app/openvpn/src/plugins/auth-pam/Makefile.in b/app/openvpn/src/plugins/auth-pam/Makefile.in new file mode 100644 index 00000000..74c23306 --- /dev/null +++ b/app/openvpn/src/plugins/auth-pam/Makefile.in @@ -0,0 +1,570 @@ +# Makefile.in generated by automake 1.10 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# +# OpenVPN (TM) PAM Auth Plugin -- OpenVPN Plugin +# +# Copyright (C) 2012 Alon Bar-Lev +# + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/plugins/auth-pam +DIST_COMMON = $(am__dist_doc_DATA_DIST) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_emptyarray.m4 \ + $(top_srcdir)/m4/ax_socklen_t.m4 \ + $(top_srcdir)/m4/ax_varargs.m4 $(top_srcdir)/m4/libtool.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/version.m4 \ + $(top_srcdir)/compat.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(docdir)" +pluginLTLIBRARIES_INSTALL = $(INSTALL) +LTLIBRARIES = $(plugin_LTLIBRARIES) +am__DEPENDENCIES_1 = +openvpn_plugin_auth_pam_la_DEPENDENCIES = $(am__DEPENDENCIES_1) +am_openvpn_plugin_auth_pam_la_OBJECTS = auth-pam.lo pamdl.lo +openvpn_plugin_auth_pam_la_OBJECTS = \ + $(am_openvpn_plugin_auth_pam_la_OBJECTS) +openvpn_plugin_auth_pam_la_LINK = $(LIBTOOL) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(openvpn_plugin_auth_pam_la_LDFLAGS) \ + $(LDFLAGS) -o $@ +@ENABLE_PLUGIN_AUTH_PAM_TRUE@am_openvpn_plugin_auth_pam_la_rpath = \ +@ENABLE_PLUGIN_AUTH_PAM_TRUE@ -rpath $(plugindir) +DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(openvpn_plugin_auth_pam_la_SOURCES) +DIST_SOURCES = $(openvpn_plugin_auth_pam_la_SOURCES) +am__dist_doc_DATA_DIST = README.auth-pam +dist_docDATA_INSTALL = $(INSTALL_DATA) +DATA = $(dist_doc_DATA) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AS = @AS@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DL_LIBS = @DL_LIBS@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GIT = @GIT@ +GREP = @GREP@ +IFCONFIG = @IFCONFIG@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPROUTE = @IPROUTE@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBPAM_CFLAGS = @LIBPAM_CFLAGS@ +LIBPAM_LIBS = @LIBPAM_LIBS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LZO_CFLAGS = @LZO_CFLAGS@ +LZO_LIBS = @LZO_LIBS@ +MAKEINFO = @MAKEINFO@ +MAN2HTML = @MAN2HTML@ +MKDIR_P = @MKDIR_P@ +NETSTAT = @NETSTAT@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_CRYPTO_CFLAGS = @OPENSSL_CRYPTO_CFLAGS@ +OPENSSL_CRYPTO_LIBS = @OPENSSL_CRYPTO_LIBS@ +OPENSSL_SSL_CFLAGS = @OPENSSL_SSL_CFLAGS@ +OPENSSL_SSL_LIBS = @OPENSSL_SSL_LIBS@ +OPTIONAL_CRYPTO_CFLAGS = @OPTIONAL_CRYPTO_CFLAGS@ +OPTIONAL_CRYPTO_LIBS = @OPTIONAL_CRYPTO_LIBS@ +OPTIONAL_DL_LIBS = @OPTIONAL_DL_LIBS@ +OPTIONAL_LZO_CFLAGS = @OPTIONAL_LZO_CFLAGS@ +OPTIONAL_LZO_LIBS = @OPTIONAL_LZO_LIBS@ +OPTIONAL_PKCS11_HELPER_CFLAGS = @OPTIONAL_PKCS11_HELPER_CFLAGS@ +OPTIONAL_PKCS11_HELPER_LIBS = @OPTIONAL_PKCS11_HELPER_LIBS@ +OPTIONAL_SELINUX_LIBS = @OPTIONAL_SELINUX_LIBS@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKCS11_HELPER_CFLAGS = @PKCS11_HELPER_CFLAGS@ +PKCS11_HELPER_LIBS = @PKCS11_HELPER_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PLUGIN_AUTH_PAM_CFLAGS = @PLUGIN_AUTH_PAM_CFLAGS@ +PLUGIN_AUTH_PAM_LIBS = @PLUGIN_AUTH_PAM_LIBS@ +POLARSSL_CFLAGS = @POLARSSL_CFLAGS@ +POLARSSL_LIBS = @POLARSSL_LIBS@ +RANLIB = @RANLIB@ +RC = @RC@ +ROUTE = @ROUTE@ +SED = @SED@ +SELINUX_LIBS = @SELINUX_LIBS@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKETS_LIBS = @SOCKETS_LIBS@ +STRIP = @STRIP@ +TAP_CFLAGS = @TAP_CFLAGS@ +TAP_WIN_COMPONENT_ID = @TAP_WIN_COMPONENT_ID@ +TAP_WIN_MIN_MAJOR = @TAP_WIN_MIN_MAJOR@ +TAP_WIN_MIN_MINOR = @TAP_WIN_MIN_MINOR@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +plugindir = @plugindir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sampledir = @sampledir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +MAINTAINERCLEANFILES = \ + $(srcdir)/Makefile.in + +AM_CFLAGS = \ + -I$(top_srcdir)/include + +@ENABLE_PLUGIN_AUTH_PAM_TRUE@plugin_LTLIBRARIES = openvpn-plugin-auth-pam.la +@ENABLE_PLUGIN_AUTH_PAM_TRUE@dist_doc_DATA = README.auth-pam +openvpn_plugin_auth_pam_la_SOURCES = \ + auth-pam.c \ + pamdl.c pamdl.h \ + auth-pam.exports + +openvpn_plugin_auth_pam_la_LIBADD = \ + $(PLUGIN_AUTH_PAM_LIBS) + +openvpn_plugin_auth_pam_la_LDFLAGS = $(AM_LDFLAGS) \ + -export-symbols "$(srcdir)/auth-pam.exports" \ + -module -shared -avoid-version -no-undefined + +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/plugins/auth-pam/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --foreign src/plugins/auth-pam/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(plugindir)/$$f"; \ + else :; fi; \ + done + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$p'"; \ + $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$p"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +openvpn-plugin-auth-pam.la: $(openvpn_plugin_auth_pam_la_OBJECTS) $(openvpn_plugin_auth_pam_la_DEPENDENCIES) + $(openvpn_plugin_auth_pam_la_LINK) $(am_openvpn_plugin_auth_pam_la_rpath) $(openvpn_plugin_auth_pam_la_OBJECTS) $(openvpn_plugin_auth_pam_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auth-pam.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pamdl.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-dist_docDATA: $(dist_doc_DATA) + @$(NORMAL_INSTALL) + test -z "$(docdir)" || $(MKDIR_P) "$(DESTDIR)$(docdir)" + @list='$(dist_doc_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(dist_docDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(docdir)/$$f'"; \ + $(dist_docDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(docdir)/$$f"; \ + done + +uninstall-dist_docDATA: + @$(NORMAL_UNINSTALL) + @list='$(dist_doc_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(docdir)/$$f'"; \ + rm -f "$(DESTDIR)$(docdir)/$$f"; \ + done + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) $(DATA) +installdirs: + for dir in "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(docdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." + -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) +clean: clean-am + +clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: install-dist_docDATA install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-exec-am: + +install-html: install-html-am + +install-info: install-info-am + +install-man: + +install-pdf: install-pdf-am + +install-ps: install-ps-am + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-dist_docDATA uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-pluginLTLIBRARIES ctags distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am \ + install-dist_docDATA install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-dist_docDATA uninstall-pluginLTLIBRARIES + + $(PLUGIN_AUTH_PAM_CFLAGS) +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/app/openvpn/src/plugins/down-root/Makefile.in b/app/openvpn/src/plugins/down-root/Makefile.in new file mode 100644 index 00000000..fa06a466 --- /dev/null +++ b/app/openvpn/src/plugins/down-root/Makefile.in @@ -0,0 +1,563 @@ +# Makefile.in generated by automake 1.10 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# +# OpenVPN (TM) Down Root Plugin -- OpenVPN Plugin +# +# Copyright (C) 2012 Alon Bar-Lev +# + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/plugins/down-root +DIST_COMMON = $(am__dist_doc_DATA_DIST) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_emptyarray.m4 \ + $(top_srcdir)/m4/ax_socklen_t.m4 \ + $(top_srcdir)/m4/ax_varargs.m4 $(top_srcdir)/m4/libtool.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/version.m4 \ + $(top_srcdir)/compat.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(docdir)" +pluginLTLIBRARIES_INSTALL = $(INSTALL) +LTLIBRARIES = $(plugin_LTLIBRARIES) +openvpn_plugin_down_root_la_LIBADD = +am_openvpn_plugin_down_root_la_OBJECTS = down-root.lo +openvpn_plugin_down_root_la_OBJECTS = \ + $(am_openvpn_plugin_down_root_la_OBJECTS) +openvpn_plugin_down_root_la_LINK = $(LIBTOOL) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(openvpn_plugin_down_root_la_LDFLAGS) \ + $(LDFLAGS) -o $@ +@ENABLE_PLUGIN_DOWN_ROOT_TRUE@am_openvpn_plugin_down_root_la_rpath = \ +@ENABLE_PLUGIN_DOWN_ROOT_TRUE@ -rpath $(plugindir) +DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(openvpn_plugin_down_root_la_SOURCES) +DIST_SOURCES = $(openvpn_plugin_down_root_la_SOURCES) +am__dist_doc_DATA_DIST = README.down-root +dist_docDATA_INSTALL = $(INSTALL_DATA) +DATA = $(dist_doc_DATA) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AS = @AS@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DL_LIBS = @DL_LIBS@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GIT = @GIT@ +GREP = @GREP@ +IFCONFIG = @IFCONFIG@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPROUTE = @IPROUTE@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBPAM_CFLAGS = @LIBPAM_CFLAGS@ +LIBPAM_LIBS = @LIBPAM_LIBS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LZO_CFLAGS = @LZO_CFLAGS@ +LZO_LIBS = @LZO_LIBS@ +MAKEINFO = @MAKEINFO@ +MAN2HTML = @MAN2HTML@ +MKDIR_P = @MKDIR_P@ +NETSTAT = @NETSTAT@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_CRYPTO_CFLAGS = @OPENSSL_CRYPTO_CFLAGS@ +OPENSSL_CRYPTO_LIBS = @OPENSSL_CRYPTO_LIBS@ +OPENSSL_SSL_CFLAGS = @OPENSSL_SSL_CFLAGS@ +OPENSSL_SSL_LIBS = @OPENSSL_SSL_LIBS@ +OPTIONAL_CRYPTO_CFLAGS = @OPTIONAL_CRYPTO_CFLAGS@ +OPTIONAL_CRYPTO_LIBS = @OPTIONAL_CRYPTO_LIBS@ +OPTIONAL_DL_LIBS = @OPTIONAL_DL_LIBS@ +OPTIONAL_LZO_CFLAGS = @OPTIONAL_LZO_CFLAGS@ +OPTIONAL_LZO_LIBS = @OPTIONAL_LZO_LIBS@ +OPTIONAL_PKCS11_HELPER_CFLAGS = @OPTIONAL_PKCS11_HELPER_CFLAGS@ +OPTIONAL_PKCS11_HELPER_LIBS = @OPTIONAL_PKCS11_HELPER_LIBS@ +OPTIONAL_SELINUX_LIBS = @OPTIONAL_SELINUX_LIBS@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKCS11_HELPER_CFLAGS = @PKCS11_HELPER_CFLAGS@ +PKCS11_HELPER_LIBS = @PKCS11_HELPER_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PLUGIN_AUTH_PAM_CFLAGS = @PLUGIN_AUTH_PAM_CFLAGS@ +PLUGIN_AUTH_PAM_LIBS = @PLUGIN_AUTH_PAM_LIBS@ +POLARSSL_CFLAGS = @POLARSSL_CFLAGS@ +POLARSSL_LIBS = @POLARSSL_LIBS@ +RANLIB = @RANLIB@ +RC = @RC@ +ROUTE = @ROUTE@ +SED = @SED@ +SELINUX_LIBS = @SELINUX_LIBS@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKETS_LIBS = @SOCKETS_LIBS@ +STRIP = @STRIP@ +TAP_CFLAGS = @TAP_CFLAGS@ +TAP_WIN_COMPONENT_ID = @TAP_WIN_COMPONENT_ID@ +TAP_WIN_MIN_MAJOR = @TAP_WIN_MIN_MAJOR@ +TAP_WIN_MIN_MINOR = @TAP_WIN_MIN_MINOR@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +plugindir = @plugindir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sampledir = @sampledir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +MAINTAINERCLEANFILES = \ + $(srcdir)/Makefile.in + +AM_CFLAGS = \ + -I$(top_srcdir)/include + +@ENABLE_PLUGIN_DOWN_ROOT_TRUE@plugin_LTLIBRARIES = openvpn-plugin-down-root.la +@ENABLE_PLUGIN_DOWN_ROOT_TRUE@dist_doc_DATA = README.down-root +openvpn_plugin_down_root_la_SOURCES = \ + down-root.c \ + down-root.exports + +openvpn_plugin_down_root_la_LDFLAGS = $(AM_LDFLAGS) \ + -export-symbols "$(srcdir)/down-root.exports" \ + -module -shared -avoid-version -no-undefined + +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/plugins/down-root/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --foreign src/plugins/down-root/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(plugindir)/$$f"; \ + else :; fi; \ + done + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$p'"; \ + $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$p"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +openvpn-plugin-down-root.la: $(openvpn_plugin_down_root_la_OBJECTS) $(openvpn_plugin_down_root_la_DEPENDENCIES) + $(openvpn_plugin_down_root_la_LINK) $(am_openvpn_plugin_down_root_la_rpath) $(openvpn_plugin_down_root_la_OBJECTS) $(openvpn_plugin_down_root_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/down-root.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-dist_docDATA: $(dist_doc_DATA) + @$(NORMAL_INSTALL) + test -z "$(docdir)" || $(MKDIR_P) "$(DESTDIR)$(docdir)" + @list='$(dist_doc_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(dist_docDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(docdir)/$$f'"; \ + $(dist_docDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(docdir)/$$f"; \ + done + +uninstall-dist_docDATA: + @$(NORMAL_UNINSTALL) + @list='$(dist_doc_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(docdir)/$$f'"; \ + rm -f "$(DESTDIR)$(docdir)/$$f"; \ + done + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) $(DATA) +installdirs: + for dir in "$(DESTDIR)$(plugindir)" "$(DESTDIR)$(docdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." + -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) +clean: clean-am + +clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: install-dist_docDATA install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-exec-am: + +install-html: install-html-am + +install-info: install-info-am + +install-man: + +install-pdf: install-pdf-am + +install-ps: install-ps-am + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-dist_docDATA uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-pluginLTLIBRARIES ctags distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am \ + install-dist_docDATA install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pluginLTLIBRARIES install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-dist_docDATA uninstall-pluginLTLIBRARIES + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/app/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java b/app/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java new file mode 100644 index 00000000..e595106c --- /dev/null +++ b/app/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java @@ -0,0 +1,275 @@ +package de.blinkt.openvpn.core; + +import net.openvpn.ovpn3.ClientAPI_Config; +import net.openvpn.ovpn3.ClientAPI_EvalConfig; +import net.openvpn.ovpn3.ClientAPI_Event; +import net.openvpn.ovpn3.ClientAPI_ExternalPKICertRequest; +import net.openvpn.ovpn3.ClientAPI_ExternalPKISignRequest; +import net.openvpn.ovpn3.ClientAPI_LogInfo; +import net.openvpn.ovpn3.ClientAPI_OpenVPNClient; +import net.openvpn.ovpn3.ClientAPI_ProvideCreds; +import net.openvpn.ovpn3.ClientAPI_Status; +import net.openvpn.ovpn3.ClientAPI_TransportStats; + +import java.lang.Override; + +import de.blinkt.openvpn.VpnProfile; + +import android.content.Context; + +public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable, OpenVPNManagement { + + static { + /*System.loadLibrary("crypto"); + System.loadLibrary("ssl");*/ + System.loadLibrary("polarssl-dynamic"); + System.loadLibrary("ovpn3"); + } + + private VpnProfile mVp; + private OpenVPNService mService; + + class StatusPoller implements Runnable + { + private long mSleeptime; + + boolean mStopped=false; + + public StatusPoller(long sleeptime) { + mSleeptime=sleeptime; + } + + public void run() { + while(!mStopped) { + try { + Thread.sleep(mSleeptime); + } catch (InterruptedException e) { + } + ClientAPI_TransportStats t = transport_stats(); + long in = t.getBytesIn(); + long out = t.getBytesOut(); + VpnStatus.updateByteCount(in, out); + } + } + + public void stop() { + mStopped=true; + } + } + + @Override + public void run() { + String configstr = mVp.getConfigFile((Context)mService,true); + if(!setConfig(configstr)) + return; + setUserPW(); + VpnStatus.logInfo(copyright()); + + StatusPoller statuspoller = new StatusPoller(5000); + new Thread(statuspoller,"Status Poller").start(); + + ClientAPI_Status status = connect(); + if(status.getError()) { + VpnStatus.logError(String.format("connect() error: %s: %s",status.getStatus(),status.getMessage())); + } else { + VpnStatus.logInfo("OpenVPN3 thread finished"); + } + statuspoller.stop(); + } + + @Override + public boolean tun_builder_set_remote_address(String address, boolean ipv6) { + mService.setMtu(1500); + return true; + } + + @Override + public boolean tun_builder_set_mtu(int mtu) { + mService.setMtu(mtu); + return true; + } + @Override + public boolean tun_builder_add_dns_server(String address, boolean ipv6) { + mService.addDNS(address); + return true; + } + + @Override + public boolean tun_builder_add_route(String address, int prefix_length, + boolean ipv6) { + if (address.equals("remote_host")) + return false; + + if(ipv6) + mService.addRoutev6(address + "/" + prefix_length,"tun"); + else + mService.addRoute(new CIDRIP(address, prefix_length)); + return true; + } + + @Override + public boolean tun_builder_add_search_domain(String domain) { + mService.setDomain(domain); + return true; + } + + @Override + public int tun_builder_establish() { + return mService.openTun().detachFd(); + } + + @Override + public boolean tun_builder_set_session_name(String name) { + VpnStatus.logInfo("We should call this session" + name); + return true; + } + + + + @Override + public boolean tun_builder_add_address(String address, int prefix_length, + boolean ipv6) { + if(!ipv6) + mService.setLocalIP(new CIDRIP(address, prefix_length)); + else + mService.setLocalIPv6(address+ "/" + prefix_length); + return true; + } + + @Override + public boolean tun_builder_new() { + + return true; + } + + @Override + public boolean tun_builder_reroute_gw(String server_address, + boolean server_address_ipv6, boolean ipv4, boolean ipv6, long flags) { + // ignore + return true; + } + + @Override + public boolean tun_builder_exclude_route(String address, int prefix_length, + boolean ipv6) { + //ignore + return true; + } + + + private boolean setConfig(String vpnconfig) { + + ClientAPI_Config config = new ClientAPI_Config(); + if(mVp.getPasswordPrivateKey()!=null) + config.setPrivateKeyPassword(mVp.getPasswordPrivateKey()); + + config.setContent(vpnconfig); + config.setTunPersist(mVp.mPersistTun); + config.setGuiVersion(mVp.getVersionEnvString(mService)); + config.setExternalPkiAlias("extpki"); + + ClientAPI_EvalConfig ec = eval_config(config); + if(ec.getExternalPki()) { + VpnStatus.logError("OpenVPN seem to think as external PKI"); + } + if (ec.getError()) { + VpnStatus.logError("OpenVPN config file parse error: " + ec.getMessage()); + return false; + } else { + config.setContent(vpnconfig); + return true; + } + } + + @Override + public void external_pki_cert_request(ClientAPI_ExternalPKICertRequest certreq) { + VpnStatus.logError("EXT PKI CERT"); + String[] ks = mVp.getKeyStoreCertificates((Context) mService); + if(ks==null) { + certreq.setError(true); + certreq.setErrorText("Error in pki cert request"); + return; + } + + String supcerts = ks[0]; + /* FIXME: How to differentiate between chain and ca certs in OpenVPN 3? */ + if (ks[1]!=null) + supcerts += "\n" + ks[1]; + certreq.setSupportingChain(supcerts); + certreq.setCert(ks[2]); + certreq.setError(false); + } + + @Override + public void external_pki_sign_request(ClientAPI_ExternalPKISignRequest signreq) { + signreq.setSig(mVp.getSignedData(signreq.getData())); + } + + void setUserPW() { + if(mVp.isUserPWAuth()) { + ClientAPI_ProvideCreds creds = new ClientAPI_ProvideCreds(); + creds.setCachePassword(true); + creds.setPassword(mVp.getPasswordAuth()); + creds.setUsername(mVp.mUsername); + provide_creds(creds); + } + } + + @Override + public boolean socket_protect(int socket) { + boolean b= mService.protect(socket); + return b; + + } + + public OpenVPNThreadv3(OpenVPNService openVpnService, VpnProfile vp) { + init_process(); + mVp =vp; + mService =openVpnService; + } + + @Override + public void pause(pauseReason pauseReason) + { + pause(); + } + + @Override + public void log(ClientAPI_LogInfo arg0) { + String logmsg =arg0.getText(); + while (logmsg.endsWith("\n")) + logmsg = logmsg.substring(0, logmsg.length()-1); + + VpnStatus.logInfo(logmsg); + } + + @Override + public void event(ClientAPI_Event event) { + VpnStatus.updateStateString(event.getName(), event.getInfo()); + if(event.getError()) + VpnStatus.logError(String.format("EVENT(Error): %s: %s",event.getName(),event.getInfo())); + } + + + // When a connection is close to timeout, the core will call this + // method. If it returns false, the core will disconnect with a + // CONNECTION_TIMEOUT event. If true, the core will enter a PAUSE + // state. + + @Override + public boolean pause_on_connection_timeout() { + VpnStatus.logInfo("pause on connection timeout?! "); + return true; + } + + public boolean stopVPN() { + stop(); + return true; + } + + @Override + public void reconnect() { + reconnect(1); + } + +} diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml index 7d1063ef..6b548dbb 100644 --- a/app/src/main/AndroidManifest.xml +++ b/app/src/main/AndroidManifest.xml @@ -27,13 +27,14 @@ + android:targetSdkVersion="21"/> + android:label="@string/app" + android:theme="@style/appstyle"> + + + + @drawable/ic_close_white_24dp + @drawable/ic_share_white_24dp + @drawable/ic_filter_list_white_24dp + @drawable/ic_delete_white_24dp + @drawable/ic_edit_white_24dp + diff --git a/app/src/main/res/values/colours.xml b/app/src/main/res/values/colours.xml new file mode 100644 index 00000000..89fb41dd --- /dev/null +++ b/app/src/main/res/values/colours.xml @@ -0,0 +1,13 @@ + + + + + + + #3F51B5 + #303F9F + #FFA726 + \ No newline at end of file diff --git a/app/src/main/res/values/refs.xml b/app/src/main/res/values/refs.xml new file mode 100644 index 00000000..5e7f5e14 --- /dev/null +++ b/app/src/main/res/values/refs.xml @@ -0,0 +1,15 @@ + + + + + @android:drawable/ic_menu_close_clear_cancel + @android:drawable/ic_menu_share + @android:drawable/ic_menu_save + @android:drawable/ic_menu_view + @android:drawable/ic_menu_delete + @android:drawable/ic_menu_edit + + diff --git a/app/src/main/res/values/untranslatable.xml b/app/src/main/res/values/untranslatable.xml index 7257bf3a..349c94fc 100644 --- a/app/src/main/res/values/untranslatable.xml +++ b/app/src/main/res/values/untranslatable.xml @@ -2469,6 +2469,666 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/app/src/ovpn3/Android.mk b/app/src/ovpn3/Android.mk new file mode 100644 index 00000000..7f037ac0 --- /dev/null +++ b/app/src/ovpn3/Android.mk @@ -0,0 +1,40 @@ +LOCAL_PATH:= $(call my-dir)/ + +include $(CLEAR_VARS) + +LOCAL_LDLIBS := -lz +LOCAL_C_INCLUDES := openssl/include lzo/include openssl/crypto openssl openvpn/src/compat openvpn3/client openvpn3 boost_1_55_0 polarssl/include snappy +LOCAL_CPP_FEATURES += exceptions rtti + +#LOCAL_SHARED_LIBRARIES := libssl libcrypto +LOCAL_SHARED_LIBRARIES := polarssl-dynamic +#LOCAL_STATIC_LIBRARIES := libssl_static libcrypto_static liblzo-static +LOCAL_STATIC_LIBRARIES := liblzo-static snappy-static + +#LOCAL_CFLAGS= -DHAVE_CONFIG_H -DTARGET_ABI=\"${TARGET_ABI}\" -DUSE_OPENSSL -DOPENSSL_NO_ENGINE +LOCAL_CFLAGS= -DHAVE_CONFIG_H -DTARGET_ABI=\"${TARGET_ABI}\" -DUSE_POLARSSL -DHAVE_SNAPPY -DHAVE_LZO + +#ifneq ($(TARGET_ARCH),mips) +#LOCAL_STATIC_LIBRARIES += breakpad_client +#LOCAL_CFLAGS += -DGOOGLE_BREAKPAD=1 +#endif + +LOCAL_MODULE = ovpn3 + +LOCAL_SRC_FILES:= \ + ../openvpn3/javacli/ovpncli_wrap.cxx \ + boostsrc/error_code.cpp \ + ../openvpn3/client/ovpncli.cpp \ + + +#ifneq ($(TARGET_ARCH),mips) +#LOCAL_SRC_FILES+=src/openvpn/breakpad.cpp +#endif + + + +include $(BUILD_SHARED_LIBRARY) +#include $(BUILD_EXECUTABLE) + + + diff --git a/app/src/ovpn3/boostsrc/error_code.cpp b/app/src/ovpn3/boostsrc/error_code.cpp new file mode 100644 index 00000000..6772d154 --- /dev/null +++ b/app/src/ovpn3/boostsrc/error_code.cpp @@ -0,0 +1,430 @@ +// error_code support implementation file ----------------------------------// + +// Copyright Beman Dawes 2002, 2006 + +// Distributed under the Boost Software License, Version 1.0. (See accompanying +// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) + +// See library home page at http://www.boost.org/libs/system + +//----------------------------------------------------------------------------// + +#include + +// define BOOST_SYSTEM_SOURCE so that knows +// the library is being built (possibly exporting rather than importing code) +#define BOOST_SYSTEM_SOURCE + +#include +#include +#include +#include +#include +#include + +using namespace boost::system; +using namespace boost::system::errc; + +#include // for strerror/strerror_r + +# if defined( BOOST_WINDOWS_API ) +# include +# include "local_free_on_destruction.hpp" +# ifndef ERROR_INCORRECT_SIZE +# define ERROR_INCORRECT_SIZE ERROR_BAD_ARGUMENTS +# endif +# endif + +//----------------------------------------------------------------------------// + +namespace +{ +#if defined(__PGI) + using boost::system::errc::invalid_argument; +#endif + // standard error categories ---------------------------------------------// + + class generic_error_category : public error_category + { + public: + generic_error_category(){} + const char * name() const; + std::string message( int ev ) const; + }; + + class system_error_category : public error_category + { + public: + system_error_category(){} + const char * name() const; + std::string message( int ev ) const; + error_condition default_error_condition( int ev ) const; + }; + + // generic_error_category implementation ---------------------------------// + + const char * generic_error_category::name() const + { + return "generic"; + } + + std::string generic_error_category::message( int ev ) const + { + static std::string unknown_err( "Unknown error" ); + // strerror_r is preferred because it is always thread safe, + // however, we fallback to strerror in certain cases because: + // -- Windows doesn't provide strerror_r. + // -- HP and Sun do provide strerror_r on newer systems, but there is + // no way to tell if is available at runtime and in any case their + // versions of strerror are thread safe anyhow. + // -- Linux only sometimes provides strerror_r. + // -- Tru64 provides strerror_r only when compiled -pthread. + // -- VMS doesn't provide strerror_r, but on this platform, strerror is + // thread safe. + # if defined(BOOST_WINDOWS_API) || defined(__hpux) || defined(__sun)\ + || (defined(__linux) && (!defined(__USE_XOPEN2K) || defined(BOOST_SYSTEM_USE_STRERROR)))\ + || (defined(__osf__) && !defined(_REENTRANT))\ + || (defined(__INTEGRITY))\ + || (defined(__vms))\ + || (defined(__QNXNTO__)) + const char * c_str = std::strerror( ev ); + return c_str + ? std::string( c_str ) + : unknown_err; + # else // use strerror_r + char buf[64]; + char * bp = buf; + std::size_t sz = sizeof(buf); + # if defined(__CYGWIN__) || defined(__USE_GNU) + // Oddball version of strerror_r + const char * c_str = strerror_r( ev, bp, sz ); + return c_str + ? std::string( c_str ) + : unknown_err; + # else + // POSIX version of strerror_r + int result; + for (;;) + { + // strerror_r returns 0 on success, otherwise ERANGE if buffer too small, + // invalid_argument if ev not a valid error number + # if defined (__sgi) + const char * c_str = strerror( ev ); + result = 0; + return c_str + ? std::string( c_str ) + : unknown_err; + # else + result = strerror_r( ev, bp, sz ); + # endif + if (result == 0 ) + break; + else + { + # if defined(__linux) + // Linux strerror_r returns -1 on error, with error number in errno + result = errno; + # endif + if ( result != ERANGE ) break; + if ( sz > sizeof(buf) ) std::free( bp ); + sz *= 2; + if ( (bp = static_cast(std::malloc( sz ))) == 0 ) + return std::string( "ENOMEM" ); + } + } + std::string msg; + try + { + msg = ( ( result == invalid_argument ) ? "Unknown error" : bp ); + } + +# ifndef BOOST_NO_EXCEPTIONS + // See ticket #2098 + catch(...) + { + // just eat the exception + } +# endif + + if ( sz > sizeof(buf) ) std::free( bp ); + sz = 0; + return msg; + # endif // else POSIX version of strerror_r + # endif // else use strerror_r + } + // system_error_category implementation --------------------------------// + + const char * system_error_category::name() const + { + return "system"; + } + + error_condition system_error_category::default_error_condition( int ev ) const + { + switch ( ev ) + { + case 0: return make_error_condition( success ); +# if defined(BOOST_POSIX_API) + // POSIX-like O/S -> posix_errno decode table ---------------------------// + case E2BIG: return make_error_condition( argument_list_too_long ); + case EACCES: return make_error_condition( permission_denied ); + case EADDRINUSE: return make_error_condition( address_in_use ); + case EADDRNOTAVAIL: return make_error_condition( address_not_available ); + case EAFNOSUPPORT: return make_error_condition( address_family_not_supported ); + case EAGAIN: return make_error_condition( resource_unavailable_try_again ); +# if EALREADY != EBUSY // EALREADY and EBUSY are the same on QNX Neutrino + case EALREADY: return make_error_condition( connection_already_in_progress ); +# endif + case EBADF: return make_error_condition( bad_file_descriptor ); + case EBADMSG: return make_error_condition( bad_message ); + case EBUSY: return make_error_condition( device_or_resource_busy ); + case ECANCELED: return make_error_condition( operation_canceled ); + case ECHILD: return make_error_condition( no_child_process ); + case ECONNABORTED: return make_error_condition( connection_aborted ); + case ECONNREFUSED: return make_error_condition( connection_refused ); + case ECONNRESET: return make_error_condition( connection_reset ); + case EDEADLK: return make_error_condition( resource_deadlock_would_occur ); + case EDESTADDRREQ: return make_error_condition( destination_address_required ); + case EDOM: return make_error_condition( argument_out_of_domain ); + case EEXIST: return make_error_condition( file_exists ); + case EFAULT: return make_error_condition( bad_address ); + case EFBIG: return make_error_condition( file_too_large ); + case EHOSTUNREACH: return make_error_condition( host_unreachable ); + case EIDRM: return make_error_condition( identifier_removed ); + case EILSEQ: return make_error_condition( illegal_byte_sequence ); + case EINPROGRESS: return make_error_condition( operation_in_progress ); + case EINTR: return make_error_condition( interrupted ); + case EINVAL: return make_error_condition( invalid_argument ); + case EIO: return make_error_condition( io_error ); + case EISCONN: return make_error_condition( already_connected ); + case EISDIR: return make_error_condition( is_a_directory ); + case ELOOP: return make_error_condition( too_many_symbolic_link_levels ); + case EMFILE: return make_error_condition( too_many_files_open ); + case EMLINK: return make_error_condition( too_many_links ); + case EMSGSIZE: return make_error_condition( message_size ); + case ENAMETOOLONG: return make_error_condition( filename_too_long ); + case ENETDOWN: return make_error_condition( network_down ); + case ENETRESET: return make_error_condition( network_reset ); + case ENETUNREACH: return make_error_condition( network_unreachable ); + case ENFILE: return make_error_condition( too_many_files_open_in_system ); + case ENOBUFS: return make_error_condition( no_buffer_space ); + case ENODATA: return make_error_condition( no_message_available ); + case ENODEV: return make_error_condition( no_such_device ); + case ENOENT: return make_error_condition( no_such_file_or_directory ); + case ENOEXEC: return make_error_condition( executable_format_error ); + case ENOLCK: return make_error_condition( no_lock_available ); + case ENOLINK: return make_error_condition( no_link ); + case ENOMEM: return make_error_condition( not_enough_memory ); + case ENOMSG: return make_error_condition( no_message ); + case ENOPROTOOPT: return make_error_condition( no_protocol_option ); + case ENOSPC: return make_error_condition( no_space_on_device ); + case ENOSR: return make_error_condition( no_stream_resources ); + case ENOSTR: return make_error_condition( not_a_stream ); + case ENOSYS: return make_error_condition( function_not_supported ); + case ENOTCONN: return make_error_condition( not_connected ); + case ENOTDIR: return make_error_condition( not_a_directory ); + # if ENOTEMPTY != EEXIST // AIX treats ENOTEMPTY and EEXIST as the same value + case ENOTEMPTY: return make_error_condition( directory_not_empty ); + # endif // ENOTEMPTY != EEXIST + # if ENOTRECOVERABLE != ECONNRESET // the same on some Broadcom chips + case ENOTRECOVERABLE: return make_error_condition( state_not_recoverable ); + # endif // ENOTRECOVERABLE != ECONNRESET + case ENOTSOCK: return make_error_condition( not_a_socket ); + case ENOTSUP: return make_error_condition( not_supported ); + case ENOTTY: return make_error_condition( inappropriate_io_control_operation ); + case ENXIO: return make_error_condition( no_such_device_or_address ); + # if EOPNOTSUPP != ENOTSUP + case EOPNOTSUPP: return make_error_condition( operation_not_supported ); + # endif // EOPNOTSUPP != ENOTSUP + case EOVERFLOW: return make_error_condition( value_too_large ); + # if EOWNERDEAD != ECONNABORTED // the same on some Broadcom chips + case EOWNERDEAD: return make_error_condition( owner_dead ); + # endif // EOWNERDEAD != ECONNABORTED + case EPERM: return make_error_condition( operation_not_permitted ); + case EPIPE: return make_error_condition( broken_pipe ); + case EPROTO: return make_error_condition( protocol_error ); + case EPROTONOSUPPORT: return make_error_condition( protocol_not_supported ); + case EPROTOTYPE: return make_error_condition( wrong_protocol_type ); + case ERANGE: return make_error_condition( result_out_of_range ); + case EROFS: return make_error_condition( read_only_file_system ); + case ESPIPE: return make_error_condition( invalid_seek ); + case ESRCH: return make_error_condition( no_such_process ); + case ETIME: return make_error_condition( stream_timeout ); + case ETIMEDOUT: return make_error_condition( timed_out ); + case ETXTBSY: return make_error_condition( text_file_busy ); + # if EAGAIN != EWOULDBLOCK + case EWOULDBLOCK: return make_error_condition( operation_would_block ); + # endif // EAGAIN != EWOULDBLOCK + case EXDEV: return make_error_condition( cross_device_link ); + #else + // Windows system -> posix_errno decode table ---------------------------// + // see WinError.h comments for descriptions of errors + case ERROR_ACCESS_DENIED: return make_error_condition( permission_denied ); + case ERROR_ALREADY_EXISTS: return make_error_condition( file_exists ); + case ERROR_BAD_UNIT: return make_error_condition( no_such_device ); + case ERROR_BUFFER_OVERFLOW: return make_error_condition( filename_too_long ); + case ERROR_BUSY: return make_error_condition( device_or_resource_busy ); + case ERROR_BUSY_DRIVE: return make_error_condition( device_or_resource_busy ); + case ERROR_CANNOT_MAKE: return make_error_condition( permission_denied ); + case ERROR_CANTOPEN: return make_error_condition( io_error ); + case ERROR_CANTREAD: return make_error_condition( io_error ); + case ERROR_CANTWRITE: return make_error_condition( io_error ); + case ERROR_CURRENT_DIRECTORY: return make_error_condition( permission_denied ); + case ERROR_DEV_NOT_EXIST: return make_error_condition( no_such_device ); + case ERROR_DEVICE_IN_USE: return make_error_condition( device_or_resource_busy ); + case ERROR_DIR_NOT_EMPTY: return make_error_condition( directory_not_empty ); + case ERROR_DIRECTORY: return make_error_condition( invalid_argument ); // WinError.h: "The directory name is invalid" + case ERROR_DISK_FULL: return make_error_condition( no_space_on_device ); + case ERROR_FILE_EXISTS: return make_error_condition( file_exists ); + case ERROR_FILE_NOT_FOUND: return make_error_condition( no_such_file_or_directory ); + case ERROR_HANDLE_DISK_FULL: return make_error_condition( no_space_on_device ); + case ERROR_INVALID_ACCESS: return make_error_condition( permission_denied ); + case ERROR_INVALID_DRIVE: return make_error_condition( no_such_device ); + case ERROR_INVALID_FUNCTION: return make_error_condition( function_not_supported ); + case ERROR_INVALID_HANDLE: return make_error_condition( invalid_argument ); + case ERROR_INVALID_NAME: return make_error_condition( invalid_argument ); + case ERROR_LOCK_VIOLATION: return make_error_condition( no_lock_available ); + case ERROR_LOCKED: return make_error_condition( no_lock_available ); + case ERROR_NEGATIVE_SEEK: return make_error_condition( invalid_argument ); + case ERROR_NOACCESS: return make_error_condition( permission_denied ); + case ERROR_NOT_ENOUGH_MEMORY: return make_error_condition( not_enough_memory ); + case ERROR_NOT_READY: return make_error_condition( resource_unavailable_try_again ); + case ERROR_NOT_SAME_DEVICE: return make_error_condition( cross_device_link ); + case ERROR_OPEN_FAILED: return make_error_condition( io_error ); + case ERROR_OPEN_FILES: return make_error_condition( device_or_resource_busy ); + case ERROR_OPERATION_ABORTED: return make_error_condition( operation_canceled ); + case ERROR_OUTOFMEMORY: return make_error_condition( not_enough_memory ); + case ERROR_PATH_NOT_FOUND: return make_error_condition( no_such_file_or_directory ); + case ERROR_READ_FAULT: return make_error_condition( io_error ); + case ERROR_RETRY: return make_error_condition( resource_unavailable_try_again ); + case ERROR_SEEK: return make_error_condition( io_error ); + case ERROR_SHARING_VIOLATION: return make_error_condition( permission_denied ); + case ERROR_TOO_MANY_OPEN_FILES: return make_error_condition( too_many_files_open ); + case ERROR_WRITE_FAULT: return make_error_condition( io_error ); + case ERROR_WRITE_PROTECT: return make_error_condition( permission_denied ); + case WSAEACCES: return make_error_condition( permission_denied ); + case WSAEADDRINUSE: return make_error_condition( address_in_use ); + case WSAEADDRNOTAVAIL: return make_error_condition( address_not_available ); + case WSAEAFNOSUPPORT: return make_error_condition( address_family_not_supported ); + case WSAEALREADY: return make_error_condition( connection_already_in_progress ); + case WSAEBADF: return make_error_condition( bad_file_descriptor ); + case WSAECONNABORTED: return make_error_condition( connection_aborted ); + case WSAECONNREFUSED: return make_error_condition( connection_refused ); + case WSAECONNRESET: return make_error_condition( connection_reset ); + case WSAEDESTADDRREQ: return make_error_condition( destination_address_required ); + case WSAEFAULT: return make_error_condition( bad_address ); + case WSAEHOSTUNREACH: return make_error_condition( host_unreachable ); + case WSAEINPROGRESS: return make_error_condition( operation_in_progress ); + case WSAEINTR: return make_error_condition( interrupted ); + case WSAEINVAL: return make_error_condition( invalid_argument ); + case WSAEISCONN: return make_error_condition( already_connected ); + case WSAEMFILE: return make_error_condition( too_many_files_open ); + case WSAEMSGSIZE: return make_error_condition( message_size ); + case WSAENAMETOOLONG: return make_error_condition( filename_too_long ); + case WSAENETDOWN: return make_error_condition( network_down ); + case WSAENETRESET: return make_error_condition( network_reset ); + case WSAENETUNREACH: return make_error_condition( network_unreachable ); + case WSAENOBUFS: return make_error_condition( no_buffer_space ); + case WSAENOPROTOOPT: return make_error_condition( no_protocol_option ); + case WSAENOTCONN: return make_error_condition( not_connected ); + case WSAENOTSOCK: return make_error_condition( not_a_socket ); + case WSAEOPNOTSUPP: return make_error_condition( operation_not_supported ); + case WSAEPROTONOSUPPORT: return make_error_condition( protocol_not_supported ); + case WSAEPROTOTYPE: return make_error_condition( wrong_protocol_type ); + case WSAETIMEDOUT: return make_error_condition( timed_out ); + case WSAEWOULDBLOCK: return make_error_condition( operation_would_block ); + #endif + default: return error_condition( ev, system_category() ); + } + } + +# if !defined( BOOST_WINDOWS_API ) + + std::string system_error_category::message( int ev ) const + { + return generic_category().message( ev ); + } +# else + + std::string system_error_category::message( int ev ) const + { +# ifndef BOOST_NO_ANSI_APIS + LPVOID lpMsgBuf = 0; + DWORD retval = ::FormatMessageA( + FORMAT_MESSAGE_ALLOCATE_BUFFER | + FORMAT_MESSAGE_FROM_SYSTEM | + FORMAT_MESSAGE_IGNORE_INSERTS, + NULL, + ev, + MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language + (LPSTR) &lpMsgBuf, + 0, + NULL + ); + detail::local_free_on_destruction lfod(lpMsgBuf); + if (retval == 0) + return std::string("Unknown error"); + + std::string str( static_cast(lpMsgBuf) ); +# else // WinCE workaround + LPVOID lpMsgBuf = 0; + DWORD retval = ::FormatMessageW( + FORMAT_MESSAGE_ALLOCATE_BUFFER | + FORMAT_MESSAGE_FROM_SYSTEM | + FORMAT_MESSAGE_IGNORE_INSERTS, + NULL, + ev, + MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language + (LPWSTR) &lpMsgBuf, + 0, + NULL + ); + detail::local_free_on_destruction lfod(lpMsgBuf); + if (retval == 0) + return std::string("Unknown error"); + + int num_chars = (wcslen( static_cast(lpMsgBuf) ) + 1) * 2; + LPSTR narrow_buffer = (LPSTR)_alloca( num_chars ); + if (::WideCharToMultiByte(CP_ACP, 0, static_cast(lpMsgBuf), -1, narrow_buffer, num_chars, NULL, NULL) == 0) + return std::string("Unknown error"); + + std::string str( narrow_buffer ); +# endif + while ( str.size() + && (str[str.size()-1] == '\n' || str[str.size()-1] == '\r') ) + str.erase( str.size()-1 ); + if ( str.size() && str[str.size()-1] == '.' ) + { str.erase( str.size()-1 ); } + return str; + } +# endif + +} // unnamed namespace + +namespace boost +{ + namespace system + { + +# ifndef BOOST_SYSTEM_NO_DEPRECATED + BOOST_SYSTEM_DECL error_code throws; // "throw on error" special error_code; + // note that it doesn't matter if this + // isn't initialized before use since + // the only use is to take its + // address for comparison purposes +# endif + + BOOST_SYSTEM_DECL const error_category & system_category() + { + static const system_error_category system_category_const; + return system_category_const; + } + + BOOST_SYSTEM_DECL const error_category & generic_category() + { + static const generic_error_category generic_category_const; + return generic_category_const; + } + + } // namespace system +} // namespace boost diff --git a/app/vpndialogxposed/src/main/res/values/strings-icsopenvpn.xml b/app/vpndialogxposed/src/main/res/values/strings-icsopenvpn.xml deleted file mode 100644 index 6eace130..00000000 --- a/app/vpndialogxposed/src/main/res/values/strings-icsopenvpn.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - VpnDialog Xposed Module - Select the apps that should be allowed to use the VpnService API without user confirmation - No Apps using the VPNService API found - - -- cgit v1.2.3 From 582758a34f6fd82ad1071bf9a196f0fa048689e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Dec 2014 11:30:28 +0100 Subject: Working on Android 5. Beware! https://code.google.com/p/android/issues/detail?id=80074: Wrong VpnService.prepare() behavior after re-installation of the VPN app on Android 5.0 "The following steps will cause incorrect behavior of the VpnService.prepare(): 1. Establish VPN connection using any VPN app. VpnService.prepare() will return an intent for the "Connection request" system activity. Once user accepts it, VPN connection can be established successfully. 2. Uninstall VPN app. 3. Re-install the same VPN app. 4. Now VpnService.prepare() returns null, as if the VPN service has been already prepared. 5. Now VpnService.protect() returns false and VPN connection fails. Device reboot is needed in order to be able to establish VPN connection again." --- .../java/se/leap/bitmaskclient/ProviderAPI.java | 20 +++--- .../main/java/se/leap/bitmaskclient/Dashboard.java | 72 +++++++++++++--------- .../se/leap/bitmaskclient/EipServiceFragment.java | 21 ++----- .../java/se/leap/bitmaskclient/eip/Constants.java | 1 - .../main/java/se/leap/bitmaskclient/eip/EIP.java | 28 ++++----- .../java/se/leap/bitmaskclient/ProviderAPI.java | 21 +++---- 6 files changed, 80 insertions(+), 83 deletions(-) (limited to 'app') diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java index 9ac5ff66..f47510bc 100644 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java @@ -62,11 +62,11 @@ public class ProviderAPI extends IntentService { ; final public static int - SRP_AUTHENTICATION_SUCCESSFUL = 3, - SRP_AUTHENTICATION_FAILED = 4, - SRP_REGISTRATION_SUCCESSFUL = 5, - SRP_REGISTRATION_FAILED = 6, - LOGOUT_SUCCESSFUL = 7, + SUCCESSFUL_LOGIN = 3, + FAILED_LOGIN = 4, + SUCCESSFUL_SIGNUP = 5, + FAILED_SIGNUP = 6, + SUCCESSFUL_LOGOUT = 7, LOGOUT_FAILED = 8, CORRECTLY_DOWNLOADED_CERTIFICATE = 9, INCORRECTLY_DOWNLOADED_CERTIFICATE = 10, @@ -142,20 +142,20 @@ public class ProviderAPI extends IntentService { } else if (action.equalsIgnoreCase(SRP_REGISTER)) { Bundle session_id_bundle = tryToRegister(parameters); if(session_id_bundle.getBoolean(RESULT_KEY)) { - receiver.send(SRP_REGISTRATION_SUCCESSFUL, session_id_bundle); + receiver.send(SUCCESSFUL_SIGNUP, session_id_bundle); } else { - receiver.send(SRP_REGISTRATION_FAILED, session_id_bundle); + receiver.send(FAILED_SIGNUP, session_id_bundle); } } else if (action.equalsIgnoreCase(SRP_AUTH)) { Bundle session_id_bundle = tryToAuthenticate(parameters); if(session_id_bundle.getBoolean(RESULT_KEY)) { - receiver.send(SRP_AUTHENTICATION_SUCCESSFUL, session_id_bundle); + receiver.send(SUCCESSFUL_LOGIN, session_id_bundle); } else { - receiver.send(SRP_AUTHENTICATION_FAILED, session_id_bundle); + receiver.send(FAILED_LOGIN, session_id_bundle); } } else if (action.equalsIgnoreCase(LOG_OUT)) { if(logOut()) { - receiver.send(LOGOUT_SUCCESSFUL, Bundle.EMPTY); + receiver.send(SUCCESSFUL_LOGOUT, Bundle.EMPTY); } else { receiver.send(LOGOUT_FAILED, Bundle.EMPTY); } diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java index 3ecf5e52..862086eb 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java +++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java @@ -16,6 +16,7 @@ */ package se.leap.bitmaskclient; +import android.annotation.SuppressLint; import android.app.Activity; import android.app.AlertDialog; import android.app.DialogFragment; @@ -34,6 +35,7 @@ import android.view.MenuItem; import android.widget.ProgressBar; import android.widget.TextView; +import org.jetbrains.annotations.NotNull; import org.json.JSONException; import org.json.JSONObject; @@ -48,7 +50,7 @@ import se.leap.bitmaskclient.eip.EIP; import se.leap.bitmaskclient.eip.EipStatus; /** - * The main user facing Activity of LEAP Android, consisting of status, controls, + * The main user facing Activity of Bitmask Android, consisting of status, controls, * and access to preferences. * * @author Sean Leonard @@ -81,7 +83,7 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn public ProviderAPIResultReceiver providerAPI_result_receiver; @Override - protected void onSaveInstanceState(Bundle outState) { + protected void onSaveInstanceState(@NotNull Bundle outState) { if(provider != null) outState.putParcelable(Provider.KEY, provider); super.onSaveInstanceState(outState); @@ -99,24 +101,36 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); handleVersion(); - if(savedInstanceState != null) - provider = savedInstanceState.getParcelable(Provider.KEY); - if(provider == null && preferences.getBoolean(Constants.PROVIDER_CONFIGURED, false)) - try { - provider = new Provider(new URL(preferences.getString(Provider.MAIN_URL, ""))); - provider.define(new JSONObject(preferences.getString(Provider.KEY, ""))); - } catch (MalformedURLException e) { - e.printStackTrace(); - } catch (JSONException e) { - e.printStackTrace(); - } - + provider = getSavedProvider(savedInstanceState); if (provider == null || provider.getName().isEmpty()) startActivityForResult(new Intent(this,ConfigurationWizard.class),CONFIGURE_LEAP); else buildDashboard(getIntent().getBooleanExtra(ON_BOOT, false)); } + private Provider getSavedProvider(Bundle savedInstanceState) { + Provider provider = null; + if(savedInstanceState != null) + provider = savedInstanceState.getParcelable(Provider.KEY); + else if(preferences.getBoolean(Constants.PROVIDER_CONFIGURED, false)) + provider = getSavedProviderFromSharedPreferences(); + + return provider; + } + + private Provider getSavedProviderFromSharedPreferences() { + Provider provider = null; + try { + provider = new Provider(new URL(preferences.getString(Provider.MAIN_URL, ""))); + provider.define(new JSONObject(preferences.getString(Provider.KEY, ""))); + } catch (MalformedURLException | JSONException e) { + e.printStackTrace(); + } + + return provider; + } + + private void handleVersion() { try { int versionCode = getPackageManager().getPackageInfo(getPackageName(), 0).versionCode; @@ -140,13 +154,12 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn } } + @SuppressLint("CommitPrefEdits") @Override protected void onActivityResult(int requestCode, int resultCode, Intent data){ Log.d(TAG, "onActivityResult: requestCode = " + requestCode); if ( requestCode == CONFIGURE_LEAP || requestCode == SWITCH_PROVIDER) { - // It should be equivalent: if ( (requestCode == CONFIGURE_LEAP) || (data!= null && data.hasExtra(STOP_FIRST))) { if ( resultCode == RESULT_OK ) { - preferences.edit().putInt(Constants.PARSED_SERIAL, 0).apply(); preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); updateEipService(); @@ -205,7 +218,6 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn ButterKnife.inject(this); provider_name.setText(provider.getDomain()); - if ( provider.hasEIP()){ fragment_manager.removePreviousFragment(EipServiceFragment.TAG); @@ -412,16 +424,16 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn @Override public void onReceiveResult(int resultCode, Bundle resultData) { Log.d(TAG, "onReceiveResult"); - if(resultCode == ProviderAPI.SRP_REGISTRATION_SUCCESSFUL) { + if(resultCode == ProviderAPI.SUCCESSFUL_SIGNUP) { String username = resultData.getString(SessionDialog.USERNAME); String password = resultData.getString(SessionDialog.PASSWORD); logIn(username, password); - } else if(resultCode == ProviderAPI.SRP_REGISTRATION_FAILED) { + } else if(resultCode == ProviderAPI.FAILED_SIGNUP) { changeStatusMessage(resultCode); hideProgressBar(); signUpDialog(resultData); - } else if(resultCode == ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL) { + } else if(resultCode == ProviderAPI.SUCCESSFUL_LOGIN) { changeStatusMessage(resultCode); hideProgressBar(); @@ -431,12 +443,12 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn preferences.edit().putBoolean(Constants.AUTHED_EIP, authed_eip).apply(); downloadAuthedUserCertificate(); - } else if(resultCode == ProviderAPI.SRP_AUTHENTICATION_FAILED) { + } else if(resultCode == ProviderAPI.FAILED_LOGIN) { changeStatusMessage(resultCode); hideProgressBar(); logInDialog(resultData); - } else if(resultCode == ProviderAPI.LOGOUT_SUCCESSFUL) { + } else if(resultCode == ProviderAPI.SUCCESSFUL_LOGOUT) { changeStatusMessage(resultCode); hideProgressBar(); @@ -477,7 +489,7 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn } } }; - updateEIP.putExtra(Constants.RECEIVER_TAG, receiver); + //updateEIP.putExtra(Constants.RECEIVER_TAG, receiver); startService(updateEIP); } @@ -491,11 +503,11 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn if (resultCode == Activity.RESULT_OK){ switch(previous_result_code){ - case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: eip_fragment.status_message.setText(R.string.succesful_authentication_message); break; - case ProviderAPI.SRP_AUTHENTICATION_FAILED: eip_fragment.status_message.setText(R.string.authentication_failed_message); break; + case ProviderAPI.SUCCESSFUL_LOGIN: eip_fragment.status_message.setText(R.string.succesful_authentication_message); break; + case ProviderAPI.FAILED_LOGIN: eip_fragment.status_message.setText(R.string.authentication_failed_message); break; case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: eip_fragment.status_message.setText(R.string.authed_secured_status); break; case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eip_fragment.status_message.setText(R.string.incorrectly_downloaded_certificate_message); break; - case ProviderAPI.LOGOUT_SUCCESSFUL: eip_fragment.status_message.setText(R.string.logged_out_message); break; + case ProviderAPI.SUCCESSFUL_LOGOUT: eip_fragment.status_message.setText(R.string.logged_out_message); break; case ProviderAPI.LOGOUT_FAILED: eip_fragment.status_message.setText(R.string.log_out_failed_message); break; } @@ -504,12 +516,12 @@ public class Dashboard extends Activity implements SessionDialog.SessionDialogIn switch(previous_result_code){ - case ProviderAPI.SRP_AUTHENTICATION_SUCCESSFUL: eip_fragment.status_message.setText(R.string.succesful_authentication_message); break; - case ProviderAPI.SRP_AUTHENTICATION_FAILED: eip_fragment.status_message.setText(R.string.authentication_failed_message); break; - case ProviderAPI.SRP_REGISTRATION_FAILED: eip_fragment.status_message.setText(R.string.registration_failed_message); break; + case ProviderAPI.SUCCESSFUL_LOGIN: eip_fragment.status_message.setText(R.string.succesful_authentication_message); break; + case ProviderAPI.FAILED_LOGIN: eip_fragment.status_message.setText(R.string.authentication_failed_message); break; + case ProviderAPI.FAILED_SIGNUP: eip_fragment.status_message.setText(R.string.registration_failed_message); break; case ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE: break; case ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE: eip_fragment.status_message.setText(R.string.incorrectly_downloaded_certificate_message); break; - case ProviderAPI.LOGOUT_SUCCESSFUL: eip_fragment.status_message.setText(R.string.logged_out_message); break; + case ProviderAPI.SUCCESSFUL_LOGOUT: eip_fragment.status_message.setText(R.string.logged_out_message); break; case ProviderAPI.LOGOUT_FAILED: eip_fragment.status_message.setText(R.string.log_out_failed_message); break; } } diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index 904aa31d..acfc967b 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -139,7 +139,7 @@ public class EipServiceFragment extends Fragment implements Observer { private boolean canStartEIP() { boolean certificateExists = !Dashboard.preferences.getString(Constants.CERTIFICATE, "").isEmpty(); boolean isAllowedAnon = Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false); - return (isAllowedAnon || certificateExists) && !eip_status.isConnected(); + return (isAllowedAnon || certificateExists) && !eip_status.isConnected() && !eip_status.isConnecting(); } private boolean canLogInToStartEIP() { @@ -275,19 +275,13 @@ public class EipServiceFragment extends Fragment implements Observer { adjustSwitch(); } - protected void setStatusMessage(String status) { - if(status_message == null) - status_message = (TextView) parent_activity.findViewById(R.id.status_message); - status_message.setText(status); - } - private void hideProgressBar() { if(progress_bar != null) progress_bar.setVisibility(View.GONE); } protected class EIPReceiver extends ResultReceiver { - + protected EIPReceiver(Handler handler){ super(handler); } @@ -295,17 +289,14 @@ public class EipServiceFragment extends Fragment implements Observer { @Override protected void onReceiveResult(int resultCode, Bundle resultData) { super.onReceiveResult(resultCode, resultData); - + String request = resultData.getString(Constants.REQUEST_TAG); if (request.equals(Constants.ACTION_START_EIP)) { switch (resultCode){ case Activity.RESULT_OK: - Log.d(TAG, "Action start eip = Result OK"); - progress_bar.setVisibility(View.VISIBLE); break; case Activity.RESULT_CANCELED: - progress_bar.setVisibility(View.GONE); break; } } else if (request.equals(Constants.ACTION_STOP_EIP)) { @@ -336,13 +327,13 @@ public class EipServiceFragment extends Fragment implements Observer { status_message.setText(getString(R.string.updating_certificate_message)); if(LeapSRPSession.getToken().isEmpty() && !Dashboard.preferences.getBoolean(Constants.ALLOWED_ANON, false)) { dashboard.logInDialog(Bundle.EMPTY); - } else { + } else { Intent provider_API_command = new Intent(parent_activity, ProviderAPI.class); if(dashboard.providerAPI_result_receiver == null) { dashboard.providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); dashboard.providerAPI_result_receiver.setReceiver(dashboard); } - + provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE); provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, dashboard.providerAPI_result_receiver); parent_activity.startService(provider_API_command); @@ -352,7 +343,7 @@ public class EipServiceFragment extends Fragment implements Observer { } } } - + public static EIPReceiver getReceiver() { return mEIPReceiver; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java index 01a83d5f..12c2e015 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/Constants.java @@ -39,7 +39,6 @@ public interface Constants { public final static String CERTIFICATE = "cert"; public final static String PRIVATE_KEY = TAG + ".PRIVATE_KEY"; public final static String KEY = TAG + ".KEY"; - public final static String PARSED_SERIAL = TAG + ".PARSED_SERIAL"; public final static String RECEIVER_TAG = TAG + ".RECEIVER_TAG"; public final static String REQUEST_TAG = TAG + ".REQUEST_TAG"; public final static String START_BLOCKING_VPN_PROFILE = TAG + ".START_BLOCKING_VPN_PROFILE"; diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java index 4363dd13..0713e521 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java @@ -22,6 +22,7 @@ import android.content.Context; import android.content.Intent; import android.content.SharedPreferences; import android.os.Bundle; +import android.os.Handler; import android.os.ResultReceiver; import android.util.Log; @@ -38,7 +39,6 @@ import de.blinkt.openvpn.VpnProfile; import de.blinkt.openvpn.core.ProfileManager; import se.leap.bitmaskclient.Dashboard; import se.leap.bitmaskclient.EipServiceFragment; -import se.leap.bitmaskclient.Provider; import static se.leap.bitmaskclient.eip.Constants.ACTION_CHECK_CERT_VALIDITY; import static se.leap.bitmaskclient.eip.Constants.ACTION_IS_EIP_RUNNING; @@ -65,20 +65,19 @@ public final class EIP extends IntentService { public final static String TAG = EIP.class.getSimpleName(); public final static String SERVICE_API_PATH = "config/eip-service.json"; - public static final int DISCONNECT = 15; private static Context context; private static ResultReceiver mReceiver; private static SharedPreferences preferences; - private static JSONObject eip_definition = null; + private static JSONObject eip_definition; private static List gateways = new ArrayList(); private static ProfileManager profile_manager; - private static Gateway activeGateway = null; + private static Gateway gateway; public EIP(){ - super("LEAPEIP"); + super(TAG); } @Override @@ -117,13 +116,15 @@ public final class EIP extends IntentService { private void startEIP() { if(gateways.isEmpty()) updateEIPService(); - GatewaySelector gateway_selector = new GatewaySelector(gateways); - activeGateway = gateway_selector.select(); - if(activeGateway != null && activeGateway.getProfile() != null) { + earlyRoutes(); + + GatewaySelector gateway_selector = new GatewaySelector(gateways); + gateway = gateway_selector.select(); + if(gateway != null && gateway.getProfile() != null) { mReceiver = EipServiceFragment.getReceiver(); launchActiveGateway(); } - earlyRoutes(); + tellToReceiver(ACTION_START_EIP, Activity.RESULT_OK); } /** @@ -140,16 +141,11 @@ public final class EIP extends IntentService { Intent intent = new Intent(this,LaunchVPN.class); intent.setAction(Intent.ACTION_MAIN); intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); - intent.putExtra(LaunchVPN.EXTRA_NAME, activeGateway.getProfile().getName() ); + intent.putExtra(LaunchVPN.EXTRA_NAME, gateway.getProfile().getName()); intent.putExtra(LaunchVPN.EXTRA_HIDELOG, true); - intent.putExtra(RECEIVER_TAG, mReceiver); startActivity(intent); } - - /** - * Disconnects the EIP connection gracefully through the bound service or forcefully - * if there is no bound service. Sends a message to the requesting ResultReceiver. - */ + private void stopEIP() { EipStatus eip_status = EipStatus.getInstance(); Log.d(TAG, "stopEip(): eip is connected? " + eip_status.isConnected()); diff --git a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java index f5f27247..f1cb84d6 100644 --- a/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/release/java/se/leap/bitmaskclient/ProviderAPI.java @@ -63,12 +63,11 @@ public class ProviderAPI extends IntentService { ; final public static int - CUSTOM_PROVIDER_ADDED = 0, - SRP_AUTHENTICATION_SUCCESSFUL = 3, - SRP_AUTHENTICATION_FAILED = 4, - SRP_REGISTRATION_SUCCESSFUL = 5, - SRP_REGISTRATION_FAILED = 6, - LOGOUT_SUCCESSFUL = 7, + SUCCESSFUL_LOGIN = 3, + FAILED_LOGIN = 4, + SUCCESSFUL_SIGNUP = 5, + FAILED_SIGNUP = 6, + SUCCESSFUL_LOGOUT = 7, LOGOUT_FAILED = 8, CORRECTLY_DOWNLOADED_CERTIFICATE = 9, INCORRECTLY_DOWNLOADED_CERTIFICATE = 10, @@ -140,20 +139,20 @@ public class ProviderAPI extends IntentService { } else if (action.equalsIgnoreCase(SRP_REGISTER)) { Bundle result = tryToRegister(parameters); if(result.getBoolean(RESULT_KEY)) { - receiver.send(SRP_REGISTRATION_SUCCESSFUL, result); + receiver.send(SUCCESSFUL_SIGNUP, result); } else { - receiver.send(SRP_REGISTRATION_FAILED, result); + receiver.send(FAILED_SIGNUP, result); } } else if (action.equalsIgnoreCase(SRP_AUTH)) { Bundle result = tryToAuthenticate(parameters); if(result.getBoolean(RESULT_KEY)) { - receiver.send(SRP_AUTHENTICATION_SUCCESSFUL, result); + receiver.send(SUCCESSFUL_LOGIN, result); } else { - receiver.send(SRP_AUTHENTICATION_FAILED, result); + receiver.send(FAILED_LOGIN, result); } } else if (action.equalsIgnoreCase(LOG_OUT)) { if(logOut()) { - receiver.send(LOGOUT_SUCCESSFUL, Bundle.EMPTY); + receiver.send(SUCCESSFUL_LOGOUT, Bundle.EMPTY); } else { receiver.send(LOGOUT_FAILED, Bundle.EMPTY); } -- cgit v1.2.3 From ceb9128fcd03aba3454faa3979f45490252749b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Dec 2014 12:45:50 +0100 Subject: Starting to connect EIP means ConnectedUI --- .../java/se/leap/bitmaskclient/EipServiceFragment.java | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'app') diff --git a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java index acfc967b..1b40c94c 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipServiceFragment.java @@ -47,6 +47,7 @@ public class EipServiceFragment extends Fragment implements Observer { private static Activity parent_activity; private static EIPReceiver mEIPReceiver; private static EipStatus eip_status; + private boolean is_starting_to_connect; @Override public void onAttach(Activity activity) { @@ -178,6 +179,7 @@ public class EipServiceFragment extends Fragment implements Observer { } public void startEipFromScratch() { + is_starting_to_connect = true; progress_bar.setVisibility(View.VISIBLE); eip_switch.setVisibility(View.VISIBLE); String status = parent_activity.getString(R.string.eip_status_start_pending); @@ -230,18 +232,19 @@ public class EipServiceFragment extends Fragment implements Observer { Log.d(TAG, "handleNewState: " + eip_status.toString()); if(eip_status.wantsToDisconnect()) setDisconnectedUI(); + else if(eip_status.isConnecting() || is_starting_to_connect) + setInProgressUI(eip_status); else if (eip_status.isConnected()) setConnectedUI(); else if (eip_status.isDisconnected() && !eip_status.isConnecting()) setDisconnectedUI(); - else - setInProgressUI(eip_status); } private void setConnectedUI() { hideProgressBar(); Log.d(TAG, "setConnectedUi? " + eip_status.isConnected()); adjustSwitch(); + is_starting_to_connect = false; status_message.setText(parent_activity.getString(R.string.eip_state_connected)); } @@ -252,14 +255,14 @@ public class EipServiceFragment extends Fragment implements Observer { } private void adjustSwitch() { - if(eip_status.isConnected() || eip_status.isConnecting()) { - Log.d(TAG, "adjustSwitch, isConnected || isConnecting, is checked? " + eip_switch.isChecked()); + if(eip_status.isConnected() || eip_status.isConnecting() || is_starting_to_connect) { + Log.d(TAG, "adjustSwitch, isConnected || isConnecting, is checked"); if(!eip_switch.isChecked()) { eip_switch.setChecked(true); } } else { Log.d(TAG, "adjustSwitch, !isConnected && !isConnecting? " + eip_status.toString()); - + if(eip_switch.isChecked()) { eip_switch.setChecked(false); } @@ -272,6 +275,7 @@ public class EipServiceFragment extends Fragment implements Observer { String prefix = parent_activity.getString(localizedResId); status_message.setText(prefix + " " + logmessage); + is_starting_to_connect = false; adjustSwitch(); } -- cgit v1.2.3 From 6e8255ffde3e71b8e0c651f23f570dd1ff6f6085 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Dec 2014 15:51:02 +0100 Subject: Don't updateIcsOpenVpn each build. --- app/build.gradle | 10 ++-------- app/src/main/res/values/untranslatable.xml | 20 ++++++++++++++++++++ 2 files changed, 22 insertions(+), 8 deletions(-) (limited to 'app') diff --git a/app/build.gradle b/app/build.gradle index 5f739419..7d6d0a2c 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -164,7 +164,7 @@ task mergeUntranslatable( type: Copy, dependsOn: 'removeDuplicatedStrings') { delete ics_openvpn_untranslatable } -task updateIcsOpenVpn( type: Copy, dependsOn: 'mergeUntranslatable') { +task updateIcsOpenVpn( type: Copy, dependsOn: 'mergeUntranslatable') << { from('../ics-openvpn-stripped/main/src/') { include 'openvpn/**' include 'openssl/**' @@ -177,13 +177,7 @@ task updateIcsOpenVpn( type: Copy, dependsOn: 'mergeUntranslatable') { } task buildNative ( type: Exec ) { - commandLine 'sh', 'misc/build-native.sh', 'USE_BREAKPAD=0', '-j 8' } -preBuild.dependsOn buildNative - -//assembleRelease.dependsOn connectedCheck -afterEvaluate { - //installRelease.dependsOn connectedCheck -} +preBuild.dependsOn buildNative \ No newline at end of file diff --git a/app/src/main/res/values/untranslatable.xml b/app/src/main/res/values/untranslatable.xml index 349c94fc..82147ab5 100644 --- a/app/src/main/res/values/untranslatable.xml +++ b/app/src/main/res/values/untranslatable.xml @@ -3129,6 +3129,26 @@ + + + + + + + + + + + + + + + + + + + + -- cgit v1.2.3 From 33c5958a18599267820f73b151d8161d83f93d88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Dec 2014 16:07:29 +0100 Subject: Duplicated folder. --- app/src/ovpn3/Android.mk | 40 -- app/src/ovpn3/boostsrc/error_code.cpp | 430 --------------------- .../de/blinkt/openvpn/core/OpenVPNThreadv3.java | 275 ------------- 3 files changed, 745 deletions(-) delete mode 100644 app/src/ovpn3/Android.mk delete mode 100644 app/src/ovpn3/boostsrc/error_code.cpp delete mode 100644 app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java (limited to 'app') diff --git a/app/src/ovpn3/Android.mk b/app/src/ovpn3/Android.mk deleted file mode 100644 index 7f037ac0..00000000 --- a/app/src/ovpn3/Android.mk +++ /dev/null @@ -1,40 +0,0 @@ -LOCAL_PATH:= $(call my-dir)/ - -include $(CLEAR_VARS) - -LOCAL_LDLIBS := -lz -LOCAL_C_INCLUDES := openssl/include lzo/include openssl/crypto openssl openvpn/src/compat openvpn3/client openvpn3 boost_1_55_0 polarssl/include snappy -LOCAL_CPP_FEATURES += exceptions rtti - -#LOCAL_SHARED_LIBRARIES := libssl libcrypto -LOCAL_SHARED_LIBRARIES := polarssl-dynamic -#LOCAL_STATIC_LIBRARIES := libssl_static libcrypto_static liblzo-static -LOCAL_STATIC_LIBRARIES := liblzo-static snappy-static - -#LOCAL_CFLAGS= -DHAVE_CONFIG_H -DTARGET_ABI=\"${TARGET_ABI}\" -DUSE_OPENSSL -DOPENSSL_NO_ENGINE -LOCAL_CFLAGS= -DHAVE_CONFIG_H -DTARGET_ABI=\"${TARGET_ABI}\" -DUSE_POLARSSL -DHAVE_SNAPPY -DHAVE_LZO - -#ifneq ($(TARGET_ARCH),mips) -#LOCAL_STATIC_LIBRARIES += breakpad_client -#LOCAL_CFLAGS += -DGOOGLE_BREAKPAD=1 -#endif - -LOCAL_MODULE = ovpn3 - -LOCAL_SRC_FILES:= \ - ../openvpn3/javacli/ovpncli_wrap.cxx \ - boostsrc/error_code.cpp \ - ../openvpn3/client/ovpncli.cpp \ - - -#ifneq ($(TARGET_ARCH),mips) -#LOCAL_SRC_FILES+=src/openvpn/breakpad.cpp -#endif - - - -include $(BUILD_SHARED_LIBRARY) -#include $(BUILD_EXECUTABLE) - - - diff --git a/app/src/ovpn3/boostsrc/error_code.cpp b/app/src/ovpn3/boostsrc/error_code.cpp deleted file mode 100644 index 6772d154..00000000 --- a/app/src/ovpn3/boostsrc/error_code.cpp +++ /dev/null @@ -1,430 +0,0 @@ -// error_code support implementation file ----------------------------------// - -// Copyright Beman Dawes 2002, 2006 - -// Distributed under the Boost Software License, Version 1.0. (See accompanying -// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) - -// See library home page at http://www.boost.org/libs/system - -//----------------------------------------------------------------------------// - -#include - -// define BOOST_SYSTEM_SOURCE so that knows -// the library is being built (possibly exporting rather than importing code) -#define BOOST_SYSTEM_SOURCE - -#include -#include -#include -#include -#include -#include - -using namespace boost::system; -using namespace boost::system::errc; - -#include // for strerror/strerror_r - -# if defined( BOOST_WINDOWS_API ) -# include -# include "local_free_on_destruction.hpp" -# ifndef ERROR_INCORRECT_SIZE -# define ERROR_INCORRECT_SIZE ERROR_BAD_ARGUMENTS -# endif -# endif - -//----------------------------------------------------------------------------// - -namespace -{ -#if defined(__PGI) - using boost::system::errc::invalid_argument; -#endif - // standard error categories ---------------------------------------------// - - class generic_error_category : public error_category - { - public: - generic_error_category(){} - const char * name() const; - std::string message( int ev ) const; - }; - - class system_error_category : public error_category - { - public: - system_error_category(){} - const char * name() const; - std::string message( int ev ) const; - error_condition default_error_condition( int ev ) const; - }; - - // generic_error_category implementation ---------------------------------// - - const char * generic_error_category::name() const - { - return "generic"; - } - - std::string generic_error_category::message( int ev ) const - { - static std::string unknown_err( "Unknown error" ); - // strerror_r is preferred because it is always thread safe, - // however, we fallback to strerror in certain cases because: - // -- Windows doesn't provide strerror_r. - // -- HP and Sun do provide strerror_r on newer systems, but there is - // no way to tell if is available at runtime and in any case their - // versions of strerror are thread safe anyhow. - // -- Linux only sometimes provides strerror_r. - // -- Tru64 provides strerror_r only when compiled -pthread. - // -- VMS doesn't provide strerror_r, but on this platform, strerror is - // thread safe. - # if defined(BOOST_WINDOWS_API) || defined(__hpux) || defined(__sun)\ - || (defined(__linux) && (!defined(__USE_XOPEN2K) || defined(BOOST_SYSTEM_USE_STRERROR)))\ - || (defined(__osf__) && !defined(_REENTRANT))\ - || (defined(__INTEGRITY))\ - || (defined(__vms))\ - || (defined(__QNXNTO__)) - const char * c_str = std::strerror( ev ); - return c_str - ? std::string( c_str ) - : unknown_err; - # else // use strerror_r - char buf[64]; - char * bp = buf; - std::size_t sz = sizeof(buf); - # if defined(__CYGWIN__) || defined(__USE_GNU) - // Oddball version of strerror_r - const char * c_str = strerror_r( ev, bp, sz ); - return c_str - ? std::string( c_str ) - : unknown_err; - # else - // POSIX version of strerror_r - int result; - for (;;) - { - // strerror_r returns 0 on success, otherwise ERANGE if buffer too small, - // invalid_argument if ev not a valid error number - # if defined (__sgi) - const char * c_str = strerror( ev ); - result = 0; - return c_str - ? std::string( c_str ) - : unknown_err; - # else - result = strerror_r( ev, bp, sz ); - # endif - if (result == 0 ) - break; - else - { - # if defined(__linux) - // Linux strerror_r returns -1 on error, with error number in errno - result = errno; - # endif - if ( result != ERANGE ) break; - if ( sz > sizeof(buf) ) std::free( bp ); - sz *= 2; - if ( (bp = static_cast(std::malloc( sz ))) == 0 ) - return std::string( "ENOMEM" ); - } - } - std::string msg; - try - { - msg = ( ( result == invalid_argument ) ? "Unknown error" : bp ); - } - -# ifndef BOOST_NO_EXCEPTIONS - // See ticket #2098 - catch(...) - { - // just eat the exception - } -# endif - - if ( sz > sizeof(buf) ) std::free( bp ); - sz = 0; - return msg; - # endif // else POSIX version of strerror_r - # endif // else use strerror_r - } - // system_error_category implementation --------------------------------// - - const char * system_error_category::name() const - { - return "system"; - } - - error_condition system_error_category::default_error_condition( int ev ) const - { - switch ( ev ) - { - case 0: return make_error_condition( success ); -# if defined(BOOST_POSIX_API) - // POSIX-like O/S -> posix_errno decode table ---------------------------// - case E2BIG: return make_error_condition( argument_list_too_long ); - case EACCES: return make_error_condition( permission_denied ); - case EADDRINUSE: return make_error_condition( address_in_use ); - case EADDRNOTAVAIL: return make_error_condition( address_not_available ); - case EAFNOSUPPORT: return make_error_condition( address_family_not_supported ); - case EAGAIN: return make_error_condition( resource_unavailable_try_again ); -# if EALREADY != EBUSY // EALREADY and EBUSY are the same on QNX Neutrino - case EALREADY: return make_error_condition( connection_already_in_progress ); -# endif - case EBADF: return make_error_condition( bad_file_descriptor ); - case EBADMSG: return make_error_condition( bad_message ); - case EBUSY: return make_error_condition( device_or_resource_busy ); - case ECANCELED: return make_error_condition( operation_canceled ); - case ECHILD: return make_error_condition( no_child_process ); - case ECONNABORTED: return make_error_condition( connection_aborted ); - case ECONNREFUSED: return make_error_condition( connection_refused ); - case ECONNRESET: return make_error_condition( connection_reset ); - case EDEADLK: return make_error_condition( resource_deadlock_would_occur ); - case EDESTADDRREQ: return make_error_condition( destination_address_required ); - case EDOM: return make_error_condition( argument_out_of_domain ); - case EEXIST: return make_error_condition( file_exists ); - case EFAULT: return make_error_condition( bad_address ); - case EFBIG: return make_error_condition( file_too_large ); - case EHOSTUNREACH: return make_error_condition( host_unreachable ); - case EIDRM: return make_error_condition( identifier_removed ); - case EILSEQ: return make_error_condition( illegal_byte_sequence ); - case EINPROGRESS: return make_error_condition( operation_in_progress ); - case EINTR: return make_error_condition( interrupted ); - case EINVAL: return make_error_condition( invalid_argument ); - case EIO: return make_error_condition( io_error ); - case EISCONN: return make_error_condition( already_connected ); - case EISDIR: return make_error_condition( is_a_directory ); - case ELOOP: return make_error_condition( too_many_symbolic_link_levels ); - case EMFILE: return make_error_condition( too_many_files_open ); - case EMLINK: return make_error_condition( too_many_links ); - case EMSGSIZE: return make_error_condition( message_size ); - case ENAMETOOLONG: return make_error_condition( filename_too_long ); - case ENETDOWN: return make_error_condition( network_down ); - case ENETRESET: return make_error_condition( network_reset ); - case ENETUNREACH: return make_error_condition( network_unreachable ); - case ENFILE: return make_error_condition( too_many_files_open_in_system ); - case ENOBUFS: return make_error_condition( no_buffer_space ); - case ENODATA: return make_error_condition( no_message_available ); - case ENODEV: return make_error_condition( no_such_device ); - case ENOENT: return make_error_condition( no_such_file_or_directory ); - case ENOEXEC: return make_error_condition( executable_format_error ); - case ENOLCK: return make_error_condition( no_lock_available ); - case ENOLINK: return make_error_condition( no_link ); - case ENOMEM: return make_error_condition( not_enough_memory ); - case ENOMSG: return make_error_condition( no_message ); - case ENOPROTOOPT: return make_error_condition( no_protocol_option ); - case ENOSPC: return make_error_condition( no_space_on_device ); - case ENOSR: return make_error_condition( no_stream_resources ); - case ENOSTR: return make_error_condition( not_a_stream ); - case ENOSYS: return make_error_condition( function_not_supported ); - case ENOTCONN: return make_error_condition( not_connected ); - case ENOTDIR: return make_error_condition( not_a_directory ); - # if ENOTEMPTY != EEXIST // AIX treats ENOTEMPTY and EEXIST as the same value - case ENOTEMPTY: return make_error_condition( directory_not_empty ); - # endif // ENOTEMPTY != EEXIST - # if ENOTRECOVERABLE != ECONNRESET // the same on some Broadcom chips - case ENOTRECOVERABLE: return make_error_condition( state_not_recoverable ); - # endif // ENOTRECOVERABLE != ECONNRESET - case ENOTSOCK: return make_error_condition( not_a_socket ); - case ENOTSUP: return make_error_condition( not_supported ); - case ENOTTY: return make_error_condition( inappropriate_io_control_operation ); - case ENXIO: return make_error_condition( no_such_device_or_address ); - # if EOPNOTSUPP != ENOTSUP - case EOPNOTSUPP: return make_error_condition( operation_not_supported ); - # endif // EOPNOTSUPP != ENOTSUP - case EOVERFLOW: return make_error_condition( value_too_large ); - # if EOWNERDEAD != ECONNABORTED // the same on some Broadcom chips - case EOWNERDEAD: return make_error_condition( owner_dead ); - # endif // EOWNERDEAD != ECONNABORTED - case EPERM: return make_error_condition( operation_not_permitted ); - case EPIPE: return make_error_condition( broken_pipe ); - case EPROTO: return make_error_condition( protocol_error ); - case EPROTONOSUPPORT: return make_error_condition( protocol_not_supported ); - case EPROTOTYPE: return make_error_condition( wrong_protocol_type ); - case ERANGE: return make_error_condition( result_out_of_range ); - case EROFS: return make_error_condition( read_only_file_system ); - case ESPIPE: return make_error_condition( invalid_seek ); - case ESRCH: return make_error_condition( no_such_process ); - case ETIME: return make_error_condition( stream_timeout ); - case ETIMEDOUT: return make_error_condition( timed_out ); - case ETXTBSY: return make_error_condition( text_file_busy ); - # if EAGAIN != EWOULDBLOCK - case EWOULDBLOCK: return make_error_condition( operation_would_block ); - # endif // EAGAIN != EWOULDBLOCK - case EXDEV: return make_error_condition( cross_device_link ); - #else - // Windows system -> posix_errno decode table ---------------------------// - // see WinError.h comments for descriptions of errors - case ERROR_ACCESS_DENIED: return make_error_condition( permission_denied ); - case ERROR_ALREADY_EXISTS: return make_error_condition( file_exists ); - case ERROR_BAD_UNIT: return make_error_condition( no_such_device ); - case ERROR_BUFFER_OVERFLOW: return make_error_condition( filename_too_long ); - case ERROR_BUSY: return make_error_condition( device_or_resource_busy ); - case ERROR_BUSY_DRIVE: return make_error_condition( device_or_resource_busy ); - case ERROR_CANNOT_MAKE: return make_error_condition( permission_denied ); - case ERROR_CANTOPEN: return make_error_condition( io_error ); - case ERROR_CANTREAD: return make_error_condition( io_error ); - case ERROR_CANTWRITE: return make_error_condition( io_error ); - case ERROR_CURRENT_DIRECTORY: return make_error_condition( permission_denied ); - case ERROR_DEV_NOT_EXIST: return make_error_condition( no_such_device ); - case ERROR_DEVICE_IN_USE: return make_error_condition( device_or_resource_busy ); - case ERROR_DIR_NOT_EMPTY: return make_error_condition( directory_not_empty ); - case ERROR_DIRECTORY: return make_error_condition( invalid_argument ); // WinError.h: "The directory name is invalid" - case ERROR_DISK_FULL: return make_error_condition( no_space_on_device ); - case ERROR_FILE_EXISTS: return make_error_condition( file_exists ); - case ERROR_FILE_NOT_FOUND: return make_error_condition( no_such_file_or_directory ); - case ERROR_HANDLE_DISK_FULL: return make_error_condition( no_space_on_device ); - case ERROR_INVALID_ACCESS: return make_error_condition( permission_denied ); - case ERROR_INVALID_DRIVE: return make_error_condition( no_such_device ); - case ERROR_INVALID_FUNCTION: return make_error_condition( function_not_supported ); - case ERROR_INVALID_HANDLE: return make_error_condition( invalid_argument ); - case ERROR_INVALID_NAME: return make_error_condition( invalid_argument ); - case ERROR_LOCK_VIOLATION: return make_error_condition( no_lock_available ); - case ERROR_LOCKED: return make_error_condition( no_lock_available ); - case ERROR_NEGATIVE_SEEK: return make_error_condition( invalid_argument ); - case ERROR_NOACCESS: return make_error_condition( permission_denied ); - case ERROR_NOT_ENOUGH_MEMORY: return make_error_condition( not_enough_memory ); - case ERROR_NOT_READY: return make_error_condition( resource_unavailable_try_again ); - case ERROR_NOT_SAME_DEVICE: return make_error_condition( cross_device_link ); - case ERROR_OPEN_FAILED: return make_error_condition( io_error ); - case ERROR_OPEN_FILES: return make_error_condition( device_or_resource_busy ); - case ERROR_OPERATION_ABORTED: return make_error_condition( operation_canceled ); - case ERROR_OUTOFMEMORY: return make_error_condition( not_enough_memory ); - case ERROR_PATH_NOT_FOUND: return make_error_condition( no_such_file_or_directory ); - case ERROR_READ_FAULT: return make_error_condition( io_error ); - case ERROR_RETRY: return make_error_condition( resource_unavailable_try_again ); - case ERROR_SEEK: return make_error_condition( io_error ); - case ERROR_SHARING_VIOLATION: return make_error_condition( permission_denied ); - case ERROR_TOO_MANY_OPEN_FILES: return make_error_condition( too_many_files_open ); - case ERROR_WRITE_FAULT: return make_error_condition( io_error ); - case ERROR_WRITE_PROTECT: return make_error_condition( permission_denied ); - case WSAEACCES: return make_error_condition( permission_denied ); - case WSAEADDRINUSE: return make_error_condition( address_in_use ); - case WSAEADDRNOTAVAIL: return make_error_condition( address_not_available ); - case WSAEAFNOSUPPORT: return make_error_condition( address_family_not_supported ); - case WSAEALREADY: return make_error_condition( connection_already_in_progress ); - case WSAEBADF: return make_error_condition( bad_file_descriptor ); - case WSAECONNABORTED: return make_error_condition( connection_aborted ); - case WSAECONNREFUSED: return make_error_condition( connection_refused ); - case WSAECONNRESET: return make_error_condition( connection_reset ); - case WSAEDESTADDRREQ: return make_error_condition( destination_address_required ); - case WSAEFAULT: return make_error_condition( bad_address ); - case WSAEHOSTUNREACH: return make_error_condition( host_unreachable ); - case WSAEINPROGRESS: return make_error_condition( operation_in_progress ); - case WSAEINTR: return make_error_condition( interrupted ); - case WSAEINVAL: return make_error_condition( invalid_argument ); - case WSAEISCONN: return make_error_condition( already_connected ); - case WSAEMFILE: return make_error_condition( too_many_files_open ); - case WSAEMSGSIZE: return make_error_condition( message_size ); - case WSAENAMETOOLONG: return make_error_condition( filename_too_long ); - case WSAENETDOWN: return make_error_condition( network_down ); - case WSAENETRESET: return make_error_condition( network_reset ); - case WSAENETUNREACH: return make_error_condition( network_unreachable ); - case WSAENOBUFS: return make_error_condition( no_buffer_space ); - case WSAENOPROTOOPT: return make_error_condition( no_protocol_option ); - case WSAENOTCONN: return make_error_condition( not_connected ); - case WSAENOTSOCK: return make_error_condition( not_a_socket ); - case WSAEOPNOTSUPP: return make_error_condition( operation_not_supported ); - case WSAEPROTONOSUPPORT: return make_error_condition( protocol_not_supported ); - case WSAEPROTOTYPE: return make_error_condition( wrong_protocol_type ); - case WSAETIMEDOUT: return make_error_condition( timed_out ); - case WSAEWOULDBLOCK: return make_error_condition( operation_would_block ); - #endif - default: return error_condition( ev, system_category() ); - } - } - -# if !defined( BOOST_WINDOWS_API ) - - std::string system_error_category::message( int ev ) const - { - return generic_category().message( ev ); - } -# else - - std::string system_error_category::message( int ev ) const - { -# ifndef BOOST_NO_ANSI_APIS - LPVOID lpMsgBuf = 0; - DWORD retval = ::FormatMessageA( - FORMAT_MESSAGE_ALLOCATE_BUFFER | - FORMAT_MESSAGE_FROM_SYSTEM | - FORMAT_MESSAGE_IGNORE_INSERTS, - NULL, - ev, - MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language - (LPSTR) &lpMsgBuf, - 0, - NULL - ); - detail::local_free_on_destruction lfod(lpMsgBuf); - if (retval == 0) - return std::string("Unknown error"); - - std::string str( static_cast(lpMsgBuf) ); -# else // WinCE workaround - LPVOID lpMsgBuf = 0; - DWORD retval = ::FormatMessageW( - FORMAT_MESSAGE_ALLOCATE_BUFFER | - FORMAT_MESSAGE_FROM_SYSTEM | - FORMAT_MESSAGE_IGNORE_INSERTS, - NULL, - ev, - MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language - (LPWSTR) &lpMsgBuf, - 0, - NULL - ); - detail::local_free_on_destruction lfod(lpMsgBuf); - if (retval == 0) - return std::string("Unknown error"); - - int num_chars = (wcslen( static_cast(lpMsgBuf) ) + 1) * 2; - LPSTR narrow_buffer = (LPSTR)_alloca( num_chars ); - if (::WideCharToMultiByte(CP_ACP, 0, static_cast(lpMsgBuf), -1, narrow_buffer, num_chars, NULL, NULL) == 0) - return std::string("Unknown error"); - - std::string str( narrow_buffer ); -# endif - while ( str.size() - && (str[str.size()-1] == '\n' || str[str.size()-1] == '\r') ) - str.erase( str.size()-1 ); - if ( str.size() && str[str.size()-1] == '.' ) - { str.erase( str.size()-1 ); } - return str; - } -# endif - -} // unnamed namespace - -namespace boost -{ - namespace system - { - -# ifndef BOOST_SYSTEM_NO_DEPRECATED - BOOST_SYSTEM_DECL error_code throws; // "throw on error" special error_code; - // note that it doesn't matter if this - // isn't initialized before use since - // the only use is to take its - // address for comparison purposes -# endif - - BOOST_SYSTEM_DECL const error_category & system_category() - { - static const system_error_category system_category_const; - return system_category_const; - } - - BOOST_SYSTEM_DECL const error_category & generic_category() - { - static const generic_error_category generic_category_const; - return generic_category_const; - } - - } // namespace system -} // namespace boost diff --git a/app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java b/app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java deleted file mode 100644 index e595106c..00000000 --- a/app/src/ovpn3/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java +++ /dev/null @@ -1,275 +0,0 @@ -package de.blinkt.openvpn.core; - -import net.openvpn.ovpn3.ClientAPI_Config; -import net.openvpn.ovpn3.ClientAPI_EvalConfig; -import net.openvpn.ovpn3.ClientAPI_Event; -import net.openvpn.ovpn3.ClientAPI_ExternalPKICertRequest; -import net.openvpn.ovpn3.ClientAPI_ExternalPKISignRequest; -import net.openvpn.ovpn3.ClientAPI_LogInfo; -import net.openvpn.ovpn3.ClientAPI_OpenVPNClient; -import net.openvpn.ovpn3.ClientAPI_ProvideCreds; -import net.openvpn.ovpn3.ClientAPI_Status; -import net.openvpn.ovpn3.ClientAPI_TransportStats; - -import java.lang.Override; - -import de.blinkt.openvpn.VpnProfile; - -import android.content.Context; - -public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable, OpenVPNManagement { - - static { - /*System.loadLibrary("crypto"); - System.loadLibrary("ssl");*/ - System.loadLibrary("polarssl-dynamic"); - System.loadLibrary("ovpn3"); - } - - private VpnProfile mVp; - private OpenVPNService mService; - - class StatusPoller implements Runnable - { - private long mSleeptime; - - boolean mStopped=false; - - public StatusPoller(long sleeptime) { - mSleeptime=sleeptime; - } - - public void run() { - while(!mStopped) { - try { - Thread.sleep(mSleeptime); - } catch (InterruptedException e) { - } - ClientAPI_TransportStats t = transport_stats(); - long in = t.getBytesIn(); - long out = t.getBytesOut(); - VpnStatus.updateByteCount(in, out); - } - } - - public void stop() { - mStopped=true; - } - } - - @Override - public void run() { - String configstr = mVp.getConfigFile((Context)mService,true); - if(!setConfig(configstr)) - return; - setUserPW(); - VpnStatus.logInfo(copyright()); - - StatusPoller statuspoller = new StatusPoller(5000); - new Thread(statuspoller,"Status Poller").start(); - - ClientAPI_Status status = connect(); - if(status.getError()) { - VpnStatus.logError(String.format("connect() error: %s: %s",status.getStatus(),status.getMessage())); - } else { - VpnStatus.logInfo("OpenVPN3 thread finished"); - } - statuspoller.stop(); - } - - @Override - public boolean tun_builder_set_remote_address(String address, boolean ipv6) { - mService.setMtu(1500); - return true; - } - - @Override - public boolean tun_builder_set_mtu(int mtu) { - mService.setMtu(mtu); - return true; - } - @Override - public boolean tun_builder_add_dns_server(String address, boolean ipv6) { - mService.addDNS(address); - return true; - } - - @Override - public boolean tun_builder_add_route(String address, int prefix_length, - boolean ipv6) { - if (address.equals("remote_host")) - return false; - - if(ipv6) - mService.addRoutev6(address + "/" + prefix_length,"tun"); - else - mService.addRoute(new CIDRIP(address, prefix_length)); - return true; - } - - @Override - public boolean tun_builder_add_search_domain(String domain) { - mService.setDomain(domain); - return true; - } - - @Override - public int tun_builder_establish() { - return mService.openTun().detachFd(); - } - - @Override - public boolean tun_builder_set_session_name(String name) { - VpnStatus.logInfo("We should call this session" + name); - return true; - } - - - - @Override - public boolean tun_builder_add_address(String address, int prefix_length, - boolean ipv6) { - if(!ipv6) - mService.setLocalIP(new CIDRIP(address, prefix_length)); - else - mService.setLocalIPv6(address+ "/" + prefix_length); - return true; - } - - @Override - public boolean tun_builder_new() { - - return true; - } - - @Override - public boolean tun_builder_reroute_gw(String server_address, - boolean server_address_ipv6, boolean ipv4, boolean ipv6, long flags) { - // ignore - return true; - } - - @Override - public boolean tun_builder_exclude_route(String address, int prefix_length, - boolean ipv6) { - //ignore - return true; - } - - - private boolean setConfig(String vpnconfig) { - - ClientAPI_Config config = new ClientAPI_Config(); - if(mVp.getPasswordPrivateKey()!=null) - config.setPrivateKeyPassword(mVp.getPasswordPrivateKey()); - - config.setContent(vpnconfig); - config.setTunPersist(mVp.mPersistTun); - config.setGuiVersion(mVp.getVersionEnvString(mService)); - config.setExternalPkiAlias("extpki"); - - ClientAPI_EvalConfig ec = eval_config(config); - if(ec.getExternalPki()) { - VpnStatus.logError("OpenVPN seem to think as external PKI"); - } - if (ec.getError()) { - VpnStatus.logError("OpenVPN config file parse error: " + ec.getMessage()); - return false; - } else { - config.setContent(vpnconfig); - return true; - } - } - - @Override - public void external_pki_cert_request(ClientAPI_ExternalPKICertRequest certreq) { - VpnStatus.logError("EXT PKI CERT"); - String[] ks = mVp.getKeyStoreCertificates((Context) mService); - if(ks==null) { - certreq.setError(true); - certreq.setErrorText("Error in pki cert request"); - return; - } - - String supcerts = ks[0]; - /* FIXME: How to differentiate between chain and ca certs in OpenVPN 3? */ - if (ks[1]!=null) - supcerts += "\n" + ks[1]; - certreq.setSupportingChain(supcerts); - certreq.setCert(ks[2]); - certreq.setError(false); - } - - @Override - public void external_pki_sign_request(ClientAPI_ExternalPKISignRequest signreq) { - signreq.setSig(mVp.getSignedData(signreq.getData())); - } - - void setUserPW() { - if(mVp.isUserPWAuth()) { - ClientAPI_ProvideCreds creds = new ClientAPI_ProvideCreds(); - creds.setCachePassword(true); - creds.setPassword(mVp.getPasswordAuth()); - creds.setUsername(mVp.mUsername); - provide_creds(creds); - } - } - - @Override - public boolean socket_protect(int socket) { - boolean b= mService.protect(socket); - return b; - - } - - public OpenVPNThreadv3(OpenVPNService openVpnService, VpnProfile vp) { - init_process(); - mVp =vp; - mService =openVpnService; - } - - @Override - public void pause(pauseReason pauseReason) - { - pause(); - } - - @Override - public void log(ClientAPI_LogInfo arg0) { - String logmsg =arg0.getText(); - while (logmsg.endsWith("\n")) - logmsg = logmsg.substring(0, logmsg.length()-1); - - VpnStatus.logInfo(logmsg); - } - - @Override - public void event(ClientAPI_Event event) { - VpnStatus.updateStateString(event.getName(), event.getInfo()); - if(event.getError()) - VpnStatus.logError(String.format("EVENT(Error): %s: %s",event.getName(),event.getInfo())); - } - - - // When a connection is close to timeout, the core will call this - // method. If it returns false, the core will disconnect with a - // CONNECTION_TIMEOUT event. If true, the core will enter a PAUSE - // state. - - @Override - public boolean pause_on_connection_timeout() { - VpnStatus.logInfo("pause on connection timeout?! "); - return true; - } - - public boolean stopVPN() { - stop(); - return true; - } - - @Override - public void reconnect() { - reconnect(1); - } - -} -- cgit v1.2.3