This commit was manufactured by cvs2svn to create tag 'rsaref'.

yesterday.

.cvsignore

@@ -1 +0,0 @@
-Makefile.ssl

CHANGES

@@ -1,833 +0,0 @@
-
- OpenSSL CHANGES
- _______________
-
-
- Changes between 0.9.1c and 0.9.2b
-
-  *) Make SSL_get_peer_cert_chain() work in servers. Unfortunately, it still
-     doesn't work when the session is reused. Coming soon!
-     [Ben Laurie]
-
-  *) Fix a security hole, that allows sessions to be reused in the wrong
-     context thus bypassing client cert protection! All software that uses
-     client certs and session caches in multiple contexts NEEDS PATCHING to
-     allow session reuse! A fuller solution is in the works.
-     [Ben Laurie, problem pointed out by Holger Reif, Bodo Moeller (and ???)]
-
-  *) Some more source tree cleanups (removed obsolete files
-     crypto/bf/asm/bf586.pl, test/test.txt and crypto/sha/asm/f.s; changed
-     permission on "config" script to be executable) and a fix for the INSTALL
-     document.
-     [Ulf Moeller <ulf@fitug.de>]
-
-  *) Remove some legacy and erroneous uses of malloc, free instead of
-     Malloc, Free.
-     [Lennart Bang <lob@netstream.se>, with minor changes by Steve]
-
-  *) Make rsa_oaep_test return non-zero on error.
-     [Ulf Moeller <ulf@fitug.de>]
-
-  *) Add support for native Solaris shared libraries. Configure
-     solaris-sparc-sc4-pic, make, then run shlib/solaris-sc4.sh. It'd be nice
-     if someone would make that last step automatic.
-     [Matthias Loepfe <Matthias.Loepfe@AdNovum.CH>]
-
-  *) ctx_size was not built with the right compiler during "make links". Fixed.
-     [Ben Laurie]
-
-  *) Change the meaning of 'ALL' in the cipher list. It now means "everything
-     except NULL ciphers". This means the default cipher list will no longer
-     enable NULL ciphers. They need to be specifically enabled e.g. with
-     the string "DEFAULT:eNULL".
-     [Steve Henson]
-
-  *) Fix to RSA private encryption routines: if p < q then it would
-     occasionally produce an invalid result. This will only happen with
-     externally generated keys because OpenSSL (and SSLeay) ensure p > q.
-     [Steve Henson]
-
-  *) Be less restrictive and allow also `perl util/perlpath.pl
-     /path/to/bin/perl' in addition to `perl util/perlpath.pl /path/to/bin',
-     because this way one can also use an interpreter named `perl5' (which is
-     usually the name of Perl 5.xxx on platforms where an Perl 4.x is still
-     installed as `perl').
-     [Matthias Loepfe <Matthias.Loepfe@adnovum.ch>]
-
-  *) Let util/clean-depend.pl work also with older Perl 5.00x versions.
-     [Matthias Loepfe <Matthias.Loepfe@adnovum.ch>]
-
-  *) Fix Makefile.org so CC,CFLAG etc are passed to 'make links' add
-     advapi32.lib to Win32 build and change the pem test comparision
-     to fc.exe (thanks to Ulrich Kroener <kroneru@yahoo.com> for the
-     suggestion). Fix misplaced ASNI prototypes and declarations in evp.h
-     and crypto/des/ede_cbcm_enc.c.
-     [Steve Henson]
-
-  *) DES quad checksum was broken on big-endian architectures. Fixed.
-     [Ben Laurie]
-
-  *) Comment out two functions in bio.h that aren't implemented. Fix up the
-     Win32 test batch file so it (might) work again. The Win32 test batch file
-     is horrible: I feel ill....
-     [Steve Henson]
-
-  *) Move various #ifdefs around so NO_SYSLOG, NO_DIRENT etc are now selected
-     in e_os.h. Audit of header files to check ANSI and non ANSI
-     sections: 10 functions were absent from non ANSI section and not exported
-     from Windows DLLs. Fixed up libeay.num for new functions.
-     [Steve Henson]
-
-  *) Make `openssl version' output lines consistent.
-     [Ralf S. Engelschall]
-
-  *) Fix Win32 symbol export lists for BIO functions: Added
-     BIO_get_ex_new_index, BIO_get_ex_num, BIO_get_ex_data and BIO_set_ex_data
-     to ms/libeay{16,32}.def.
-     [Ralf S. Engelschall]
-
-  *) Second round of fixing the OpenSSL perl/ stuff. It now at least compiled
-     fine under Unix and passes some trivial tests I've now added. But the
-     whole stuff is horribly incomplete, so a README.1ST with a disclaimer was
-     added to make sure no one expects that this stuff really works in the
-     OpenSSL 0.9.2 release.  Additionally I've started to clean the XS sources
-     up and fixed a few little bugs and inconsistencies in OpenSSL.{pm,xs} and
-     openssl_bio.xs.
-     [Ralf S. Engelschall]
-
-  *) Fix the generation of two part addresses in perl.
-     [Kenji Miyake <kenji@miyake.org>, integrated by Ben Laurie]
-
-  *) Add config entry for Linux on MIPS.
-     [John Tobey <jtobey@channel1.com>]
-
-  *) Make links whenever Configure is run, unless we are on Windoze.
-     [Ben Laurie]
-
-  *) Permit extensions to be added to CRLs using crl_section in openssl.cnf.
-     Currently only issuerAltName and AuthorityKeyIdentifier make any sense
-     in CRLs.
-     [Steve Henson]
-
-  *) Add a useful kludge to allow package maintainers to specify compiler and
-     other platforms details on the command line without having to patch the
-     Configure script everytime: One now can use ``perl Configure
-     <id>:<details>'', i.e. platform ids are allowed to have details appended
-     to them (seperated by colons). This is treated as there would be a static
-     pre-configured entry in Configure's %table under key <id> with value
-     <details> and ``perl Configure <id>'' is called.  So, when you want to
-     perform a quick test-compile under FreeBSD 3.1 with pgcc and without
-     assembler stuff you can use ``perl Configure "FreeBSD-elf:pgcc:-O6:::"''
-     now, which overrides the FreeBSD-elf entry on-the-fly.
-     [Ralf S. Engelschall]
-
-  *) Disable new TLS1 ciphersuites by default: they aren't official yet.
-     [Ben Laurie]
-
-  *) Allow DSO flags like -fpic, -fPIC, -KPIC etc. to be specified
-     on the `perl Configure ...' command line. This way one can compile
-     OpenSSL libraries with Position Independent Code (PIC) which is needed
-     for linking it into DSOs.
-     [Ralf S. Engelschall]
-
-  *) Remarkably, export ciphers were totally broken and no-one had noticed!
-     Fixed.
-     [Ben Laurie]
-
-  *) Cleaned up the LICENSE document: The official contact for any license
-     questions now is the OpenSSL core team under openssl-core@openssl.org.
-     And add a paragraph about the dual-license situation to make sure people
-     recognize that _BOTH_ the OpenSSL license _AND_ the SSLeay license apply
-     to the OpenSSL toolkit.
-     [Ralf S. Engelschall]
-
-  *) General source tree makefile cleanups: Made `making xxx in yyy...'
-     display consistent in the source tree and replaced `/bin/rm' by `rm'.
-     Additonally cleaned up the `make links' target: Remove unnecessary
-     semicolons, subsequent redundant removes, inline point.sh into mklink.sh
-     to speed processing and no longer clutter the display with confusing
-     stuff. Instead only the actually done links are displayed.
-     [Ralf S. Engelschall]
-
-  *) Permit null encryption ciphersuites, used for authentication only. It used
-     to be necessary to set the preprocessor define SSL_ALLOW_ENULL to do this.
-     It is now necessary to set SSL_FORBID_ENULL to prevent the use of null
-     encryption.
-     [Ben Laurie]
-
-  *) Add a bunch of fixes to the PKCS#7 stuff. It used to sometimes reorder
-     signed attributes when verifying signatures (this would break them), 
-     the detached data encoding was wrong and public keys obtained using
-     X509_get_pubkey() weren't freed.
-     [Steve Henson]
-
-  *) Add text documentation for the BUFFER functions. Also added a work around
-     to a Win95 console bug. This was triggered by the password read stuff: the
-     last character typed gets carried over to the next fread(). If you were 
-     generating a new cert request using 'req' for example then the last
-     character of the passphrase would be CR which would then enter the first
-     field as blank.
-     [Steve Henson]
-
-  *) Added the new `Includes OpenSSL Cryptography Software' button as
-     doc/openssl_button.{gif,html} which is similar in style to the old SSLeay
-     button and can be used by applications based on OpenSSL to show the
-     relationship to the OpenSSL project.  
-     [Ralf S. Engelschall]
-
-  *) Remove confusing variables in function signatures in files
-     ssl/ssl_lib.c and ssl/ssl.h.
-     [Lennart Bong <lob@kulthea.stacken.kth.se>]
-
-  *) Don't install bss_file.c under PREFIX/include/
-     [Lennart Bong <lob@kulthea.stacken.kth.se>]
-
-  *) Get the Win32 compile working again. Modify mkdef.pl so it can handle
-     functions that return function pointers and has support for NT specific
-     stuff. Fix mk1mf.pl and VC-32.pl to support NT differences also. Various
-     #ifdef WIN32 and WINNTs sprinkled about the place and some changes from
-     unsigned to signed types: this was killing the Win32 compile.
-     [Steve Henson]
-
-  *) Add new certificate file to stack functions,
-     SSL_add_dir_cert_subjects_to_stack() and
-     SSL_add_file_cert_subjects_to_stack().  These largely supplant
-     SSL_load_client_CA_file(), and can be used to add multiple certs easily
-     to a stack (usually this is then handed to SSL_CTX_set_client_CA_list()).
-     This means that Apache-SSL and similar packages don't have to mess around
-     to add as many CAs as they want to the preferred list.
-     [Ben Laurie]
-
-  *) Experiment with doxygen documentation. Currently only partially applied to
-     ssl/ssl_lib.c.
-     See http://www.stack.nl/~dimitri/doxygen/index.html, and run doxygen with
-     openssl.doxy as the configuration file.
-     [Ben Laurie]
-  
-  *) Get rid of remaining C++-style comments which strict C compilers hate.
-     [Ralf S. Engelschall, pointed out by Carlos Amengual]
-
-  *) Changed BN_RECURSION in bn_mont.c to BN_RECURSION_MONT so it is not
-     compiled in by default: it has problems with large keys.
-     [Steve Henson]
-
-  *) Add a bunch of SSL_xxx() functions for configuring the temporary RSA and
-     DH private keys and/or callback functions which directly correspond to
-     their SSL_CTX_xxx() counterparts but work on a per-connection basis. This
-     is needed for applications which have to configure certificates on a
-     per-connection basis (e.g. Apache+mod_ssl) instead of a per-context basis
-     (e.g. s_server). 
-        For the RSA certificate situation is makes no difference, but
-     for the DSA certificate situation this fixes the "no shared cipher"
-     problem where the OpenSSL cipher selection procedure failed because the
-     temporary keys were not overtaken from the context and the API provided
-     no way to reconfigure them. 
-        The new functions now let applications reconfigure the stuff and they
-     are in detail: SSL_need_tmp_RSA, SSL_set_tmp_rsa, SSL_set_tmp_dh,
-     SSL_set_tmp_rsa_callback and SSL_set_tmp_dh_callback.  Additionally a new
-     non-public-API function ssl_cert_instantiate() is used as a helper
-     function and also to reduce code redundancy inside ssl_rsa.c.
-     [Ralf S. Engelschall]
-
-  *) Move s_server -dcert and -dkey options out of the undocumented feature
-     area because they are useful for the DSA situation and should be
-     recognized by the users.
-     [Ralf S. Engelschall]
-
-  *) Fix the cipher decision scheme for export ciphers: the export bits are
-     *not* within SSL_MKEY_MASK or SSL_AUTH_MASK, they are within
-     SSL_EXP_MASK.  So, the original variable has to be used instead of the
-     already masked variable.
-     [Richard Levitte <levitte@stacken.kth.se>]
-
-  *) Fix 'port' variable from `int' to `unsigned int' in crypto/bio/b_sock.c
-     [Richard Levitte <levitte@stacken.kth.se>]
-
-  *) Change type of another md_len variable in pk7_doit.c:PKCS7_dataFinal()
-     from `int' to `unsigned int' because it's a length and initialized by
-     EVP_DigestFinal() which expects an `unsigned int *'.
-     [Richard Levitte <levitte@stacken.kth.se>]
-
-  *) Don't hard-code path to Perl interpreter on shebang line of Configure
-     script. Instead use the usual Shell->Perl transition trick.
-     [Ralf S. Engelschall]
-
-  *) Make `openssl x509 -noout -modulus' functional also for DSA certificates
-     (in addition to RSA certificates) to match the behaviour of `openssl dsa
-     -noout -modulus' as it's already the case for `openssl rsa -noout
-     -modulus'.  For RSA the -modulus is the real "modulus" while for DSA
-     currently the public key is printed (a decision which was already done by
-     `openssl dsa -modulus' in the past) which serves a similar purpose.
-     Additionally the NO_RSA no longer completely removes the whole -modulus
-     option; it now only avoids using the RSA stuff. Same applies to NO_DSA
-     now, too.
-     [Ralf S.  Engelschall]
-
-  *) Add Arne Ansper's reliable BIO - this is an encrypted, block-digested
-     BIO. See the source (crypto/evp/bio_ok.c) for more info.
-     [Arne Ansper <arne@ats.cyber.ee>]
-
-  *) Dump the old yucky req code that tried (and failed) to allow raw OIDs
-     to be added. Now both 'req' and 'ca' can use new objects defined in the
-     config file.
-     [Steve Henson]
-
-  *) Add cool BIO that does syslog (or event log on NT).
-     [Arne Ansper <arne@ats.cyber.ee>, integrated by Ben Laurie]
-
-  *) Add support for new TLS ciphersuites, TLS_RSA_EXPORT56_WITH_RC4_56_MD5,
-     TLS_RSA_EXPORT56_WITH_RC2_CBC_56_MD5 and
-     TLS_RSA_EXPORT56_WITH_DES_CBC_SHA, as specified in "56-bit Export Cipher
-     Suites For TLS", draft-ietf-tls-56-bit-ciphersuites-00.txt.
-     [Ben Laurie]
-
-  *) Add preliminary config info for new extension code.
-     [Steve Henson]
-
-  *) Make RSA_NO_PADDING really use no padding.
-     [Ulf Moeller <ulf@fitug.de>]
-
-  *) Generate errors when private/public key check is done.
-     [Ben Laurie]
-
-  *) Overhaul for 'crl' utility. New function X509_CRL_print. Partial support
-     for some CRL extensions and new objects added.
-     [Steve Henson]
-
-  *) Really fix the ASN1 IMPLICIT bug this time... Partial support for private
-     key usage extension and fuller support for authority key id.
-     [Steve Henson]
-
-  *) Add OAEP encryption for the OpenSSL crypto library. OAEP is the improved
-     padding method for RSA, which is recommended for new applications in PKCS
-     #1 v2.0 (RFC 2437, October 1998).
-     OAEP (Optimal Asymmetric Encryption Padding) has better theoretical
-     foundations than the ad-hoc padding used in PKCS #1 v1.5. It is secure
-     against Bleichbacher's attack on RSA.
-     [Ulf Moeller <ulf@fitug.de>, reformatted, corrected and integrated by
-      Ben Laurie]
-
-  *) Updates to the new SSL compression code
-     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
-  *) Fix so that the version number in the master secret, when passed
-     via RSA, checks that if TLS was proposed, but we roll back to SSLv3
-     (because the server will not accept higher), that the version number
-     is 0x03,0x01, not 0x03,0x00
-     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
-  *) Run extensive memory leak checks on SSL apps. Fixed *lots* of memory
-     leaks in ssl/ relating to new X509_get_pubkey() behaviour. Also fixes
-     in apps/ and an unrelated leak in crypto/dsa/dsa_vrf.c
-     [Steve Henson]
-
-  *) Support for RAW extensions where an arbitrary extension can be
-     created by including its DER encoding. See apps/openssl.cnf for
-     an example.
-     [Steve Henson]
-
-  *) Make sure latest Perl versions don't interpret some generated C array
-     code as Perl array code in the crypto/err/err_genc.pl script.
-     [Lars Weber <3weber@informatik.uni-hamburg.de>]
-
-  *) Modify ms/do_ms.bat to not generate assembly language makefiles since
-     not many people have the assembler. Various Win32 compilation fixes and
-     update to the INSTALL.W32 file with (hopefully) more accurate Win32
-     build instructions.
-     [Steve Henson]
-
-  *) Modify configure script 'Configure' to automatically create crypto/date.h
-     file under Win32 and also build pem.h from pem.org. New script
-     util/mkfiles.pl to create the MINFO file on environments that can't do a
-     'make files': perl util/mkfiles.pl >MINFO should work.
-     [Steve Henson]
-
-  *) Major rework of DES function declarations, in the pursuit of correctness
-     and purity. As a result, many evil casts evaporated, and some weirdness,
-     too. You may find this causes warnings in your code. Zapping your evil
-     casts will probably fix them. Mostly.
-     [Ben Laurie]
-
-  *) Fix for a typo in asn1.h. Bug fix to object creation script
-     obj_dat.pl. It considered a zero in an object definition to mean
-     "end of object": none of the objects in objects.h have any zeros
-     so it wasn't spotted.
-     [Steve Henson, reported by Erwann ABALEA <eabalea@certplus.com>]
-
-  *) Add support for Triple DES Cipher Block Chaining with Output Feedback
-     Masking (CBCM). In the absence of test vectors, the best I have been able
-     to do is check that the decrypt undoes the encrypt, so far. Send me test
-     vectors if you have them.
-     [Ben Laurie]
-
-  *) Correct calculation of key length for export ciphers (too much space was
-     allocated for null ciphers). This has not been tested!
-     [Ben Laurie]
-
-  *) Modifications to the mkdef.pl for Win32 DEF file creation. The usage
-     message is now correct (it understands "crypto" and "ssl" on its
-     command line). There is also now an "update" option. This will update
-     the util/ssleay.num and util/libeay.num files with any new functions.
-     If you do a: 
-     perl util/mkdef.pl crypto ssl update
-     it will update them.
-     [Steve Henson]
-
-  *) Overhauled the Perl interface (perl/*):
-     - ported BN stuff to OpenSSL's different BN library
-     - made the perl/ source tree CVS-aware
-     - renamed the package from SSLeay to OpenSSL (the files still contain
-       their history because I've copied them in the repository)
-     - removed obsolete files (the test scripts will be replaced
-       by better Test::Harness variants in the future)
-     [Ralf S. Engelschall]
-
-  *) First cut for a very conservative source tree cleanup:
-     1. merge various obsolete readme texts into doc/ssleay.txt
-     where we collect the old documents and readme texts.
-     2. remove the first part of files where I'm already sure that we no
-     longer need them because of three reasons: either they are just temporary
-     files which were left by Eric or they are preserved original files where
-     I've verified that the diff is also available in the CVS via "cvs diff
-     -rSSLeay_0_8_1b" or they were renamed (as it was definitely the case for
-     the crypto/md/ stuff).
-     [Ralf S. Engelschall]
-
-  *) More extension code. Incomplete support for subject and issuer alt
-     name, issuer and authority key id. Change the i2v function parameters
-     and add an extra 'crl' parameter in the X509V3_CTX structure: guess
-     what that's for :-) Fix to ASN1 macro which messed up
-     IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED.
-     [Steve Henson]
-
-  *) Preliminary support for ENUMERATED type. This is largely copied from the
-     INTEGER code.
-     [Steve Henson]
-
-  *) Add new function, EVP_MD_CTX_copy() to replace frequent use of memcpy.
-     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
-  *) Make sure `make rehash' target really finds the `openssl' program.
-     [Ralf S. Engelschall, Matthias Loepfe <Matthias.Loepfe@adnovum.ch>]
-
-  *) Squeeze another 7% of speed out of MD5 assembler, at least on a P2. I'd
-     like to hear about it if this slows down other processors.
-     [Ben Laurie]
-
-  *) Add CygWin32 platform information to Configure script.
-     [Alan Batie <batie@aahz.jf.intel.com>]
-
-  *) Fixed ms/32all.bat script: `no_asm' -> `no-asm'
-     [Rainer W. Gerling <gerling@mpg-gv.mpg.de>]
-  
-  *) New program nseq to manipulate netscape certificate sequences
-     [Steve Henson]
-
-  *) Modify crl2pkcs7 so it supports multiple -certfile arguments. Fix a
-     few typos.
-     [Steve Henson]
-
-  *) Fixes to BN code.  Previously the default was to define BN_RECURSION
-     but the BN code had some problems that would cause failures when
-     doing certificate verification and some other functions.
-     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
-
-  *) Add ASN1 and PEM code to support netscape certificate sequences.
-     [Steve Henson]
-
-  *) Add ASN1 and PEM code to support netscape certificate sequences.
-     [Steve Henson]
-
-  *) Add several PKIX and private extended key usage OIDs.
-     [Steve Henson]
-
-  *) Modify the 'ca' program to handle the new extension code. Modify
-     openssl.cnf for new extension format, add comments.
-     [Steve Henson]
-
-  *) More X509 V3 changes. Fix typo in v3_bitstr.c. Add support to 'req'
-     and add a sample to openssl.cnf so req -x509 now adds appropriate
-     CA extensions.
-     [Steve Henson]
-
-  *) Continued X509 V3 changes. Add to other makefiles, integrate with the
-     error code, add initial support to X509_print() and x509 application.
-     [Steve Henson]
-
-  *) Takes a deep breath and start addding X509 V3 extension support code. Add
-     files in crypto/x509v3. Move original stuff to crypto/x509v3/old. All this
-     stuff is currently isolated and isn't even compiled yet.
-     [Steve Henson]
-
-  *) Continuing patches for GeneralizedTime. Fix up certificate and CRL
-     ASN1 to use ASN1_TIME and modify print routines to use ASN1_TIME_print.
-     Removed the versions check from X509 routines when loading extensions:
-     this allows certain broken certificates that don't set the version
-     properly to be processed.
-     [Steve Henson]
-
-  *) Deal with irritating shit to do with dependencies, in YAAHW (Yet Another
-     Ad Hoc Way) - Makefile.ssls now all contain local dependencies, which
-     can still be regenerated with "make depend".
-     [Ben Laurie]
-
-  *) Spelling mistake in C version of CAST-128.
-     [Ben Laurie, reported by Jeremy Hylton <jeremy@cnri.reston.va.us>]
-
-  *) Changes to the error generation code. The perl script err-code.pl 
-     now reads in the old error codes and retains the old numbers, only
-     adding new ones if necessary. It also only changes the .err files if new
-     codes are added. The makefiles have been modified to only insert errors
-     when needed (to avoid needlessly modifying header files). This is done
-     by only inserting errors if the .err file is newer than the auto generated
-     C file. To rebuild all the error codes from scratch (the old behaviour)
-     either modify crypto/Makefile.ssl to pass the -regen flag to err_code.pl
-     or delete all the .err files.
-     [Steve Henson]
-
-  *) CAST-128 was incorrectly implemented for short keys. The C version has
-     been fixed, but is untested. The assembler versions are also fixed, but
-     new assembler HAS NOT BEEN GENERATED FOR WIN32 - the Makefile needs fixing
-     to regenerate it if needed.
-     [Ben Laurie, reported (with fix for C version) by Jun-ichiro itojun
-      Hagino <itojun@kame.net>]
-
-  *) File was opened incorrectly in randfile.c.
-     [Ulf Möller <ulf@fitug.de>]
-
-  *) Beginning of support for GeneralizedTime. d2i, i2d, check and print
-     functions. Also ASN1_TIME suite which is a CHOICE of UTCTime or
-     GeneralizedTime. ASN1_TIME is the proper type used in certificates et
-     al: it's just almost always a UTCTime. Note this patch adds new error
-     codes so do a "make errors" if there are problems.
-     [Steve Henson]
-
-  *) Correct Linux 1 recognition in config.
-     [Ulf Möller <ulf@fitug.de>]
-
-  *) Remove pointless MD5 hash when using DSA keys in ca.
-     [Anonymous <nobody@replay.com>]
-
-  *) Generate an error if given an empty string as a cert directory. Also
-     generate an error if handed NULL (previously returned 0 to indicate an
-     error, but didn't set one).
-     [Ben Laurie, reported by Anonymous <nobody@replay.com>]
-
-  *) Add prototypes to SSL methods. Make SSL_write's buffer const, at last.
-     [Ben Laurie]
-
-  *) Fix the dummy function BN_ref_mod_exp() in rsaref.c to have the correct
-     parameters. This was causing a warning which killed off the Win32 compile.
-     [Steve Henson]
-
-  *) Remove C++ style comments from crypto/bn/bn_local.h.
-     [Neil Costigan <neil.costigan@celocom.com>]
-
-  *) The function OBJ_txt2nid was broken. It was supposed to return a nid
-     based on a text string, looking up short and long names and finally
-     "dot" format. The "dot" format stuff didn't work. Added new function
-     OBJ_txt2obj to do the same but return an ASN1_OBJECT and rewrote 
-     OBJ_txt2nid to use it. OBJ_txt2obj can also return objects even if the
-     OID is not part of the table.
-     [Steve Henson]
-
-  *) Add prototypes to X509 lookup/verify methods, fixing a bug in
-     X509_LOOKUP_by_alias().
-     [Ben Laurie]
-
-  *) Sort openssl functions by name.
-     [Ben Laurie]
-
-  *) Get the gendsa program working (hopefully) and add it to app list. Remove
-     encryption from sample DSA keys (in case anyone is interested the password
-     was "1234").
-     [Steve Henson]
-
-  *) Make _all_ *_free functions accept a NULL pointer.
-     [Frans Heymans <fheymans@isaserver.be>]
-
-  *) If a DH key is generated in s3_srvr.c, don't blow it by trying to use
-     NULL pointers.
-     [Anonymous <nobody@replay.com>]
-
-  *) s_server should send the CAfile as acceptable CAs, not its own cert.
-     [Bodo Moeller <3moeller@informatik.uni-hamburg.de>]
-
-  *) Don't blow it for numeric -newkey arguments to apps/req.
-     [Bodo Moeller <3moeller@informatik.uni-hamburg.de>]
-
-  *) Temp key "for export" tests were wrong in s3_srvr.c.
-     [Anonymous <nobody@replay.com>]
-
-  *) Add prototype for temp key callback functions
-     SSL_CTX_set_tmp_{rsa,dh}_callback().
-     [Ben Laurie]
-
-  *) Make DH_free() tolerate being passed a NULL pointer (like RSA_free() and
-     DSA_free()). Make X509_PUBKEY_set() check for errors in d2i_PublicKey().
-     [Steve Henson]
-
-  *) X509_name_add_entry() freed the wrong thing after an error.
-     [Arne Ansper <arne@ats.cyber.ee>]
-
-  *) rsa_eay.c would attempt to free a NULL context.
-     [Arne Ansper <arne@ats.cyber.ee>]
-
-  *) BIO_s_socket() had a broken should_retry() on Windoze.
-     [Arne Ansper <arne@ats.cyber.ee>]
-
-  *) BIO_f_buffer() didn't pass on BIO_CTRL_FLUSH.
-     [Arne Ansper <arne@ats.cyber.ee>]
-
-  *) Make sure the already existing X509_STORE->depth variable is initialized
-     in X509_STORE_new(), but document the fact that this variable is still
-     unused in the certificate verification process.
-     [Ralf S. Engelschall]
-
-  *) Fix the various library and apps files to free up pkeys obtained from
-     X509_PUBKEY_get() et al. Also allow x509.c to handle netscape extensions.
-     [Steve Henson]
-
-  *) Fix reference counting in X509_PUBKEY_get(). This makes
-     demos/maurice/example2.c work, amongst others, probably.
-     [Steve Henson and Ben Laurie]
-
-  *) First cut of a cleanup for apps/. First the `ssleay' program is now named
-     `openssl' and second, the shortcut symlinks for the `openssl <command>'
-     are no longer created. This way we have a single and consistent command
-     line interface `openssl <command>', similar to `cvs <command>'.
-     [Ralf S. Engelschall, Paul Sutton and Ben Laurie]
-
-  *) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey
-     BIT STRING wrapper always have zero unused bits.
-     [Steve Henson]
-
-  *) Add CA.pl, perl version of CA.sh, add extended key usage OID.
-     [Steve Henson]
-
-  *) Make the top-level INSTALL documentation easier to understand.
-     [Paul Sutton]
-
-  *) Makefiles updated to exit if an error occurs in a sub-directory
-     make (including if user presses ^C) [Paul Sutton]
-
-  *) Make Montgomery context stuff explicit in RSA data structure.
-     [Ben Laurie]
-
-  *) Fix build order of pem and err to allow for generated pem.h.
-     [Ben Laurie]
-
-  *) Fix renumbering bug in X509_NAME_delete_entry().
-     [Ben Laurie]
-
-  *) Enhanced the err-ins.pl script so it makes the error library number 
-     global and can add a library name. This is needed for external ASN1 and
-     other error libraries.
-     [Steve Henson]
-
-  *) Fixed sk_insert which never worked properly.
-     [Steve Henson]
-
-  *) Fix ASN1 macros so they can handle indefinite length construted 
-     EXPLICIT tags. Some non standard certificates use these: they can now
-     be read in.
-     [Steve Henson]
-
-  *) Merged the various old/obsolete SSLeay documentation files (doc/xxx.doc)
-     into a single doc/ssleay.txt bundle. This way the information is still
-     preserved but no longer messes up this directory. Now it's new room for
-     the new set of documenation files.
-     [Ralf S. Engelschall]
-
-  *) SETs were incorrectly DER encoded. This was a major pain, because they
-     shared code with SEQUENCEs, which aren't coded the same. This means that
-     almost everything to do with SETs or SEQUENCEs has either changed name or
-     number of arguments.
-     [Ben Laurie, based on a partial fix by GP Jayan <gp@nsj.co.jp>]
-
-  *) Fix test data to work with the above.
-     [Ben Laurie]
-
-  *) Fix the RSA header declarations that hid a bug I fixed in 0.9.0b but
-     was already fixed by Eric for 0.9.1 it seems.
-     [Ben Laurie - pointed out by Ulf Möller <ulf@fitug.de>]
-
-  *) Autodetect FreeBSD3.
-     [Ben Laurie]
-
-  *) Fix various bugs in Configure. This affects the following platforms:
-     nextstep
-     ncr-scde
-     unixware-2.0
-     unixware-2.0-pentium
-     sco5-cc.
-     [Ben Laurie]
-
-  *) Eliminate generated files from CVS. Reorder tests to regenerate files
-     before they are needed.
-     [Ben Laurie]
-
-  *) Generate Makefile.ssl from Makefile.org (to keep CVS happy).
-     [Ben Laurie]
-
- Changes between 0.9.1b and 0.9.1c
-
-  *) Added OPENSSL_VERSION_NUMBER to crypto/crypto.h and 
-     changed SSLeay to OpenSSL in version strings.
-     [Ralf S. Engelschall]
-  
-  *) Some fixups to the top-level documents.
-     [Paul Sutton]
-
-  *) Fixed the nasty bug where rsaref.h was not found under compile-time
-     because the symlink to include/ was missing.
-     [Ralf S. Engelschall]
-
-  *) Incorporated the popular no-RSA/DSA-only patches 
-     which allow to compile a RSA-free SSLeay.
-     [Andrew Cooke / Interrader Ldt., Ralf S. Engelschall]
-
-  *) Fixed nasty rehash problem under `make -f Makefile.ssl links'
-     when "ssleay" is still not found.
-     [Ralf S. Engelschall]
-
-  *) Added more platforms to Configure: Cray T3E, HPUX 11, 
-     [Ralf S. Engelschall, Beckmann <beckman@acl.lanl.gov>]
-
-  *) Updated the README file.
-     [Ralf S. Engelschall]
-
-  *) Added various .cvsignore files in the CVS repository subdirs
-     to make a "cvs update" really silent.
-     [Ralf S. Engelschall]
-
-  *) Recompiled the error-definition header files and added
-     missing symbols to the Win32 linker tables.
-     [Ralf S. Engelschall]
-
-  *) Cleaned up the top-level documents;
-     o new files: CHANGES and LICENSE
-     o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay 
-     o merged COPYRIGHT into LICENSE
-     o removed obsolete TODO file
-     o renamed MICROSOFT to INSTALL.W32
-     [Ralf S. Engelschall]
-
-  *) Removed dummy files from the 0.9.1b source tree: 
-     crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
-     crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
-     crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
-     crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
-     util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
-     [Ralf S. Engelschall]
-
-  *) Added various platform portability fixes.
-     [Mark J. Cox]
-
-  *) The Genesis of the OpenSSL rpject:
-     We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
-     Young and Tim J. Hudson created while they were working for C2Net until
-     summer 1998.
-     [The OpenSSL Project]
- 
- Changes between 0.9.0b and 0.9.1b
-
-  *) Updated a few CA certificates under certs/
-     [Eric A. Young]
-
-  *) Changed some BIGNUM api stuff.
-     [Eric A. Young]
-
-  *) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD, 
-     DGUX x86, Linux Alpha, etc.
-     [Eric A. Young]
-
-  *) New COMP library [crypto/comp/] for SSL Record Layer Compression: 
-     RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
-     available).
-     [Eric A. Young]
-
-  *) Add -strparse option to asn1pars program which parses nested 
-     binary structures 
-     [Dr Stephen Henson <shenson@bigfoot.com>]
-
-  *) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
-     [Eric A. Young]
-
-  *) DSA fix for "ca" program.
-     [Eric A. Young]
-
-  *) Added "-genkey" option to "dsaparam" program.
-     [Eric A. Young]
-
-  *) Added RIPE MD160 (rmd160) message digest.
-     [Eric A. Young]
-
-  *) Added -a (all) option to "ssleay version" command.
-     [Eric A. Young]
-
-  *) Added PLATFORM define which is the id given to Configure.
-     [Eric A. Young]
-
-  *) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
-     [Eric A. Young]
-
-  *) Extended the ASN.1 parser routines.
-     [Eric A. Young]
-
-  *) Extended BIO routines to support REUSEADDR, seek, tell, etc.
-     [Eric A. Young]
-
-  *) Added a BN_CTX to the BN library.
-     [Eric A. Young]
-
-  *) Fixed the weak key values in DES library
-     [Eric A. Young]
-
-  *) Changed API in EVP library for cipher aliases.
-     [Eric A. Young]
-
-  *) Added support for RC2/64bit cipher.
-     [Eric A. Young]
-
-  *) Converted the lhash library to the crypto/mem.c functions.
-     [Eric A. Young]
-
-  *) Added more recognized ASN.1 object ids.
-     [Eric A. Young]
-
-  *) Added more RSA padding checks for SSL/TLS.
-     [Eric A. Young]
-
-  *) Added BIO proxy/filter functionality.
-     [Eric A. Young]
-
-  *) Added extra_certs to SSL_CTX which can be used
-     send extra CA certificates to the client in the CA cert chain sending
-     process. It can be configured with SSL_CTX_add_extra_chain_cert().
-     [Eric A. Young]
-
-  *) Now Fortezza is denied in the authentication phase because
-     this is key exchange mechanism is not supported by SSLeay at all.
-     [Eric A. Young]
-
-  *) Additional PKCS1 checks.
-     [Eric A. Young]
-
-  *) Support the string "TLSv1" for all TLS v1 ciphers.
-     [Eric A. Young]
-
-  *) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
-     ex_data index of the SSL context in the X509_STORE_CTX ex_data.
-     [Eric A. Young]
-
-  *) Fixed a few memory leaks.
-     [Eric A. Young]
-
-  *) Fixed various code and comment typos.
-     [Eric A. Young]
-
-  *) A minor bug in ssl/s3_clnt.c where there would always be 4 0 
-     bytes sent in the client random.
-     [Edward Bishop <ebishop@spyglass.com>]
-

CHANGES.SSLeay

@@ -1,968 +0,0 @@
-This file contains the changes for the SSLeay library up to version
-0.9.0b. For later changes, see the file "CHANGES".
-
-  SSLeay CHANGES
-  ______________
-
-Changes between 0.8.x and 0.9.0b
-
-10-Apr-1998
-
-I said the next version would go out at easter, and so it shall.
-I expect a 0.9.1 will follow with portability fixes in the next few weeks.
-
-This is a quick, meet the deadline.  Look to ssl-users for comments on what
-is new etc.
-
-eric (about to go bushwalking for the 4 day easter break :-)
-
-16-Mar-98
-    - Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
-    - Lots and lots of changes
-
-29-Jan-98
-    - ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
-      Goetz Babin-Ebell <babinebell@trustcenter.de>.
-    - SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
-      TLS1_VERSION.
-
-7-Jan-98
-    - Finally reworked the cipher string to ciphers again, so it
-      works correctly
-    - All the app_data stuff is now ex_data with funcion calls to access.
-      The index is supplied by a function and 'methods' can be setup
-      for the types that are called on XXX_new/XXX_free.  This lets
-      applications get notified on creation and destruction.  Some of
-      the RSA methods could be implemented this way and I may do so.
-    - Oh yes, SSL under perl5 is working at the basic level.
-
-15-Dec-97
-    - Warning - the gethostbyname cache is not fully thread safe,
-      but it should work well enough.
-    - Major internal reworking of the app_data stuff.  More functions
-      but if you were accessing ->app_data directly, things will
-      stop working.
-    - The perlv5 stuff is working.  Currently on message digests,
-      ciphers and the bignum library.
-
-9-Dec-97
-    - Modified re-negotiation so that server initated re-neg
-      will cause a SSL_read() to return -1 should retry.
-      The danger otherwise was that the server and the
-      client could end up both trying to read when using non-blocking
-      sockets.
-
-4-Dec-97
-    - Lots of small changes
-    - Fix for binaray mode in Windows for the FILE BIO, thanks to
-      Bob Denny <rdenny@dc3.com>
-
-17-Nov-97
-    - Quite a few internal cleanups, (removal of errno, and using macros
-      defined in e_os.h).
-    - A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
-      the automactic naming out output files was being stuffed up.
-
-29-Oct-97
-    - The Cast5 cipher has been added.  MD5 and SHA-1 are now in assember
-      for x86.
-
-21-Oct-97
-    - Fixed a bug in the BIO_gethostbyname() cache.
-
-15-Oct-97
-    - cbc mode for blowfish/des/3des is now in assember.  Blowfish asm
-      has also been improved.  At this point in time, on the pentium,
-      md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
-      des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
-      is %62 faster.
-
-12-Oct-97
-    - MEM_BUF_grow() has been fixed so that it always sets the buf->length
-      to the value we are 'growing' to.  Think of MEM_BUF_grow() as the
-      way to set the length value correctly.
-
-10-Oct-97
-    - I now hash for certificate lookup on the raw DER encoded RDN (md5).
-      This breaks things again :-(.  This is efficent since I cache
-      the DER encoding of the RDN.
-    - The text DN now puts in the numeric OID instead of UNKNOWN.
-    - req can now process arbitary OIDs in the config file.
-    - I've been implementing md5 in x86 asm, much faster :-).
-    - Started sha1 in x86 asm, needs more work.
-    - Quite a few speedups in the BN stuff.  RSA public operation
-      has been made faster by caching the BN_MONT_CTX structure.
-      The calulating of the Ai where A*Ai === 1 mod m was rather
-      expensive.  Basically a 40-50% speedup on public operations.
-      The RSA speedup is now 15% on pentiums and %20 on pentium
-      pro.
-
-30-Sep-97
-    - After doing some profiling, I added x86 adm for bn_add_words(),
-      which just adds 2 arrays of longs together.  A %10 speedup
-      for 512 and 1024 bit RSA on the pentium pro.
-
-29-Sep-97
-    - Converted the x86 bignum assembler to us the perl scripts
-      for generation.
-
-23-Sep-97
-    - If SSL_set_session() is passed a NULL session, it now clears the
-      current session-id.
-
-22-Sep-97
-    - Added a '-ss_cert file' to apps/ca.c.  This will sign selfsigned
-      certificates.
-    - Bug in crypto/evp/encode.c where by decoding of 65 base64
-      encoded lines, one line at a time (via a memory BIO) would report
-      EOF after the first line was decoded.
-    - Fix in X509_find_by_issuer_and_serial() from
-      Dr Stephen Henson <shenson@bigfoot.com>
-
-19-Sep-97
-    - NO_FP_API and NO_STDIO added.
-    - Put in sh config command.  It auto runs Configure with the correct
-      parameters.
-
-18-Sep-97
-    - Fix x509.c so if a DSA cert has different parameters to its parent,
-      they are left in place.  Not tested yet.
-
-16-Sep-97
-    - ssl_create_cipher_list() had some bugs, fixes from
-      Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
-    - Fixed a bug in the Base64 BIO, where it would return 1 instead
-      of -1 when end of input was encountered but should retry.
-      Basically a Base64/Memory BIO interaction problem.
-    - Added a HMAC set of functions in preporarion for TLS work.
-
-15-Sep-97
-    - Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
-    - Prime generation spead up %25 (512 bit prime, pentium pro linux)
-      by using montgomery multiplication in the prime number test.
-
-11-Sep-97
-    - Ugly bug in ssl3_write_bytes().  Basically if application land
-      does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
-      did not check the size and tried to copy the entire buffer.
-      This would tend to cause memory overwrites since SSLv3 has
-      a maximum packet size of 16k.  If your program uses
-      buffers <= 16k, you would probably never see this problem.
-    - Fixed a new errors that were cause by malloc() not returning
-      0 initialised memory..
-    - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
-      SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
-      since this flags stops SSLeay being able to handle client
-      cert requests correctly.
-
-08-Sep-97
-    - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added.  When switched
-      on, the SSL server routines will not use a SSL_SESSION that is
-      held in it's cache.  This in intended to be used with the session-id
-      callbacks so that while the session-ids are still stored in the
-      cache, the decision to use them and how to look them up can be
-      done by the callbacks.  The are the 'new', 'get' and 'remove'
-      callbacks.  This can be used to determine the session-id
-      to use depending on information like which port/host the connection
-      is coming from.  Since the are also SSL_SESSION_set_app_data() and
-      SSL_SESSION_get_app_data() functions, the application can hold
-      information against the session-id as well.
-
-03-Sep-97
-    - Added lookup of CRLs to the by_dir method,
-      X509_load_crl_file() also added.  Basically it means you can
-      lookup CRLs via the same system used to lookup certificates.
-    - Changed things so that the X509_NAME structure can contain
-      ASN.1 BIT_STRINGS which is required for the unique
-      identifier OID.
-    - Fixed some problems with the auto flushing of the session-id
-      cache.  It was not occuring on the server side.
-
-02-Sep-97
-    - Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
-      which is the maximum number of entries allowed in the
-      session-id cache.  This is enforced with a simple FIFO list.
-      The default size is 20*1024 entries which is rather large :-).
-      The Timeout code is still always operating.
-
-01-Sep-97
-    - Added an argument to all the 'generate private key/prime`
-      callbacks.  It is the last parameter so this should not
-      break existing code but it is needed for C++.
-    - Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
-      BIO.  This lets the BIO read and write base64 encoded data
-      without inserting or looking for '\n' characters.  The '-A'
-      flag turns this on when using apps/enc.c.
-    - RSA_NO_PADDING added to help BSAFE functionality.  This is a
-      very dangerous thing to use, since RSA private key
-      operations without random padding bytes (as PKCS#1 adds) can
-      be attacked such that the private key can be revealed.
-    - ASN.1 bug and rc2-40-cbc and rc4-40 added by
-      Dr Stephen Henson <shenson@bigfoot.com>
-
-31-Aug-97 (stuff added while I was away)    
-    - Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
-    - RSA_flags() added allowing bypass of pub/priv match check
-      in ssl/ssl_rsa.c - Tim Hudson.
-    - A few minor bugs.
-
-SSLeay 0.8.1 released.
-
-19-Jul-97
-    - Server side initated dynamic renegotiation is broken.  I will fix
-      it when I get back from holidays.
-
-15-Jul-97
-    - Quite a few small changes.
-    - INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
-
-09-Jul-97
-    - Added 2 new values to the SSL info callback.
-      SSL_CB_START which is passed when the SSL protocol is started
-      and SSL_CB_DONE when it has finished sucsessfully.
-
-08-Jul-97
-    - Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
-      that related to DSA public/private keys.
-    - Added all the relevent PEM and normal IO functions to support
-      reading and writing RSAPublic keys.
-    - Changed makefiles to use ${AR} instead of 'ar r'
-
-07-Jul-97
-    - Error in ERR_remove_state() that would leave a dangling reference
-      to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
-    - s_client now prints the X509_NAMEs passed from the server
-      when requesting a client cert.
-    - Added a ssl->type, which is one of SSL_ST_CONNECT or
-      SSL_ST_ACCEPT.  I had to add it so I could tell if I was
-      a connect or an accept after the handshake had finished.
-    - SSL_get_client_CA_list(SSL *s) now returns the CA names
-      passed by the server if called by a client side SSL.
-
-05-Jul-97
-    - Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
-      0, not -1 :-(  Fix from Tim Hudson (tjh@cryptsoft.com).
-
-04-Jul-97
-    - Fixed some things in X509_NAME_add_entry(), thanks to
-      Matthew Donald <matthew@world.net>.
-    - I had a look at the cipher section and though that it was a
-      bit confused, so I've changed it.
-    - I was not setting up the RC4-64-MD5 cipher correctly.  It is
-      a MS special that appears in exported MS Money.
-    - Error in all my DH ciphers.  Section 7.6.7.3 of the SSLv3
-      spec.  I was missing the two byte length header for the
-      ClientDiffieHellmanPublic value.  This is a packet sent from
-      the client to the server.  The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
-      option will enable SSLeay server side SSLv3 accept either
-      the correct or my 080 packet format.
-    - Fixed a few typos in crypto/pem.org.
-
-02-Jul-97
-    - Alias mapping for EVP_get_(digest|cipher)byname is now
-      performed before a lookup for actual cipher.  This means
-      that an alias can be used to 're-direct' a cipher or a
-      digest.
-    - ASN1_read_bio() had a bug that only showed up when using a
-      memory BIO.  When EOF is reached in the memory BIO, it is
-      reported as a -1 with BIO_should_retry() set to true.
-
-01-Jul-97
-    - Fixed an error in X509_verify_cert() caused by my
-      miss-understanding how 'do { contine } while(0);' works.
-      Thanks to Emil Sit <sit@mit.edu> for educating me :-)
-
-30-Jun-97
-    - Base64 decoding error.  If the last data line did not end with
-      a '=', sometimes extra data would be returned.
-    - Another 'cut and paste' bug in x509.c related to setting up the
-      STDout BIO.
-
-27-Jun-97
-    - apps/ciphers.c was not printing due to an editing error.
-    - Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
-      a library build error in util/mk1mf.pl
-
-26-Jun-97
-    - Still did not have the auto 'experimental' code removal
-      script correct.
-    - A few header tweaks for Watcom 11.0 under Win32 from
-      Rolf Lindemann <Lindemann@maz-hh.de>
-    - 0 length OCTET_STRING bug in asn1_parse
-    - A minor fix with an non-existent function in the MS .def files.
-    - A few changes to the PKCS7 stuff.
-
-25-Jun-97
-    SSLeay 0.8.0 finally it gets released.
-
-24-Jun-97
-    Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
-    use a temporary RSA key.  This is experimental and needs some more work.
-    Fixed a few Win16 build problems.
-
-23-Jun-97
-    SSLv3 bug. I was not doing the 'lookup' of the CERT structure
-    correctly. I was taking the SSL->ctx->default_cert when I should
-    have been using SSL->cert. The bug was in ssl/s3_srvr.c
-
-20-Jun-97
-    X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
-    rest of the library. Even though I had the code required to do
-    it correctly, apps/req.c was doing the wrong thing.  I have fixed
-    and tested everything.
-
-    Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
-
-19-Jun-97
-    Fixed a bug in the SSLv2 server side first packet handling. When
-    using the non-blocking test BIO, the ssl->s2->first_packet flag
-    was being reset when a would-block failure occurred when reading
-    the first 5 bytes of the first packet. This caused the checking
-    logic to run at the wrong time and cause an error.
-
-    Fixed a problem with specifying cipher. If RC4-MD5 were used,
-    only the SSLv3 version would be picked up.  Now this will pick
-    up both SSLv2 and SSLv3 versions. This required changing the
-    SSL_CIPHER->mask values so that they only mask the ciphers,
-    digests, authentication, export type and key-exchange algorithms.
-
-    I found that when a SSLv23 session is established, a reused
-    session, of type SSLv3 was attempting to write the SSLv2 
-    ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char 
-    method has been modified so it will only write out cipher which
-    that method knows about.  
-
-
- Changes between 0.8.0 and 0.8.1
-
-  *) Mostly bug fixes. 
-     There is an Ephemeral DH cipher problem which is fixed.
-
- SSLeay 0.8.0
-
-This version of SSLeay has quite a lot of things different from the
-previous version.
-
-Basically check all callback parameters, I will be producing documentation
-about how to use things in th future.  Currently I'm just getting 080 out
-the door.  Please not that there are several ways to do everything, and
-most of the applications in the apps directory are hybrids, some using old
-methods and some using new methods.
-
-Have a look in demos/bio for some very simple programs and
-apps/s_client.c and apps/s_server.c for some more advanced versions.
-Notes are definitly needed but they are a week or so away.
-
-Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
----
-Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
-get those people that want to move to using the new code base off to
-a quick start.
-
-Note that Eric has tidied up a lot of the areas of the API that were
-less than desirable and renamed quite a few things (as he had to break
-the API in lots of places anyrate). There are a whole pile of additional
-functions for making dealing with (and creating) certificates a lot
-cleaner.
-
-01-Jul-97
-Tim Hudson
-tjh@cryptsoft.com
-
----8<---
-
-To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
-use something like the following (assuming you #include "crypto.h" which
-is something that you really should be doing).
-
-#if SSLEAY_VERSION_NUMBER >= 0x0800
-#define SSLEAY8
-#endif
-
-buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
-            too if you are working with BIO internal stuff (as distinct
-        from simply using the interface in an opaque manner)
-
-#include "bio.h"    - required along with "buffer.h" if you write
-              your own BIO routines as the buffer and bio
-              stuff that was intermixed has been separated
-              out 
-            
-envelope.h -> evp.h  (which should have been done ages ago)
-
-Initialisation ... don't forget these or you end up with code that
-is missing the bits required to do useful things (like ciphers):
-
-SSLeay_add_ssl_algorithms()
-(probably also want SSL_load_error_strings() too but you should have
- already had that call in place)
-
-SSL_CTX_new()   - requires an extra method parameter
-              SSL_CTX_new(SSLv23_method()) 
-              SSL_CTX_new(SSLv2_method()) 
-              SSL_CTX_new(SSLv3_method()) 
-
-          OR to only have the server or the client code
-              SSL_CTX_new(SSLv23_server_method()) 
-              SSL_CTX_new(SSLv2_server_method()) 
-              SSL_CTX_new(SSLv3_server_method()) 
-          or  
-              SSL_CTX_new(SSLv23_client_method()) 
-              SSL_CTX_new(SSLv2_client_method()) 
-              SSL_CTX_new(SSLv3_client_method()) 
-
-SSL_set_default_verify_paths() ... renamed to the more appropriate
-SSL_CTX_set_default_verify_paths()
-
-If you want to use client certificates then you have to add in a bit
-of extra stuff in that a SSLv3 server sends a list of those CAs that
-it will accept certificates from ... so you have to provide a list to
-SSLeay otherwise certain browsers will not send client certs.
-
-SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
-
-
-X509_NAME_oneline(X)    -> X509_NAME_oneline(X,NULL,0)  
-               or provide a buffer and size to copy the
-               result into
-
-X509_add_cert ->  X509_STORE_add_cert (and you might want to read the
-          notes on X509_NAME structure changes too)
-
-
-VERIFICATION CODE
-=================
-
-The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
-more accurately reflect things.
-
-The verification callback args are now packaged differently so that
-extra fields for verification can be added easily in future without
-having to break things by adding extra parameters each release :-)
-
-X509_cert_verify_error_string -> X509_verify_cert_error_string
-
-
-BIO INTERNALS
-=============
-
-Eric has fixed things so that extra flags can be introduced in
-the BIO layer in future without having to play with all the BIO
-modules by adding in some macros.
-
-The ugly stuff using 
-    b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
-becomes
-    BIO_clear_retry_flags(b)
-
-    b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
-becomes
-    BIO_set_retry_read(b)
-
-Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
-
-
-
-OTHER THINGS
-============
-
-X509_NAME has been altered so that it isn't just a STACK ... the STACK
-is now in the "entries" field ... and there are a pile of nice functions
-for getting at the details in a much cleaner manner.
-
-SSL_CTX has been altered ... "cert" is no longer a direct member of this
-structure ... things are now down under "cert_store" (see x509_vfy.h) and
-things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
-If your code "knows" about this level of detail then it will need some 
-surgery.
-
-If you depending on the incorrect spelling of a number of the error codes
-then you will have to change your code as these have been fixed.
-
-ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
-has been all along so this makes things clearer.
-ify_cert_error_string(ctx->error));
-
-SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
-            and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO
-
-
-
- Changes between 0.7.x and 0.8.0
-  
-  *) There have been lots of changes, mostly the addition of SSLv3.
-     There have been many additions from people and amongst
-     others, C2Net has assisted greatly.
- 
- Changes between 0.7.x and 0.7.x
-
-  *) Internal development version only
-
-SSLeay 0.6.6 13-Jan-1997
-
-The main additions are
-
-- assember for x86 DES improvments.
-  From 191,000 per second on a pentium 100, I now get 281,000.  The inner
-  loop and the IP/FP modifications are from
-  Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  Many thanks for his
-  contribution.
-- The 'DES macros' introduced in 0.6.5 now have 3 types.
-  DES_PTR1, DES_PTR2 and 'normal'.  As per before, des_opts reports which
-  is best and there is a summery of mine in crypto/des/options.txt
-- A few bug fixes.
-- Added blowfish.  It is not used by SSL but all the other stuff that
-  deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
-  There are 3 options for optimising Blowfish.  BF_PTR, BF_PTR2 and 'normal'.
-  BF_PTR2 is pentium/x86 specific.  The correct option is setup in
-  the 'Configure' script.
-- There is now a 'get client certificate' callback which can be
-  'non-blocking'.  If more details are required, let me know.  It will
-  documented more in SSLv3 when I finish it.
-- Bug fixes from 0.6.5 including the infamous 'ca' bug.  The 'make test'
-  now tests the ca program.
-- Lots of little things modified and tweaked.
-
- SSLeay 0.6.5
-
-After quite some time (3 months), the new release.  I have been very busy
-for the last few months and so this is mostly bug fixes and improvments.
-
-The main additions are
-
-- assember for x86 DES.  For all those gcc based systems, this is a big
-  improvement.  From 117,000 DES operation a second on a pentium 100,
-  I now get 191,000.  I have also reworked the C version so it
-  now gives 148,000 DESs per second.  
-- As mentioned above, the inner DES macros now have some more variant that
-  sometimes help, sometimes hinder performance.  There are now 3 options
-  DES_PTR (ptr vs array lookup), DES_UNROLL (full vs partial loop unrolling)
-  and DES_RISC (a more register intensive version of the inner macro).
-  The crypto/des/des_opts.c program, when compiled and run, will give
-  an indication of the correct options to use.
-- The BIO stuff has been improved.  Read doc/bio.doc.  There are now
-  modules for encryption and base64 encoding and a BIO_printf() function.
-- The CA program will accept simple one line X509v3 extensions in the
-  ssleay.cnf file.  Have a look at the example.  Currently this just
-  puts the text into the certificate as an OCTET_STRING so currently
-  the more advanced X509v3 data types are not handled but this is enough
-  for the netscape extensions.
-- There is the start of a nicer higher level interface to the X509
-  strucutre.
-- Quite a lot of bug fixes.
-- CRYPTO_malloc_init()  (or CRYPTO_set_mem_functions()) can be used
-  to define the malloc(), free() and realloc() routines to use
-  (look in crypto/crypto.h).  This is mostly needed for Windows NT/95 when
-  using DLLs and mixing CRT libraries.
-
-In general, read the 'VERSION' file for changes and be aware that some of
-the new stuff may not have been tested quite enough yet, so don't just plonk
-in SSLeay 0.6.5 when 0.6.4 used to work and expect nothing to break.
-
-SSLeay 0.6.4 30/08/96 eay
-
-I've just finished some test builds on Windows NT, Windows 3.1, Solaris 2.3,
-Solaris 2.5, Linux, IRIX, HPUX 10 and everthing seems to work :-).
-
-The main changes in this release
-
-- Thread safe.  have a read of doc/threads.doc and play in the mt directory.
-  For anyone using 0.6.3 with threads, I found 2 major errors so consider
-  moving to 0.6.4.  I have a test program that builds under NT and
-  solaris.
-- The get session-id callback has changed.  Have a read of doc/callback.doc.
-- The X509_cert_verify callback (the SSL_verify callback) now
-  has another argument.  Have a read of doc/callback.doc
-- 'ca -preserve', sign without re-ordering the DN.  Not tested much.
-- VMS support.
-- Compile time memory leak detection can now be built into SSLeay.
-  Read doc/memory.doc
-- CONF routines now understand '\', '\n', '\r' etc.  What this means is that
-  the  SPKAC object mentioned in doc/ns-ca.doc can be on multiple lines.
-- 'ssleay ciphers' added, lists the default cipher list for SSLeay.
-- RC2 key setup is now compatable with Netscape.
-- Modifed server side of SSL implementation, big performance difference when
-      using session-id reuse.
-
-0.6.3
-
-Bug fixes and the addition of some nice stuff to the 'ca' program.
-Have a read of doc/ns-ca.doc for how hit has been modified so
-it can be driven from a CGI script.  The CGI script is not provided,
-but that is just being left as an excersize for the reader :-).
-
-0.6.2
-
-This is most bug fixes and functionality improvements.
-
-Additions are
-- More thread debugging patches, the thread stuff is still being
-  tested, but for those keep to play with stuff, have a look in
-  crypto/cryptlib.c.  The application needs to define 1 (or optionaly
-  a second) callback that is used to implement locking.  Compiling
-  with LOCK_DEBUG spits out lots of locking crud :-).
-  This is what I'm currently working on.
-- SSL_CTX_set_default_passwd_cb() can be used to define the callback
-  function used in the SSL*_file() functions used to load keys.  I was
-  always of the opinion that people should call
-  PEM_read_RSAPrivateKey() and pass the callback they want to use, but
-  it appears they just want to use the SSL_*_file() function() :-(.
-- 'enc' now has a -kfile so a key can be read from a file.  This is
-  mostly used so that the passwd does not appear when using 'ps',
-  which appears imposible to stop under solaris.
-- X509v3 certificates now work correctly.  I even have more examples
-  in my tests :-).  There is now a X509_EXTENSION type that is used in
-  X509v3 certificates and CRLv2.
-- Fixed that signature type error :-(
-- Fixed quite a few potential memory leaks and problems when reusing
-  X509, CRL and REQ structures.
-- EVP_set_pw_prompt() now sets the library wide default password
-  prompt.
-- The 'pkcs7' command will now, given the -print_certs flag, output in
-  pem format, all certificates and CRL contained within.  This is more
-  of a pre-emtive thing for the new verisign distribution method.  I
-  should also note, that this also gives and example in code, of how
-  to do this :-), or for that matter, what is involved in going the
-  other way (list of certs and crl -> pkcs7).
-- Added RSA's DESX to the DES library.  It is also available via the
-  EVP_desx_cbc() method and via 'enc desx'. 
-
-SSLeay 0.6.1
-
-The main functional changes since 0.6.0 are as follows
-- Bad news, the Microsoft 060 DLL's are not compatable, but the good news is
-  that from now on, I'll keep the .def numbers the same so they will be.
-- RSA private key operations are about 2 times faster that 0.6.0
-- The SSL_CTX now has more fields so default values can be put against
-  it.  When an SSL structure is created, these default values are used
-  but can be overwritten.  There are defaults for cipher, certificate,
-  private key, verify mode and callback.  This means SSL session
-  creation can now be
-  ssl=SSL_new()
-  SSL_set_fd(ssl,sock);
-  SSL_accept(ssl)
-  ....
-  All the other uglyness with having to keep a global copy of the
-  private key and certificate/verify mode in the server is now gone.
-- ssl/ssltest.c - one process talking SSL to its self for testing.
-- Storage of Session-id's can be controled via a session_cache_mode
-  flag.  There is also now an automatic default flushing of 
-  old session-id's.
-- The X509_cert_verify() function now has another parameter, this
-  should not effect most people but it now means that the reason for
-  the failure to verify is now available via SSL_get_verify_result(ssl).
-  You don't have to use a global variable.
-- SSL_get_app_data() and SSL_set_app_data() can be used to keep some
-  application data against the SSL structure.  It is upto the application
-  to free the data.  I don't use it, but it is available.
-- SSL_CTX_set_cert_verify_callback() can be used to specify a
-  verify callback function that completly replaces my certificate
-  verification code.  Xcert should be able to use this :-).
-  The callback is of the form int app_verify_callback(arg,ssl,cert).
-  This needs to be documented more.
-- I have started playing with shared library builds, have a look in
-  the shlib directory.  It is very simple.  If you need a numbered
-  list of functions, have a look at misc/crypto.num and misc/ssl.num.
-- There is some stuff to do locking to make the library thread safe.
-  I have only started this stuff and have not finished.  If anyone is
-  keen to do so, please send me the patches when finished.
-
-So I have finally made most of the additions to the SSL interface that
-I thought were needed.
-
-There will probably be a pause before I make any non-bug/documentation
-related changes to SSLeay since I'm feeling like a bit of a break.
-
-eric - 12 Jul 1996
-I saw recently a comment by some-one that we now seem to be entering
-the age of perpetual Beta software.
-Pioneered by packages like linux but refined to an art form by
-netscape.
-
-I too wish to join this trend with the anouncement of SSLeay 0.6.0 :-).
-
-There are quite a large number of sections that are 'works in
-progress' in this package.  I will also list the major changes and
-what files you should read.
-
-BIO - this is the new IO structure being used everywhere in SSLeay.  I
-started out developing this because of microsoft, I wanted a mechanism
-to callback to the application for all IO, so Windows 3.1 DLL
-perversion could be hidden from me and the 15 different ways to write
-to a file under NT would also not be dictated by me at library build
-time.  What the 'package' is is an API for a data structure containing
-functions.  IO interfaces can be written to conform to the
-specification.  This in not intended to hide the underlying data type
-from the application, but to hide it from SSLeay :-).
-I have only really finished testing the FILE * and socket/fd modules.
-There are also 'filter' BIO's.  Currently I have only implemented
-message digests, and it is in use in the dgst application.  This
-functionality will allow base64/encrypto/buffering modules to be
-'push' into a BIO without it affecting the semantics.  I'm also
-working on an SSL BIO which will hide the SSL_accept()/SLL_connet()
-from an event loop which uses the interface.
-It is also possible to 'attach' callbacks to a BIO so they get called
-before and after each operation, alowing extensive debug output
-to be generated (try running dgst with -d).
-
-Unfortunaly in the conversion from 0.5.x to 0.6.0, quite a few
-functions that used to take FILE *, now take BIO *.
-The wrappers are easy to write
-
-function_fp(fp,x)
-FILE *fp;
-    {
-    BIO *b;
-    int ret;
-
-    if ((b=BIO_new(BIO_s_file())) == NULL) error.....
-    BIO_set_fp(b,fp,BIO_NOCLOSE);
-    ret=function_bio(b,x);
-    BIO_free(b);
-    return(ret);
-    }
-Remember, there are no functions that take FILE * in SSLeay when
-compiled for Windows 3.1 DLL's.
-
---
-I have added a general EVP_PKEY type that can hold a public/private
-key.  This is now what is used by the EVP_ functions and is passed
-around internally.  I still have not done the PKCS#8 stuff, but
-X509_PKEY is defined and waiting :-)
-
---
-For a full function name listings, have a look at ms/crypt32.def and
-ms/ssl32.def.  These are auto-generated but are complete.
-Things like ASN1_INTEGER_get() have been added and are in here if you
-look.  I have renamed a few things, again, have a look through the
-function list and you will probably find what you are after.  I intend
-to at least put a one line descrition for each one.....
-
---
-Microsoft - thats what this release is about, read the MICROSOFT file.
-
---
-Multi-threading support.  I have started hunting through the code and
-flaging where things need to be done.  In a state of work but high on
-the list.
-
---
-For random numbers, edit e_os.h and set DEVRANDOM (it's near the top)
-be be you random data device, otherwise 'RFILE' in e_os.h
-will be used, in your home directory.  It will be updated
-periodically.  The environment variable RANDFILE will override this
-choice and read/write to that file instead.  DEVRANDOM is used in
-conjunction to the RFILE/RANDFILE.  If you wish to 'seed' the random
-number generator, pick on one of these files.
-
---
-
-The list of things to read and do
-
-dgst -d
-s_client -state (this uses a callback placed in the SSL state loop and
-        will be used else-where to help debug/monitor what
-        is happening.)
-
-doc/why.doc
-doc/bio.doc <- hmmm, needs lots of work.
-doc/bss_file.doc <- one that is working :-)
-doc/session.doc <- it has changed
-doc/speed.doc
- also play with ssleay version -a.  I have now added a SSLeay()
- function that returns a version number, eg 0600 for this release
- which is primarily to be used to check DLL version against the
- application.
-util/*  Quite a few will not interest people, but some may, like
- mk1mf.pl, mkdef.pl,
-util/do_ms.sh
-
-try
-cc -Iinclude -Icrypto -c crypto/crypto.c
-cc -Iinclude -Issl -c ssl/ssl.c
-You have just built the SSLeay libraries as 2 object files :-)
-
-Have a general rummage around in the bin stall directory and look at
-what is in there, like CA.sh and c_rehash
-
-There are lots more things but it is 12:30am on a Friday night and I'm
-heading home :-).
-
-eric 22-Jun-1996
-This version has quite a few major bug fixes and improvements.  It DOES NOT
-do SSLv3 yet.
-
-The main things changed
-- A Few days ago I added the s_mult application to ssleay which is
-  a demo of an SSL server running in an event loop type thing.
-  It supports non-blocking IO, I have finally gotten it right, SSL_accept()
-  can operate in non-blocking IO mode, look at the code to see how :-).
-  Have a read of doc/s_mult as well.  This program leaks memory and
-  file descriptors everywhere but I have not cleaned it up yet.
-  This is a demo of how to do non-blocking IO.
-- The SSL session management has been 'worked over' and there is now
-  quite an expansive set of functions to manipulate them.  Have a read of
-  doc/session.doc for some-things I quickly whipped up about how it now works.
-  This assume you know the SSLv2 protocol :-)
-- I can now read/write the netscape certificate format, use the
-  -inform/-outform  'net' options to the x509 command.  I have not put support
-  for this type in the other demo programs, but it would be easy to add.
-- asn1parse and 'enc' have been modified so that when reading base64
-  encoded files (pem format), they do not require '-----BEGIN' header lines.
-  The 'enc' program had a buffering bug fixed, it can be used as a general
-  base64 -> binary -> base64 filter by doing 'enc -a -e' and 'enc -a -d'
-  respecivly.  Leaving out the '-a' flag in this case makes the 'enc' command
-  into a form of 'cat'.
-- The 'x509' and 'req' programs have been fixed and modified a little so
-  that they generate self-signed certificates correctly.  The test
-  script actually generates a 'CA' certificate and then 'signs' a
-  'user' certificate.  Have a look at this shell script (test/sstest)
-  to see how things work, it tests most possible combinations of what can
-  be done.
-- The 'SSL_set_pref_cipher()' function has been 'fixed' and the prefered name
-  of SSL_set_cipher_list() is now the correct API (stops confusion :-).
-  If this function is used in the client, only the specified ciphers can
-  be used, with preference given to the order the ciphers were listed.
-  For the server, if this is used, only the specified ciphers will be used
-  to accept connections.  If this 'option' is not used, a default set of
-  ciphers will be used.  The SSL_CTX_set_cipher_list(SSL_CTX *ctx) sets this
-  list for all ciphers started against the SSL_CTX.  So the order is
-  SSL cipher_list, if not present, SSL_CTX cipher list, if not
-  present, then the library default.
-  What this means is that normally ciphers like
-  NULL-MD5 will never be used.  The only way this cipher can be used
-  for both ends to specify to use it.
-  To enable or disable ciphers in the library at build time, modify the
-  first field for the cipher in the ssl_ciphers array in ssl/ssl_lib.c.
-  This file also contains the 'pref_cipher' list which is the default
-  cipher preference order.
-- I'm not currently sure if the 'rsa -inform net' and the 'rsa -outform net'
-  options work.  They should, and they enable loading and writing the
-  netscape rsa private key format.  I will be re-working this section of
-  SSLeay for the next version.  What is currently in place is a quick and
-  dirty hack.
-- I've re-written parts of the bignum library.  This gives speedups
-  for all platforms.  I now provide assembler for use under Windows NT.
-  I have not tested the Windows 3.1 assembler but it is quite simple code.
-  This gives RSAprivate_key operation encryption times of 0.047s (512bit key)
-  and 0.230s (1024bit key) on a pentium 100 which I consider reasonable.
-  Basically the times available under linux/solaris x86 can be achieve under
-  Windows NT.  I still don't know how these times compare to RSA's BSAFE
-  library but I have been emailing with people and with their help, I should
-  be able to get my library's quite a bit faster still (more algorithm changes).
-  The object file crypto/bn/asm/x86-32.obj should be used when linking
-  under NT.
-- 'make makefile.one' in the top directory will generate a single makefile
-  called 'makefile.one'  This makefile contains no perl references and
-  will build the SSLeay library into the 'tmp' and 'out' directories.
-  util/mk1mf.pl >makefile.one is how this makefile is
-  generated.  The mk1mf.pl command take several option to generate the
-  makefile for use with cc, gcc, Visual C++ and Borland C++.  This is
-  still under development.  I have only build .lib's for NT and MSDOS
-  I will be working on this more.  I still need to play with the
-  correct compiler setups for these compilers and add some more stuff but
-  basically if you just want to compile the library
-  on a 'non-unix' platform, this is a very very good file to start with :-).
-  Have a look in the 'microsoft' directory for my current makefiles.
-  I have not yet modified things to link with sockets under Windows NT.
-  You guys should be able to do this since this is actually outside of the
-  SSLeay scope :-).  I will be doing it for myself soon.
-  util/mk1mf.pl takes quite a few options including no-rc, rsaref  and no-sock
-  to build without RC2/RC4, to require RSAref for linking, and to
-  build with no socket code.
-
-- Oh yes, the cipher that was reported to be compatible with RSA's RC2 cipher
-  that was posted to sci.crypt has been added to the library and SSL.
-  I take the view that if RC2 is going to be included in a standard,
-  I'll include the cipher to make my package complete.
-  There are NO_RC2, NO_RC4 and NO_IDEA macros to remove these ciphers
-  at compile time.  I have not tested this recently but it should all work
-  and if you are in the USA and don't want RSA threatening to sue you,
-  you could probably remove the RC4/RC2 code inside these sections.
-  I may in the future include a perl script that does this code
-  removal automatically for those in the USA :-).
-- I have removed all references to sed in the makefiles.  So basically,
-  the development environment requires perl and sh.  The build environment
-  does not (use the makefile.one makefile).
-  The Configure script still requires perl, this will probably stay that way
-  since I have perl for Windows NT :-).
-
-eric (03-May-1996)
-
-PS Have a look in the VERSION file for more details on the changes and
-   bug fixes.
-I have fixed a few bugs, added alpha and x86 assembler and generally cleaned
-things up.  This version will be quite stable, mostly because I'm on
-holidays until 10-March-1996.  For any problems in the interum, send email
-to Tim Hudson <tjh@mincom.oz.au>.
-
-SSLeay 0.5.0
-
-12-12-95
-This is going out before it should really be released.
-
-I leave for 11 weeks holidays on the 22-12-95 and so I either sit on
-this for 11 weeks or get things out.  It is still going to change a
-lot in the next week so if you do grab this version, please test and
-give me feed back ASAP, inculuding questions on how to do things with
-the library.  This will prompt me to write documentation so I don't
-have to answer the same question again :-).
-
-This 'pre' release version is for people who are interested in the
-library.  The applications will have to be changed to use
-the new version of the SSL interface.  I intend to finish more
-documentation before I leave but until then, look at the programs in
-the apps directory.  As far as code goes, it is much much nicer than
-the old version.
-
-The current library works, has no memory leaks (as far as I can tell)
-and is far more bug free that 0.4.5d.  There are no global variable of
-consequence (I believe) and I will produce some documentation that
-tell where to look for those people that do want to do multi-threaded
-stuff.
-
-There should be more documentation.  Have a look in the
-doc directory.  I'll be adding more before I leave, it is a start
-by mostly documents the crypto library.  Tim Hudson will update
-the web page ASAP.  The spelling and grammar are crap but
-it is better than nothing :-)
-
-Reasons to start playing with version 0.5.0
-- All the programs in the apps directory build into one ssleay binary.
-- There is a new version of the 'req' program that generates certificate
-  requests, there is even documentation for this one :-)
-- There is a demo certification authorithy program.  Currently it will
-  look at the simple database and update it.  It will generate CRL from
-  the data base.  You need to edit the database by hand to revoke a
-  certificate, it is my aim to use perl5/Tk but I don't have time to do
-  this right now.  It will generate the certificates but the management
-  scripts still need to be written.  This is not a hard task.
-- Things have been cleaned up alot.
-- Have a look at the enc and dgst programs in the apps directory.
-- It supports v3 of x509 certiticates.
-
-
-Major things missing.
-- I have been working on (and thinging about) the distributed x509
-  hierachy problem.  I have not had time to put my solution in place.
-  It will have to wait until I come back.
-- I have not put in CRL checking in the certificate verification but
-  it would not be hard to do.  I was waiting until I could generate my
-  own CRL (which has only been in the last week) and I don't have time
-  to put it in correctly.
-- Montgomery multiplication need to be implemented.  I know the
-  algorithm, just ran out of time.
-- PKCS#7.  I can load and write the DER version.  I need to re-work
-  things to support BER (if that means nothing, read the ASN1 spec :-).
-- Testing of the higher level digital envelope routines.  I have not
-  played with the *_seal() and *_open() type functions.  They are
-  written but need testing.  The *_sign() and *_verify() functions are
-  rock solid. 
-- PEM.  Doing this and PKCS#7 have been dependant on the distributed
-  x509 heirachy problem.  I started implementing my ideas, got
-  distracted writing a CA program and then ran out of time.  I provide
-  the functionality of RSAref at least.
-- Re work the asm. code for the x86.  I've changed by low level bignum
-  interface again, so I really need to tweak the x86 stuff.  gcc is
-  good enough for the other boxes.
-

Configure

@@ -1,710 +0,0 @@
-:
-eval 'exec perl -S $0 ${1+"$@"}'
-    if $running_under_some_shell;
-##
-##  Configure -- OpenSSL source tree configuration script
-##
-
-require 5.000;
-use strict;
-
-#
-# see PROBLEMS for instructions on what sort of things to do when 
-# tracking a bug --tjh
-#
-# extra options
-# -DRSAref	build to use RSAref
-# -DNO_IDEA	build with no IDEA algorithm
-# -DNO_RC4	build with no RC4 algorithm
-# -DNO_RC2	build with no RC2 algorithm
-# -DNO_BF	build with no Blowfish algorithm
-# -DNO_DES	build with no DES/3DES algorithm
-# -DNO_MD2	build with no MD2 algorithm
-#
-# DES_PTR	use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
-# DES_RISC1	use different DES_ENCRYPT macro that helps reduce register
-#		dependancies but needs to more registers, good for RISC CPU's
-# DES_RISC2	A different RISC variant.
-# DES_UNROLL	unroll the inner DES loop, sometimes helps, somtimes hinders.
-# DES_INT	use 'int' instead of 'long' for DES_LONG in crypto/des/des.h
-#		This is used on the DEC Alpha where long is 8 bytes
-#		and int is 4
-# BN_LLONG	use the type 'long long' in crypto/bn/bn.h
-# MD2_CHAR	use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
-# MD2_LONG	use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
-# IDEA_SHORT	use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
-# IDEA_LONG	use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
-# RC2_SHORT	use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
-# RC2_LONG	use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
-# RC4_CHAR	use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
-# RC4_LONG	use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
-# RC4_INDEX	define RC4_INDEX in crypto/rc4/rc4_locl.h.  This turns on
-#		array lookups instead of pointer use.
-# BF_PTR	use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
-# BF_PTR2	use a pentium/intel specific version.
-# MD5_ASM	use some extra md5 assember,
-# SHA1_ASM	use some extra sha1 assember, must define L_ENDIAN for x86
-# RMD160_ASM	use some extra ripemd160 assember,
-
-my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
-
-# MD2_CHAR slags pentium pros
-my $x86_gcc_opts="RC4_INDEX MD2_INT BF_PTR2";
-
-# MODIFY THESE PARAMETERS IF YOU ARE GOING TO USE THE 'util/speed.sh SCRIPT
-# Don't worry about these normally
-
-my $tcc="cc";
-my $tflags="-fast -Xa";
-my $tbn_mul="";
-my $tlib="-lnsl -lsocket";
-#$bits1="SIXTEEN_BIT ";
-#$bits2="THIRTY_TWO_BIT ";
-my $bits1="THIRTY_TWO_BIT ";
-my $bits2="SIXTY_FOUR_BIT ";
-
-my $x86_sol_asm="asm/bn86-sol.o asm/co86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o";
-my $x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
-my $x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
-my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
-
-# -DB_ENDIAN slows things down on a sparc for md5, but helps sha1.
-# So the md5_locl.h file has an undef B_ENDIAN if sun is defined
-
-#config-string	CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \
-# des_asm:bf_asm
-my %table=(
-#"b",		"$tcc:$tflags:$tlib:$bits1:$tbn_mul::",
-#"bl-4c-2c",	"$tcc:$tflags:$tlib:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:$tbn_mul::",
-#"bl-4c-ri",	"$tcc:$tflags:$tlib:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:$tbn_mul::",
-#"b2-is-ri-dp",	"$tcc:$tflags:$tlib:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:$tbn_mul::",
-
-# A few of my development configs
-"purify",	"purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::",
-"debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:-lefence::::",
-"debug-ben",	"gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -O2 -Wall -Wshadow -Werror -pipe:::::",
-"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"dist",		"cc:-O -DNOPROTO::::",
-
-# Basic configs that should work on any box
-"gcc",		"gcc:-O3::BN_LLONG:::",
-"cc",		"cc:-O -DNOPROTO -DNOCONST:::::",
-
-
-# My solaris setups
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm",
-"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN:-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
-# DO NOT use /xO[34] on sparc with SC3.0. 
-# It is broken, and will not pass the tests
-"solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\
-	-lsocket -lnsl:BN_LLONG RC4_CHAR DES_PTR DES_UNROLL BF_PTR:asm/sparc.o::",
-# SC4.0 is ok, better than gcc, except for the bignum stuff.
-# -fast slows things like DES down quite a lot
-"solaris-sparc-sc4","cc:-xO5 -Xa -DB_ENDIAN:-lsocket -lnsl:\
-	BN_LLONG RC4_CHAR DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparc.o::",
-"solaris-usparc-sc4","cc:-xtarget=ultra -xarch=v8plus -Xa -xO5 -DB_ENDIAN:\
-	-lsocket -lnsl:\
-	BN_LLONG RC4_CHAR DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparc.o::",
-"solaris-sparc-sc4-pic","cc:-xO5 -Xa -DB_ENDIAN -KPIC:-lsocket -lnsl:\
-	BN_LLONG RC4_CHAR DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparc.o::",
-
-# Sunos configs, assuming sparc for the gcc one.
-"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::DES_UNROLL:::",
-"sunos-gcc","gcc:-O3 -mv8::BN_LLONG RC4_CHAR DES_UNROLL DES_PTR DES_RISC1:::",
-
-# SGI configurations.  If the box is rather old (r3000 cpu), you will
-# probably have to remove the '-mips2' flag.  I've only been using
-# IRIX 5.[23].
-# I've recently done 32 and 64 bit mips assember, it make this RSA
-# 3 times faster, use if at all possible.
-#"irix-gcc","gcc:-O2 -mips2::SIXTY_FOUR_BIT BN_LLONG RC4_INDEX RC4_CHAR:::",
-"irix-gcc","gcc:-O2 -DTERMIOS -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:asm/mips1.o::",
-"irix64-gcc","gcc:-mips3 -O2 -DTERMIOS -DB_ENDIAN::MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::",
-"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR:asm/mips1.o::",
-"irix64-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::DES_PTR DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::",
-"debug-irix-cc", "cc:-w2 -g -DCRYPTO_MDEBUG -DTERMIOS -DB_ENDIAN:::asm/r3000.o::",
-# This is the n64 mode build.
-"irix-n64-cc", "cc:-64 -O2 -use_readonly_const -DTERMIOS::DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT:asm/mips3_64.o::",
-
-# HPUX config.  I've been building on HPUX 9, so the options may be
-# different on version 10.  The pa-risc2.o assember file is 2 times
-# faster than the old asm/pa-risc.o version but it may not run on old
-# PA-RISC CPUs.  If you have problems, swap back to the old one.
-# Both were generated by gcc, so use the C version with the PA-RISC specific
-# options turned on if you are using gcc.
-"hpux-cc",	"cc:-DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit +O4 -Wl,-a,archive::DES_PTR DES_UNROLL DES_RISC1:asm/pa-risc2.o::",
-"hpux-kr-cc",	"cc:-DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE::DES_PTR DES_UNROLL:asm/pa-risc2.o::",
-"hpux-gcc",	"gcc:-DB_ENDIAN -O3::BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
-# HPUX from www.globus.org
-"hpux11-32bit-cc","cc:+DA2.0 -DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit::DES_PTR DES_UNROLL DES_RISC1:::",
-"hpux11-64bit-cc","cc:+DA2.0W -g -D_HPUX_SOURCE -Aa -Ae +ESlit::SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT :::",
-
-# Dec Alpha, OSF/1 - the alpha164-cc is the flags for a 21164A with
-# the new compiler
-# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
-"alpha-gcc","gcc:-O3::SIXTY_FOUR_BIT_LONG DES_UNROLL DES_RISC1:asm/alpha.o::",
-"alpha-cc", "cc:-tune host -O4 -readonly_strings::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
-"alpha164-cc", "cc:-tune host -fast -readonly_strings::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
-
-# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
-# bn86-elf.o file file since it is hand tweaked assembler.
-"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
-"linux-mips",    "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
--Wuninitialized:::BN_LLONG:",
-"NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-m68",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-x86",	"gcc:-DTERMIOS -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
-#"FreeBSD",   "gcc:-DTERMIOS -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
-"FreeBSD",      "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
-"FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"bsdi-gcc",     "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gcc_des $x86_gcc_opts:$x86_bsdi_asm",
-"nextstep",	"cc:-O3 -Wall::BN_LLONG $x86_gcc_des ${x86_gcc_opts}:::",
-# NCR MP-RAS UNIX ver 02.03.01
-"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw:-lsocket -lnsl:$x86_gcc_des ${x86_gcc_opts}:::",
-
-# UnixWare 2.0
-"unixware-2.0","cc:-O -DFILIO_H:-lsocket -lnsl:$x86_gcc_des ${x86_gcc_opts}:::",
-"unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
-
-# IBM's AIX.
-"aix-cc",   "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
-"aix-gcc",  "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
-
-#
-# Cray T90 (SDSC)
-# It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT
-# defined.  The T90 ints and longs are 8 bytes long, and apparently the
-# B_ENDIAN code assumes 4 byte ints.  Fortunately, the non-B_ENDIAN and
-# non L_ENDIAN code aligns the bytes in each word correctly.
-#
-# The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors:
-#'Taking the address of a bit field is not allowed. '
-#'An expression with bit field exists as the operand of "sizeof" '
-# (written by Wayne Schroeder <schroede@SDSC.EDU>)
-"cray-t90-cc", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::SIXTY_FOUR_BIT_LONG DES_INT:::",
-
-#
-# Cray T3E (Research Center Juelich, beckman@acl.lanl.gov)
-#
-# The BIT_FIELD_LIMITS define was written for the C90 (it seems).  I added
-# another use.  Basically, the problem is that the T3E uses some bit fields
-# for some st_addr stuff, and then sizeof and address-of fails
-# I could not use the ams/alpha.o option because the Cray assembler, 'cam'
-# did not like it.
-"cray-t3e", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::SIXTY_FOUR_BIT_LONG DES_INT:::",
-
-# DGUX, 88100.
-"dgux-R3-gcc",	"gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::",
-"dgux-R4-gcc",	"gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
-"dgux-R4-x86-gcc",	"gcc:-O3 -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-
-# SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the
-# SCO cc.
-"sco5-cc",  "cc::-lsocket:$x86_gcc_des ${x86_gcc_opts}:::", # des options?
-
-# Sinix RM400
-"SINIX-N","/usr/ucb/cc:-O2 -misaligned:-lucb:RC4_INDEX RC4_CHAR:::",
-
-# Windows NT, Microsoft Visual C++ 4.0
-
-"VC-NT","cl:::BN_LLONG RC4_INDEX ${x86_gcc_opts}:::",
-"VC-WIN32","cl:::BN_LLONG RC4_INDEX ${x86_gcc_opts}:::",
-"VC-WIN16","cl:::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
-"VC-W31-16","cl:::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
-"VC-W31-32","cl:::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
-"VC-MSDOS","cl:::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
-
-# Borland C++ 4.5
-"BC-32","bcc32:::DES_PTR RC4_INDEX:::",
-"BC-16","bcc:::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
-
-# CygWin32
-"CygWin32", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
-
-# Our old Ultrix box :-). -O2 breaks some of the bignum stuff (now fixed,
-# it is a compiler bug, look in bug/ultrixcc.c for example code.
-"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN:::asm/mips1.o:::",
-
-# Some OpenBSD from Bob Beck <beck@obtuse.com>
-"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
-"OpenBSD-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
-"OpenBSD",      "gcc:-DTERMIOS -O3 -fomit-frame-pointer::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL:::",
-"OpenBSD-mips","gcc:-O2 -DL_ENDIAN:BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::",
-);
-
-# Miscellaneous hacks: this is designed to allow environments where the "one
-# makefile" option does not auto build all files.
-# The first six fields are the hard coded versions of the stuff generated by
-# ctx_size for pem.h: that is EVP_ENCODE_CTX_SIZE, EVP_MD_SIZE EVP_MD_CTX_SIZE,
-# EVP_CIPHER_SIZE, EVP_CIPHER_CTX_SIZE and EVP_MAX_MD_SIZE respectively.
-# If the seventh field is 1 then auto generate
-# crypto/date.h
-# Need to add Win16 and others here.
-
-my %misc_table = (
-"VC-WIN32", 	"96:60:152:40:4212:20:1",
-"VC-NT", 	"96:60:152:40:4212:20:1"
-);
-
-my @WinTargets=qw(VC-NT VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS BC-32
-	BC-16 CygWin32);
-
-my $no_asm=0;
-my $postfix="org";
-my $Makefile="Makefile.ssl";
-my $des_locl="crypto/des/des_locl.h";
-my $des	="crypto/des/des.h";
-my $bn	="crypto/bn/bn.h";
-my $md2	="crypto/md2/md2.h";
-my $rc4	="crypto/rc4/rc4.h";
-my $rc4_locl="crypto/rc4/rc4_locl.h";
-my $idea	="crypto/idea/idea.h";
-my $rc2	="crypto/rc2/rc2.h";
-my $bf	="crypto/bf/bf_locl.h";
-my $bn_asm	="bn_asm.o";
-my $des_enc="des_enc.o fcrypt_b.o";
-my $bf_enc	="bf_enc.o";
-my $cast_enc="c_enc.o";
-my $rc4_enc="rc4_enc.o";
-my $rc5_enc="rc5_enc.o";
-my $md5_obj="";
-my $sha1_obj="";
-my $rmd160_obj="";
-
-if ($#ARGV < 0)
-	{
-	&bad_target;
-	exit(1);
-	}
-
-my $flags="";
-my $libs="";
-my $target="";
-foreach (@ARGV)
-	{
-	if ($_ =~ /^no-asm$/)
-		{ $no_asm=1; }
-	elsif ($_ =~ /^-/)
-		{
-		if ($_ =~ /^-[lL](.*)$/)
-			{
-			$libs.=$_." ";
-			}
-		elsif ($_ =~ /^-D(.*)$/)
-			{
-			$flags.=$_." ";
-			}
-		elsif ($_ =~ /^-[fK](.*)$/)
-			{
-			$flags.=$_." ";
-			}
-		else
-			{
-			die "unknown options, only -Dxxx, -Lxxx, -lxxx, -fxxx and -Kxxx are supported\n";
-			}
-		}
-	elsif ($_ =~ /^([^:]+):(.+)$/) {
-		eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string
-		$target=$1;
-	}
-	else
-		{
-		die "target already defined - $target\n" if ($target ne "");
-		$target=$_;
-		if (!defined($table{$target}))
-			{
-			&bad_target;
-			exit(1);
-			}
-		}
-	}
-
-if (!defined($table{$target}))
-	{
-	&bad_target;
-	exit(1);
-	}
-
-my $IsWindows=scalar grep /^$target$/,@WinTargets;
-
-print "IsWindows=$IsWindows\n";
-
-(my $cc,my $cflags,my $lflags,my $bn_ops,my $bn_obj,my $des_obj,my $bf_obj,
- $md5_obj,$sha1_obj,my $cast_obj,my $rc4_obj,$rmd160_obj,my $rc5_obj)=
-	split(/\s*:\s*/,$table{$target} . ":" x 20 , -1);
-$cflags="$flags$cflags" if ($flags ne "");
-$lflags="$libs$lflags"if ($libs ne "");
-
-if ($no_asm)
-	{
-	$bn_obj=$des_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj="";
-	$sha1_obj=$md5_obj=$rmd160_obj="";
-	}
-
-#my ($bn1)=split(/\s+/,$bn_obj);
-#$bn1 = "" unless defined $bn1;
-#$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
-#$bn_obj="$bn1";
-
-$bn_obj = $bn_asm unless $bn_obj ne "";
-
-$des_obj=$des_enc	unless ($des_obj =~ /\.o$/);
-$bf_obj=$bf_enc		unless ($bf_obj =~ /\.o$/);
-$cast_obj=$cast_enc	unless ($cast_obj =~ /\.o$/);
-$rc4_obj=$rc4_enc	unless ($rc4_obj =~ /\.o$/);
-$rc5_obj=$rc5_enc	unless ($rc5_obj =~ /\.o$/);
-if ($sha1_obj =~ /\.o$/)
-	{
-#	$sha1_obj=$sha1_enc;
-	$cflags.=" -DSHA1_ASM";
-	}
-if ($md5_obj =~ /\.o$/)
-	{
-#	$md5_obj=$md5_enc;
-	$cflags.=" -DMD5_ASM";
-	}
-if ($rmd160_obj =~ /\.o$/)
-	{
-#	$rmd160_obj=$rmd160_enc;
-	$cflags.=" -DRMD160_ASM";
-	}
-
-open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
-open(OUT,">$Makefile") || die "unable to create $Makefile:$!\n";
-while (<IN>)
-	{
-	chop;
-	s/^PLATFORM=.*$/PLATFORM=$target/;
-	s/^CC=.*$/CC= $cc/;
-	s/^CFLAG=.*$/CFLAG= $cflags/;
-	s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
-	s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
-	s/^DES_ENC=.*$/DES_ENC= $des_obj/;
-	s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
-	s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
-	s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
-	s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
-	s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
-	s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
-	s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
-	print OUT $_."\n";
-	}
-close(IN);
-close(OUT);
-
-print "CC            =$cc\n";
-print "CFLAG         =$cflags\n";
-print "EX_LIBS       =$lflags\n";
-print "BN_ASM        =$bn_obj\n";
-print "DES_ENC       =$des_obj\n";
-print "BF_ENC        =$bf_obj\n";
-print "CAST_ENC      =$cast_obj\n";
-print "RC4_ENC       =$rc4_obj\n";
-print "RC5_ENC       =$rc5_obj\n";
-print "MD5_OBJ_ASM   =$md5_obj\n";
-print "SHA1_OBJ_ASM  =$sha1_obj\n";
-print "RMD160_OBJ_ASM=$rmd160_obj\n";
-
-my $des_ptr=0;
-my $des_risc1=0;
-my $des_risc2=0;
-my $des_unroll=0;
-my $bn_ll=0;
-my $def_int=2;
-my $rc4_int=$def_int;
-my $md2_int=$def_int;
-my $idea_int=$def_int;
-my $rc2_int=$def_int;
-my $rc4_idx=0;
-my $bf_ptr=0;
-my @type=("char","short","int","long");
-my ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0);
-
-my $des_int;
-
-foreach (sort split(/\s+/,$bn_ops))
-	{
-	$des_ptr=1 if /DES_PTR/;
-	$des_risc1=1 if /DES_RISC1/;
-	$des_risc2=1 if /DES_RISC2/;
-	$des_unroll=1 if /DES_UNROLL/;
-	$des_int=1 if /DES_INT/;
-	$bn_ll=1 if /BN_LLONG/;
-	$rc4_int=0 if /RC4_CHAR/;
-	$rc4_int=3 if /RC4_LONG/;
-	$rc4_idx=1 if /RC4_INDEX/;
-	$md2_int=0 if /MD2_CHAR/;
-	$md2_int=3 if /MD2_LONG/;
-	$idea_int=1 if /IDEA_SHORT/;
-	$idea_int=3 if /IDEA_LONG/;
-	$rc2_int=1 if /RC2_SHORT/;
-	$rc2_int=3 if /RC2_LONG/;
-	$bf_ptr=1 if $_ eq "BF_PTR";
-	$bf_ptr=2 if $_ eq "BF_PTR2";
-	($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
-	($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
-	($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
-	($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
-	($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
-	}
-
-((my $in=$bn) =~ s/\.([^.]+)/.$postfix/);
-my $n=&file_new($bn);
-open(IN,"<".$in) || die "unable to read $bn:$!\n";
-open(OUT,">$n") || die "unable to read $n:$!\n";
-while (<IN>)
-	{
-	if	(/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/)
-		{ printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; }
-	elsif	(/^#((define)|(undef))\s+SIXTY_FOUR_BIT/)
-		{ printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; }
-	elsif	(/^#((define)|(undef))\s+THIRTY_TWO_BIT/)
-		{ printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; }
-	elsif	(/^#((define)|(undef))\s+SIXTEEN_BIT/)
-		{ printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; }
-	elsif	(/^#((define)|(undef))\s+EIGHT_BIT/)
-		{ printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; }
-	elsif	(/^#((define)|(undef))\s+BN_LLONG\s*$/)
-		{ printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; }
-	else
-		{ print OUT $_; }
-	}
-close(IN);
-close(OUT);
-&Rename($bn,&file_old($bn));
-&Rename($n,$bn);
-
-(($in=$des) =~ s/\.([^.]+)/.$postfix/);
-$n=&file_new($des);
-open(IN,"<".$in) || die "unable to read $des:$!\n";
-open(OUT,">$n") || die "unable to read $n:$!\n";
-while (<IN>)
-	{
-	if	(/^\#define\s+DES_LONG\s+.*/)
-		{ printf OUT "#define DES_LONG unsigned %s\n",
-			($des_int)?'int':'long'; }
-	else
-		{ print OUT $_; }
-	}
-close(IN);
-close(OUT);
-&Rename($des,&file_old($des));
-&Rename($n,$des);
-
-(($in=$des_locl) =~ s/\.([^.]+)/.$postfix/);
-$n=&file_new($des_locl);
-open(IN,"<".$in) || die "unable to read $des_locl:$!\n";
-open(OUT,">$n") || die "unable to read $n:$!\n";
-while (<IN>)
-	{
-	if	(/^\#(define|undef)\s+DES_PTR/)
-		{ printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; }
-	elsif	(/^\#(define|undef)\s+DES_RISC1/)
-		{ printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; }
-	elsif	(/^\#(define|undef)\s+DES_RISC2/)
-		{ printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; }
-	elsif	(/^\#(define|undef)\s+DES_UNROLL/)
-		{ printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; }
-	else
-		{ print OUT $_; }
-	}
-close(IN);
-close(OUT);
-&Rename($des_locl,&file_old($des_locl));
-&Rename($n,$des_locl);
-
-(($in=$rc4) =~ s/\.([^.]+)/.$postfix/);
-$n=&file_new($rc4);
-open(IN,"<".$in) || die "unable to read $rc4:$!\n";
-open(OUT,">$n") || die "unable to read $n:$!\n";
-while (<IN>)
-	{
-	if	(/^#define\s+RC4_INT\s/)
-		{ printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; }
-	else
-		{ print OUT $_; }
-	}
-close(IN);
-close(OUT);
-&Rename($rc4,&file_old($rc4));
-&Rename($n,$rc4);
-
-(($in=$rc4_locl) =~ s/\.([^.]+)/.$postfix/);
-$n=&file_new($rc4_locl);
-open(IN,"<".$in) || die "unable to read $rc4_locl:$!\n";
-open(OUT,">$n") || die "unable to read $n:$!\n";
-while (<IN>)
-	{
-	if	(/^#((define)|(undef))\s+RC4_INDEX/)
-		{ printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; }
-	else
-		{ print OUT $_; }
-	}
-close(IN);
-close(OUT);
-&Rename($rc4_locl,&file_old($rc4_locl));
-&Rename($n,$rc4_locl);
-
-(($in=$md2) =~ s/\.([^.]+)/.$postfix/);
-$n=&file_new($md2);
-open(IN,"<".$in) || die "unable to read $bn:$!\n";
-open(OUT,">$n") || die "unable to read $n:$!\n";
-while (<IN>)
-	{
-	if	(/^#define\s+MD2_INT\s/)
-		{ printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; }
-	else
-		{ print OUT $_; }
-	}
-close(IN);
-close(OUT);
-&Rename($md2,&file_old($md2));
-&Rename($n,$md2);
-
-(($in=$idea) =~ s/\.([^.]+)/.$postfix/);
-$n=&file_new($idea);
-open(IN,"<".$in) || die "unable to read $idea:$!\n";
-open(OUT,">$n") || die "unable to read $n:$!\n";
-while (<IN>)
-	{
-	if	(/^#define\s+IDEA_INT\s/)
-		{printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];}
-	else
-		{ print OUT $_; }
-	}
-close(IN);
-close(OUT);
-&Rename($idea,&file_old($idea));
-&Rename($n,$idea);
-
-(($in=$rc2) =~ s/\.([^.]+)/.$postfix/);
-$n=&file_new($rc2);
-open(IN,"<".$in) || die "unable to read $rc2:$!\n";
-open(OUT,">$n") || die "unable to read $n:$!\n";
-while (<IN>)
-	{
-	if	(/^#define\s+RC2_INT\s/)
-		{printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];}
-	else
-		{ print OUT $_; }
-	}
-close(IN);
-close(OUT);
-&Rename($rc2,&file_old($rc2));
-&Rename($n,$rc2);
-
-(($in=$bf) =~ s/\.([^.]+)/.$postfix/);
-$n=&file_new($bf);
-open(IN,"<".$in) || die "unable to read $bf:$!\n";
-open(OUT,">$n") || die "unable to read $n:$!\n";
-while (<IN>)
-	{
-	if (/^#(define|undef)\s+BF_PTR/)
-		{
-		printf OUT "#undef BF_PTR\n" if $bf_ptr == 0;
-		printf OUT "#define BF_PTR\n" if $bf_ptr == 1;
-		printf OUT "#define BF_PTR2\n" if $bf_ptr == 2;
-		}
-	else
-		{ print OUT $_; }
-	}
-close(IN);
-close(OUT);
-&Rename($bf,&file_old($bf));
-&Rename($n,$bf);
-
-# Now the miscellaneous fixups
-
-if(defined $misc_table{$target}) {
-	my ($enc_ctx, $md_size, $md_ctx_size, $cipher_size, $cipher_ctx_size,
-		$max_md_size, $date_fix) = 
-		split(/\s*:\s*/,$misc_table{$target} . ":", -1);
-
-#print "EVP_ENCODE_CTX_SIZE $enc_ctx\n";
-#print "EVP_MD_SIZE $md_size\n";
-#print "EVP_MD_CTX_SIZE $md_ctx_size\n";
-#print "EVP_CIPHER_SIZE $cipher_size\n";
-#print "EVP_CIPHER_CTX_SIZE $cipher_ctx_size\n";
-#print "EVP_MAX_MD_SIZE $max_md_size\n";
-#printf "Date fix: %s\n", $date_fix ? "Yes" : "No";
-
-# Fix the date
-
-if($date_fix) {
-	open (OUT,">crypto/date.h") || die "Can't open date.h";
-	printf OUT "#define DATE \"%s\"\n", scalar gmtime();
-	close(OUT);
-}
-
-open (IN, "crypto/pem/pem.org") || die "Can't open crypto/pem/pem.org";
-open (OUT, ">crypto/pem/pem.h") || die "Can't create crypto/pem/pem.h";
-
-# Now fix up pem.h
-while(<IN>) {
-	chop;
-	s/^(#define EVP_ENCODE_CTX_SIZE).*$/$1 $enc_ctx/;
-	s/^(#define EVP_MD_SIZE).*$/$1 $md_size/;
-	s/^(#define EVP_MD_CTX_SIZE).*$/$1 $md_ctx_size/;
-	s/^(#define EVP_CIPHER_SIZE).*$/$1 $cipher_size/;
-	s/^(#define EVP_CIPHER_CTX_SIZE).*$/$1 $cipher_ctx_size/;
-	s/^(#define EVP_MAX_MD_SIZE).*$/$1 $max_md_size/;
-	print OUT "$_\n";
-}
-
-close (IN);
-close (OUT);
-
-
-}
-
-print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l;
-print "SIXTY_FOUR_BIT mode\n" if $b64;
-print "THIRTY_TWO_BIT mode\n" if $b32;
-print "SIXTEEN_BIT mode\n" if $b16;
-print "EIGHT_BIT mode\n" if $b8;
-print "DES_PTR used\n" if $des_ptr;
-print "DES_RISC1 used\n" if $des_risc1;
-print "DES_RISC2 used\n" if $des_risc2;
-print "DES_UNROLL used\n" if $des_unroll;
-print "DES_INT used\n" if $des_int;
-print "BN_LLONG mode\n" if $bn_ll;
-print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int;
-print "RC4_INDEX mode\n" if $rc4_idx;
-print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
-print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
-print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
-print "BF_PTR used\n" if $bf_ptr == 1; 
-print "BF_PTR2 used\n" if $bf_ptr == 2; 
-
-system 'make -f Makefile.ssl links' if !$IsWindows;
-
-exit(0);
-
-sub bad_target
-	{
-	print STDERR "Usage: Configure [-Dxxx] [-Lxxx] [-lxxx] os/compiler\n";
-	print STDERR "pick os/compiler from:";
-	my $j=0;
-	my $i;
-	foreach $i (sort keys %table)
-		{
-		print STDERR "\n" if ($j++ % 4) == 0;
-		printf(STDERR "%-18s ",$i);
-		}
-	print STDERR "\n";
-	}
-
-sub Rename
-	{
-	my($from,$to)=@_;
-	unlink($to);
-	if(!rename($from,$to))
-	    {
-	     -e $from && die "unable to rename $from to $to:$!\n";
-	    }
-	}
-
-sub file_new { my($a)=@_; $a =~ s/(\.[^.]+$|$)/.new/; $a; }
-sub file_old { my($a)=@_; $a =~ s/(\.[^.]+$|$)/.old/; $a; }

INSTALL

@@ -1,262 +0,0 @@
-
- INSTALLATION ON THE UNIX PLATFORM
- ---------------------------------
-
- [For instructions for compiling OpenSSL on Windows systems, see INSTALL.W32].
-
- To install OpenSSL, you will need:
-
-  * Perl
-  * C compiler
-  * A supported Unix operating system
-
- Quick Start
- -----------
-
- If you want to just get on with it, do:
-
-  $ ./config                  [if this fails, go to step 1b below]
-  $ make
-  $ make rehash
-  $ make test
-  $ make install
-
- This will build and install OpenSSL in the default location, which is (for
- historical reasons) /usr/local/ssl. If you want to install it anywhere else,
- do this after running `sh config':
-
-  $ perl util/ssldir.pl /new/install/path
-
- If anything goes wrong, follow the detailed instructions below. If your
- operating system is not (yet) supported by OpenSSL, see the section on
- porting to a new system.
-
- Installation in Detail
- ----------------------
-
- 1a. Configure OpenSSL for your operation system automatically:
-
-       $ ./config
-
-     This guesses at your operating system (and compiler, if necessary) and
-     configures OpenSSL based on this guess. Check the first line of output to
-     see if it guessed correctly. If it did not get it correct or you want to
-     use a different compiler then go to step 1b. Otherwise go to step 2.
-
- 1b. Configure OpenSSL for your operating system manually
-
-     OpenSSL knows about a range of different operating system, hardware and
-     compiler combinations. To see the ones it knows about, run
-
-       $ ./Configure
-
-     Pick a suitable name from the list that matches your system. For most
-     operating systems there is a choice between using "cc" or "gcc".  When
-     you have identified your system (and if necessary compiler) use this name
-     as the argument to ./Configure. For example, a "linux-elf" user would
-     run:
-
-       $ ./Configure linux-elf
-
-     If your system is not available, you will have to edit the Configure
-     program and add the correct configuration for your system.
-
-     Configure configures various files by converting an existing .org file
-     into the real file. If you edit any files, remember that if a
-     corresponding .org file exists them the next time you run ./Configure
-     your changes will be lost when the file gets re-created from the .org
-     file. The files that are created from .org files are:
-
-       Makefile.ssl
-       crypto/des/des.h
-       crypto/des/des_locl.h
-       crypto/md2/md2.h
-       crypto/rc4/rc4.h
-       crypto/rc4/rc4_enc.c
-       crypto/rc2/rc2.h
-       crypto/bf/bf_locl.h
-       crypto/idea/idea.h
-       crypto/bn/bn.h
-
-  2. Set the install directory
-
-     If the install directory will be the default of /usr/local/ssl, skip to
-     the next stage. Otherwise, run
-
-        $ perl util/ssldir.pl /new/install/path
-
-     This configures the installation location into the "install" target of
-     the top-level Makefile, and also updates some defines in an include file
-     so that the default certificate directory is under the proper
-     installation directory. It also updates a few utility files used in the
-     build process.
-
-  3. Build OpenSSL by running:
-
-       $ make
-
-     This will build the OpenSSL libraries (libcrypto.a and libssl.a) and the
-     OpenSSL binary ("openssl"). The libraries will be built in the top-level
-     directory, and the binary will be in the "apps" directory.
-
-  4. After a successful build, the libraries should be tested. Run:
-
-       $ make rehash
-       $ make test
-
-     (The first line makes the test certificates in the "certs" directory
-     accessable via an hash name, which is required for some of the tests).
-
-  5. If everything tests ok, install OpenSSL with
-
-       $ make install
-
-     This will create the installation directory (if it does not exist) and
-     then create the following subdirectories:
-
-       bin            Contains the openssl binary and a few other 
-                      utility programs. 
-       include        Contains the header files needed if you want to
-                      compile programs with libcrypto or libssl.
-       lib            Contains the library files themselves and the
-                      OpenSSL configuration file "openssl.cnf".
-       certs          Initially empty, this is the default location
-                      for certificate files.
-       private        Initially empty, this is the default location
-                      for private key files.
-
-
---------------------------------------------------------------------------------
-The orignal Unix build instructions from SSLeay follow. 
-Note: some of this may be out of date and no longer applicable
---------------------------------------------------------------------------------
-
-# When bringing the SSLeay distribution back from the evil intel world
-# of Windows NT, do the following to make it nice again under unix :-)
-# You don't normally need to run this.
-sh util/fixNT.sh	# This only works for NT now - eay - 21-Jun-1996
-
-# If you have perl, and it is not in /usr/local/bin, you can run
-perl util/perlpath.pl /new/path
-# and this will fix the paths in all the scripts.  DO NOT put
-# /new/path/perl, just /new/path. The build
-# environment always run scripts as 'perl perlscript.pl' but some of the
-# 'applications' are easier to usr with the path fixed.
-
-# Edit crypto/cryptlib.h, tools/c_rehash, and Makefile.ssl
-# to set the install locations if you don't like
-# the default location of /usr/local/ssl
-# Do this by running
-perl util/ssldir.pl /new/ssl/home
-# if you have perl, or by hand if not.
-
-# If things have been stuffed up with the sym links, run
-make -f Makefile.ssl links
-# This will re-populate lib/include with symlinks and for each
-# directory, link Makefile to Makefile.ssl
-
-# Setup the machine dependent stuff for the top level makefile
-# and some select .h files
-# If you don't have perl, this will bomb, in which case just edit the
-# top level Makefile.ssl
-./Configure 'system type'
-
-# The 'Configure' command contains default configuration parameters
-# for lots of machines.  Configure edits 5 lines in the top level Makefile
-# It modifies the following values in the following files
-Makefile.ssl		CC CFLAG EX_LIBS BN_MULW
-crypto/des/des.h	DES_LONG
-crypto/des/des_locl.h	DES_PTR
-crypto/md2/md2.h	MD2_INT
-crypto/rc4/rc4.h	RC4_INT
-crypto/rc4/rc4_enc.c	RC4_INDEX
-crypto/rc2/rc2.h	RC2_INT
-crypto/bf/bf_locl.h	BF_INT
-crypto/idea/idea.h	IDEA_INT
-crypto/bn/bn.h		BN_LLONG (and defines one of SIXTY_FOUR_BIT,
-				  SIXTY_FOUR_BIT_LONG, THIRTY_TWO_BIT,
-				  SIXTEEN_BIT or EIGHT_BIT)
-Please remember that all these files are actually copies of the file with
-a .org extention.  So if you change crypto/des/des.h, the next time
-you run Configure, it will be runover by a 'configured' version of
-crypto/des/des.org.  So to make the changer the default, change the .org
-files.  The reason these files have to be edited is because most of
-these modifications change the size of fundamental data types.
-While in theory this stuff is optional, it often makes a big
-difference in performance and when using assember, it is importaint
-for the 'Bignum bits' match those required by the assember code.
-A warning for people using gcc with sparc cpu's.  Gcc needs the -mv8
-flag to use the hardware multiply instruction which was not present in
-earlier versions of the sparc CPU.  I define it by default.  If you
-have an old sparc, and it crashes, try rebuilding with this flag
-removed.  I am leaving this flag on by default because it makes
-things run 4 times faster :-)
-
-# clean out all the old stuff
-make clean
-
-# Do a make depend only if you have the makedepend command installed
-# This is not needed but it does make things nice when developing.
-make depend
-
-# make should build everything
-make
-
-# fix up the demo certificate hash directory if it has been stuffed up.
-make rehash
-
-# test everything
-make test
-
-# install the lot
-make install
-
-# It is worth noting that all the applications are built into the one
-# program, ssleay, which is then has links from the other programs
-# names to it.
-# The applicatons can be built by themselves, just don't define the
-# 'MONOLITH' flag.  So to build the 'enc' program stand alone,
-gcc -O2 -Iinclude apps/enc.c apps/apps.c libcrypto.a
-
-# Other useful make options are
-make makefile.one
-# which generate a 'makefile.one' file which will build the complete
-# SSLeay distribution with temp. files in './tmp' and 'installable' files
-# in './out'
-
-# Have a look at running
-perl util/mk1mf.pl help
-# this can be used to generate a single makefile and is about the only
-# way to generate makefiles for windows.
-
-# There is actually a final way of building SSLeay.
-gcc -O2 -c -Icrypto -Iinclude crypto/crypto.c
-gcc -O2 -c -Issl -Iinclude ssl/ssl.c
-# and you now have the 2 libraries as single object files :-).
-# If you want to use the assember code for your particular platform
-# (DEC alpha/x86 are the main ones, the other assember is just the
-# output from gcc) you will need to link the assember with the above generated
-# object file and also do the above compile as
-gcc -O2 -DBN_ASM -c -Icrypto -Iinclude crypto/crypto.c
-
-This last option is probably the best way to go when porting to another
-platform or building shared libraries.  It is not good for development so
-I don't normally use it.
-
-To build shared libararies under unix, have a look in shlib, basically 
-you are on your own, but it is quite easy and all you have to do
-is compile 2 (or 3) files.
-
-For mult-threading, have a read of doc/threads.doc.  Again it is quite
-easy and normally only requires some extra callbacks to be defined
-by the application.
-The examples for solaris and windows NT/95 are in the mt directory.
-
-have fun
-
-eric 25-Jun-1997
-
-IRIX 5.x will build as a 32 bit system with mips1 assember.
-IRIX 6.x will build as a 64 bit system with mips3 assember.  It conforms
-to n32 standards. In theory you can compile the 64 bit assember under
-IRIX 5.x but you will have to have the correct system software installed.

INSTALL.W32

@@ -1,249 +0,0 @@
- 
- INSTALLATION ON THE WIN32 PLATFORM
- ----------------------------------
-
- Heres a few comments about building OpenSSL in Windows environments. Most of
- this is tested on Win32 but it may also work in Win 3.1 with some
- modification.  See the end of this file for Eric's original comments.
-
- Note: the default Win32 environment is to leave out any Windows NT specific
- features: (currently only BIO_s_log()) if you want NT specific features see
- the "Tweaks" section later.
-
- You will need perl for Win32 (which can be got from various sources) and
- Visual C++. 
-
- If you are compiling from a tarball or a CVS snapshot then the Win32 files
- may well be not up to date. This may mean that some "tweaking" is required to
- get it all to work. See the trouble shooting section later on for if (when?)
- it goes wrong.
-
- Firstly you should run Configure:
-
- > perl Configure VC-WIN32
-
- Then rebuild the Win32 Makefiles and friends:
-
- > ms\do_ms
-
- If you get errors about things not having numbers assigned then check the
- troubleshooting section: you probably wont be able to compile it as it
- stands.
-
- Then from the VC++ environment at a prompt do:
-
- > nmake -f ms\ntdll.mak
-
- If all is well it should compile and you will have some DLLs and executables
- in out32dll. If you want to try the tests then do:
- 
- > cd out32dll
- > ..\ms\test
-
- Troubleshooting
- ---------------
-
- Since the Win32 build is only occasionally tested it may not always compile
- cleanly.  If you get an error about functions not having numbers assigned
- when you run ms\do_ms then this means the Win32 ordinal files are not up to
- date. You can do:
-
- > perl util\mkdef.pl crypto ssl update
-
- then ms\do_ms should not give a warning any more. However the numbers that
- get assigned by this technique may not match those that eventually get
- assigned in the CVS tree: so anything linked against this version of the
- library may need to be recompiled.
-
- If you get errors about unresolved externals then this means that either you
- didn't read the note above about functions not having numbers assigned or
- someone forgot to add a function to the header file.
-
- In this latter case check out the header file to see if the function is
- defined in the header file: it should be defined twice: once with ANSI
- prototypes and once without. If its missing from the non ASNI section then
- add an entry for it: check that ms\do_ms now reports missing numbers and
- update the numbers as above.
-
- If you get warnings in the code then the compilation will halt.
-
- The default Makefile for Win32 halts whenever any warnings occur. Since VC++
- has its own ideas about warnings which don't always match up to other
- environments this can happen. The best fix is to edit the file with the
- warning in and fix it. Alternatively you can turn off the halt on warnings by
- editing the CFLAG line in the Makefile and deleting the /WX option.
-
- You might get compilation errors. Again you will have to fix these or report
- them.
-
- One final comment about compiling applications linked to the OpenSSL library.
- If you don't use the multithreaded DLL runtime library (/MD option) your
- program will almost certainly crash: see the original SSLeay description
- below for more details.
-
- Tweaks
- ------
-
- There are various changes you can make to the Win32 compile environment. If
- you have the MASM assembler 'ml' then you can try the assembly language code.
- To do this remove the 'no-asm' part from do_ms.bat. You can also add 'debug'
- here to make a debugging version of the library.
-
- If you want to enable the NT specific features of OpenSSL (currently only the
- logging BIO) follow the instructions above but call the batch file do_nt.bat
- instead of do_ms.bat.
-
- You can also build a static version of the library using the Makefile
- ms\nt.mak
-
---------------------------------------------------------------------------------
-The orignal Windows build instructions from SSLeay follow. 
-Note: some of this may be out of date and no longer applicable
---------------------------------------------------------------------------------
-
-The Microsoft World.
-
-The good news, to build SSLeay for the Microsft World
-
-Windows 3.1 DLL's
-perl Configure VC-WIN16
-nmake -f ms\w31dll.mak
-
-Windows NT/95 DLL's
-perl Configure VC-WIN32
-nmake -f ms\ntdll.mak
-
-Now the bad news
-All builds were done using Microsofts Visual C++ 1.52c and [45].x.
-If you are a borland person, you are probably going to have to help me
-finish the stuff in util/pl/BC*pl
-
-All builds were made under Windows NT - this means long filenames, so
-you may have problems under Windows 3.1 but probably not under 95.
-
-Because file pointers don't work in DLL's under Windows 3.1 (well at
-least stdin/stdout don't and I don't like having to differentiate
-between these and other file pointers), I now use the BIO file-pointer
-module, which needs to be linked into your application.  You can either
-use the memory buffer BIO for IO, or compile bss_file.c into your
-application, it is in the apps directory and is just a copy of
-crypto/buffer/bss_file.c with #define APPS_WIN16 added.
-I have not yet automated the makefile to automatically copy it into 'out'
-for a win 3.1 build....
-
-All callbacks passed into SSLeay for Windows 3.1 need to be of type
-_far _loadds.
-
-I don't support building with the pascal calling convention.
-
-The DLL and static builds are large memory model.
-
-To build static libraries for NT/95 or win 3.1
-
-perl util/mk1mf.pl VC-WIN32 > mf-stat.nt
-perl util/mk1mf.pl VC-WIN16 > mf-stat.w31
-for DLL's
-perl util/mk1mf.pl dll VC-WIN32	> mf-dll.nt
-perl util/mk1mf.pl dll VC-WIN16 > mf-dll.w31
-
-Again you will notice that if you dont have perl, you cannot do this.
-
-Now the next importaint issue.  Running Configure!
-I have small assember code files for critical big number library operation
-in crypto/bn/asm.  There is, asm code, object files and uuencode
-object files.  They are
-x86nt32.asm	- 32bit flat memory model assember - suitable Win32
-x86w16.asm	- 16bit assember - used in the msdos build.
-x86w32.asm	- 32bit assember, win 3.1 segments, used for win16 build.
-
-If you feel compelled to build the 16bit maths routines in the windows 3.1
-build,
-perl Configure VC-W31-16
-perl util/mk1mf.pl dll VC-W31-16 > mf-dll.w31
-
-If you hate assember and don't want anything to do with it,
-perl util/mk1mf.pl no-asm VC-WIN16 > mf-dll.w31
-will work for any of the makefile generations.
-
-There are more options to mk1mf.pl but these all leave the temporary
-files in 'tmp' and the output files in 'out' by default.
-
-The NT build is done for console mode.
-
-The Windows 3.1 version of SSLeay uses quickwin, the interface is ugly
-but it is better than nothing.  If you want ugly, try doing anything
-that involves getting a password.  I decided to be ugly instead of
-echoing characters.  For Windows 3.1 I would just sugest using the
-msdos version of the ssleay application for command line work.
-The QuickWin build is primarily for testing.
-
-For both NT and Windows 3.1, I have not written the code so that
-s_client, s_server can take input from the keyboard.  You can happily
-start applications up in separate windows, watch them handshake, and then sit
-there for-ever.  I have not had the time to get this working, and I've
-been able to test things from a unix box to the NT box :-).
-Try running ssleay s_server on the windows box
-(with either -cert ../apps/server.pem -www)
-and run ssleay s_time from another window.
-This often stuffs up on Windows 3.1, but I'm not worried since this is
-probably a problem with my demo applications, not the libraries.
-
-After a build of one of the version of microsoft SSLeay,
-'cd ms' and then run 'test'.  This should check everything out and
-even does a trial run of generating certificates.
-'test.bat' requires that perl be install, you be in the ms directory
-(not the test directory, thats for unix so stay out :-) and that the
-build output directory be ../out 
-
-On a last note, you will probably get division by zero errors and
-stuff after a build.  This is due to your own inability to follow
-instructions :-).
-
-The reasons for the problem is probably one of the following.
-
-1)	You did not run Configure.  This is critical for windows 3.1 when
-	using assember.  The values in crypto/bn/bn.h must match the
-	ones requred for the assember code.  (remember that if you
-	edit crypto/bn/bn.h by hand, it will be clobered the next time
-	you run Configure by the contents of crypto/bn/bn.org).
-	SSLeay version -o will list the compile options.
-	For VC-WIN32 you need bn(64,32) or bn(32,32)
-	For VC-W31-32/VC-WIN16 you need bn(32,32)
-	For VC-W31-16 you need bn(32,16) or bn(16,16)
-	For VC-MSDOS you need bn(32,16) or bn(16,16).
-
-	The first number will be 2 times bigger than the second if
-	BN_LLONG is defined in bn.h and the size of the second number
-	depends on the 'bits' defined at the start of bn.h.  Have a
-	look, it's all reasonably clear.
-	If you want to start messing with 8 bit builds and things like
-	that, build without the assember by re-generating a makefile
-	via 'perl util/mk1mf.pl no-asm'.
-2)	You tried to build under MS-DOS or Windows 3.1 using the /G3
-	option.  Don't.  It is buggy (thats why you just got that
-	error) and unless you want to work out which optimising flag
-	to turn off, I'm not going to help you :-).  I also noticed
-	that code often ran slower when compiled with /G3.
-3)	Under NT/95, malloc goes stupid.  You are probably linking with
-	the wrong library, there are problems if you mix the threaded
-	and non-threaded libraries (due to the DLL being staticly
-	linked with one and the applicaion using another.
-
-Well hopefully thats most of the MS issues handled, see you in ssl-users :-).
-
-eric 30-Aug-1996
-
-SSLeay 0.6.5
-For Windows 95/NT, add CRYPTO_malloc_init() to your program before any
-calls to the SSLeay libraries.  This function will insert callbacks so that
-the SSLeay libraries will use the same malloc(), free() and realloc() as
-your application so 'problem 3)' mentioned above will go away.
-
-There is now DES assember for Windows NT/95.  The file is
-crypto/des/asm/win32.asm and replaces crypto/des/des_enc.c in the build.
-
-There is also Blowfish assember for Windows NT/95.  The file is
-crypto/bf/asm/win32.asm and replaces crypto/bf/bf_enc.c in the build.
-
-eric 25-Jun-1997
-

LICENSE

@@ -1,127 +0,0 @@
-
-  LICENSE ISSUES
-  ==============
-
-  The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
-  the OpenSSL License and the original SSLeay license apply to the toolkit.
-  See below for the actual license texts. Actually both licenses are BSD-style
-  Open Source licenses. In case of any license issues related to OpenSSL
-  please contact openssl-core@openssl.org.
-
-  OpenSSL License
-  ---------------
-
-/* ====================================================================
- * Copyright (c) 1998-1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
- Original SSLeay License
- -----------------------
-
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-

Makefile.org

@@ -1,304 +0,0 @@
-##
-## Makefile for OpenSSL
-##
-
-VERSION = 0.9.2b
-PLATFORM=dist
-
-# NOCONST - Define for C compilers that don't like the const key word.
-# NOPROTO - Define in if your compiler does not support prototypes.
-# RSAref  - Define if we are to link with RSAref.
-# NO_IDEA - Define to build without the IDEA algorithm
-# NO_RC4  - Define to build without the RC4 algorithm
-# NO_RC2  - Define to build without the RC2 algorithm
-# THREADS - Define when building with threads, you will probably also need any
-#           system defines as well, i.e. _REENTERANT for Solaris 2.[34]
-# TERMIO  - Define the termio terminal subsystem, needed if sgtty is missing.
-# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
-# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
-# DEVRANDOM - Give this the value of the 'random device' if your OS supports
-#           one.  32 bytes will be read from this when the random
-#           number generator is initalised.
-# SSL_ALLOW_ADH - define if you want the server to be able to use the
-#           SSLv3 anon-DH ciphers.
-# SSL_ALLOW_ENULL - define if you want the server to be able to use the
-#           NULL encryption ciphers.
-#
-# LOCK_DEBUG - turns on lots of lock debug output :-)
-# REF_CHECK - turn on some xyz_free() assertions.
-# REF_PRINT - prints some stuff on structure free.
-# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
-# MFUNC - Make all Malloc/Free/Realloc calls call
-#       CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
-#       call application defined callbacks via CRYPTO_set_mem_functions()
-# MD5_ASM needs to be defined to use the x86 assembler for MD5
-# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
-# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
-# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8.  It must
-# equal 4.
-# PKCS1_CHECK - pkcs1 tests.
-
-CC= gcc
-#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-PEX_LIBS= -L. -L.. -L../.. -L../../..
-EX_LIBS= 
-AR=ar r
-
-# Set BN_ASM to bn_asm.o if you want to use the C version
-BN_ASM= bn_asm.o
-#BN_ASM= bn_asm.o
-#BN_ASM= asm/bn86-elf.o	# elf, linux-elf
-#BN_ASM= asm/bn86-sol.o # solaris
-#BN_ASM= asm/bn86-out.o # a.out, FreeBSD
-#BN_ASM= asm/bn86bsdi.o # bsdi
-#BN_ASM= asm/alpha.o    # DEC Alpha
-#BN_ASM= asm/pa-risc2.o # HP-UX PA-RISC
-#BN_ASM= asm/r3000.o    # SGI MIPS cpu
-#BN_ASM= asm/sparc.o    # Sun solaris/SunOS
-#BN_ASM= asm/bn-win32.o # Windows 95/NT
-#BN_ASM= asm/x86w16.o   # 16 bit code for Windows 3.1/DOS
-#BN_ASM= asm/x86w32.o   # 32 bit code for Windows 3.1
-
-# Set DES_ENC to des_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-DES_ENC= asm/dx86-out.o asm/yx86-out.o
-#DES_ENC= des_enc.o fcrypt_b.o          # C
-#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf
-#DES_ENC= asm/dx86-sol.o asm/yx86-sol.o # solaris
-#DES_ENC= asm/dx86-out.o asm/yx86-out.o # a.out, FreeBSD
-#DES_ENC= asm/dx86bsdi.o asm/yx86bsdi.o # bsdi
-
-# Set BF_ENC to bf_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-BF_ENC= asm/bx86-out.o
-#BF_ENC= bf_enc.o
-#BF_ENC= asm/bx86-elf.o # elf
-#BF_ENC= asm/bx86-sol.o # solaris
-#BF_ENC= asm/bx86-out.o # a.out, FreeBSD
-#BF_ENC= asm/bx86bsdi.o # bsdi
-
-# Set CAST_ENC to c_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-CAST_ENC= asm/cx86-out.o
-#CAST_ENC= c_enc.o
-#CAST_ENC= asm/cx86-elf.o # elf
-#CAST_ENC= asm/cx86-sol.o # solaris
-#CAST_ENC= asm/cx86-out.o # a.out, FreeBSD
-#CAST_ENC= asm/cx86bsdi.o # bsdi
-
-# Set RC4_ENC to rc4_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-RC4_ENC= asm/rx86-out.o
-#RC4_ENC= rc4_enc.o
-#RC4_ENC= asm/rx86-elf.o # elf
-#RC4_ENC= asm/rx86-sol.o # solaris
-#RC4_ENC= asm/rx86-out.o # a.out, FreeBSD
-#RC4_ENC= asm/rx86bsdi.o # bsdi
-
-# Set RC5_ENC to rc5_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-RC5_ENC= asm/r586-out.o
-#RC5_ENC= rc5_enc.o
-#RC5_ENC= asm/r586-elf.o # elf
-#RC5_ENC= asm/r586-sol.o # solaris
-#RC5_ENC= asm/r586-out.o # a.out, FreeBSD
-#RC5_ENC= asm/r586bsdi.o # bsdi
-
-# Also need MD5_ASM defined
-MD5_ASM_OBJ= asm/mx86-out.o
-#MD5_ASM_OBJ= asm/mx86-elf.o        # elf
-#MD5_ASM_OBJ= asm/mx86-sol.o        # solaris
-#MD5_ASM_OBJ= asm/mx86-out.o        # a.out, FreeBSD
-#MD5_ASM_OBJ= asm/mx86bsdi.o        # bsdi
-
-# Also need SHA1_ASM defined
-SHA1_ASM_OBJ= asm/sx86-out.o
-#SHA1_ASM_OBJ= asm/sx86-elf.o       # elf
-#SHA1_ASM_OBJ= asm/sx86-sol.o       # solaris
-#SHA1_ASM_OBJ= asm/sx86-out.o       # a.out, FreeBSD
-#SHA1_ASM_OBJ= asm/sx86bsdi.o       # bsdi
-
-# Also need RMD160_ASM defined
-RMD160_ASM_OBJ= asm/rm86-out.o
-#RMD160_ASM_OBJ= asm/rm86-elf.o       # elf
-#RMD160_ASM_OBJ= asm/rm86-sol.o       # solaris
-#RMD160_ASM_OBJ= asm/rm86-out.o       # a.out, FreeBSD
-#RMD160_ASM_OBJ= asm/rm86bsdi.o       # bsdi
-
-DIRS=   crypto ssl rsaref apps test tools
-# dirs in crypto to build
-SDIRS=  \
-	md2 md5 sha mdc2 hmac ripemd \
-	des rc2 rc4 rc5 idea bf cast \
-	bn rsa dsa dh \
-	buffer bio stack lhash rand err objects \
-	evp asn1 pem x509 x509v3 conf txt_db pkcs7 comp
-
-# Do not edit this manually. Use util/ssldir.pl do change this!
-INSTALLTOP=/usr/local/ssl
-
-MAKEFILE= Makefile.ssl
-MAKE=     make -f Makefile.ssl
-
-MAN1=1
-MAN3=3
-SHELL=/bin/sh
-
-TOP=    .
-ONEDIRS=out tmp
-EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep
-WDIRS=  windows
-LIBS=   libcrypto.a libssl.a 
-
-GENERAL=        Makefile
-BASENAME=       openssl
-NAME=           $(BASENAME)-$(VERSION)
-TARFILE=        $(NAME).tar
-WTARFILE=       $(NAME)-win.tar
-EXHEADER=       e_os.h
-HEADER=         e_os.h
-
-all: Makefile.ssl
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making all in $$i..." && \
-	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' all ) || exit 1; \
-	done;
-
-sub_all:
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making all in $$i..." && \
-	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' all ) || exit 1; \
-	done;
-
-Makefile.ssl: Makefile.org
-	@echo "Makefile.ssl is older than Makefile.org."
-	@echo "Reconfigure the source tree (via 'perl Configure' or 'sh config')"
-	@echo "and update the error lists (via 'make errors'), please."
-	@false
-
-libclean:
-	rm -f *.a */lib */*/lib
-
-clean:
-	rm -f shlib/*.o *.o core a.out fluff *.map
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making clean in $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' clean ) || exit 1; \
-	rm -f $(LIBS); \
-	done;
-	rm -f *.a *.o speed.* *.map *.so .pure core
-	rm -f $(TARFILE)
-	@for i in $(ONEDIRS) ;\
-	do \
-	rm -fr $$i/*; \
-	done
-
-makefile.one: files
-	perl util/mk1mf.pl >makefile.one; \
-	sh util/do_ms.sh
-
-files:  MINFO
-	perl $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making 'files' in $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' files ) || exit 1; \
-	done;
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(TOP)/util/mklink.sh include $(EXHEADER)
-	@for i in $(DIRS); do \
-	(cd $$i && echo "making links in $$i..." && \
-	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' links ) || exit 1; \
-	done;
-	@(OPENSSL="`pwd`/apps/openssl"; export OPENSSL; sh tools/c_rehash certs)
-
-dclean:
-	rm -f *.bak
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making dclean in $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' dclean ) || exit 1; \
-	done;
-
-rehash:
-	@(OPENSSL="`pwd`/apps/openssl"; export OPENSSL; sh tools/c_rehash certs)
-
-test:   tests
-
-tests:
-	@(cd test && echo "testing..." && \
-	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests );
-	@apps/openssl version -a
-
-depend:
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making dependancies $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' depend ) || exit 1; \
-	done;
-
-lint:
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making lint $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' lint ) || exit 1; \
-	done;
-
-tags:
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making tags $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' tags ) || exit 1; \
-	done;
-
-errors:
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making errors in $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' errors ) || exit 1; \
-	done;
-
-tar:
-	@gtar --no-recursion -cvf - \
-		`find * -depth -print | grep -v CVS | grep -v .cvsignore | grep -v STATUS | sort` |\
-	tardy --user_number=0  --user_name=openssl \
-	      --group_number=0 --group_name=openssl \
-	      --prefix=openssl-$(VERSION) - |\
-	gzip --best >../$(TARFILE).gz; \
-	ls -l ../$(TARFILE).gz
-
-dist:   
-	perl Configure dist
-	@$(MAKE) dist_pem_h
-	@$(MAKE) SDIRS='${SDIRS}' clean
-	@$(MAKE) tar
-
-dist_pem_h:
-	(cd crypto/pem; $(MAKE) SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
-
-install: all
-	@-mkdir -p $(INSTALLTOP)/bin 2>/dev/null
-	@-mkdir -p $(INSTALLTOP)/lib 2>/dev/null
-	@-mkdir -p $(INSTALLTOP)/include 2>/dev/null
-	@-mkdir -p $(INSTALLTOP)/certs 2>/dev/null
-	@-mkdir -p $(INSTALLTOP)/private 2>/dev/null
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i; echo "installing $$i..."; \
-	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' install ); \
-	done
-	@for i in $(LIBS) ;\
-	do \
-	(       echo installing $$i; \
-		cp $$i $(INSTALLTOP)/lib; \
-		sh util/ranlib.sh $(INSTALLTOP)/lib/$$i; \
-		chmod 644 $(INSTALLTOP)/lib/$$i ); \
-	done
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.

NEWS

@@ -1,40 +0,0 @@
-
-  NEWS
-  ====
-
-  This file gives a brief overview of the major changes between each OpenSSL
-  release. For more details please read the CHANGES file.
-
-  Major changes between SSLeay 0.9.1c and OpenSSL 0.9.2b:
-      o Fixed a security hole related to session resumption
-      o Fixed RSA encryption routines for the p < q case
-      o "ALL" in cipher lists now means "everything except NULL ciphers"
-      o Support for Triple-DES CBCM cipher
-      o Support of Optimal Asymmetric Encryption Padding (OAEP) for RSA
-      o First support for new TLSv1 ciphers
-      o Added a few new BIOs (syslog BIO, reliable BIO)
-      o Extended support for DSA certificate/keys.
-      o Extended support for Certificate Signing Requests (CSR)
-      o Initial support for X.509v3 extensions
-      o Extended support for compression inside the SSL record layer
-      o Overhauled Win32 builds
-      o Cleanups and fixes to the Big Number (BN) library
-      o Support for ASN.1 GeneralizedTime
-      o Splitted ASN.1 SETs from SEQUENCEs
-      o ASN1 and PEM support for Netscape Certificate Sequences
-      o Overhauled Perl interface
-      o Lots of source tree cleanups.
-      o Lots of memory leak fixes.
-      o Lots of bug fixes.
-
-  Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c:
-      o Integration of the popular NO_RSA/NO_DSA patches
-      o Initial support for compression inside the SSL record layer
-      o Added BIO proxy and filtering functionality
-      o Extended Big Number (BN) library
-      o Added RIPE MD160 message digest
-      o Addeed support for RC2/64bit cipher
-      o Extended ASN.1 parser routines
-      o Adjustations of the source tree for CVS
-      o Support for various new platforms
-

README

@@ -1,188 +0,0 @@
-
- OpenSSL 0.9.2b 22-Mar-1999
-
- Copyright (c) 1998-1999 The OpenSSL Project
- Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
- All rights reserved.
-
- DESCRIPTION
- -----------
-
- The OpenSSL Project is a collaborative effort to develop a robust,
- commercial-grade, fully featured, and Open Source toolkit implementing the
- Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
- protocols with full-strength cryptography world-wide. The project is managed
- by a worldwide community of volunteers that use the Internet to communicate,
- plan, and develop the OpenSSL tookit and its related documentation. 
-
- OpenSSL is based on the excellent SSLeay library developed from Eric A. Young
- and Tim J. Hudson.  The OpenSSL toolkit is licensed under a dual-license (the
- OpenSSL license plus the SSLeay license) situation, which basically means
- that you are free to get and use it for commercial and non-commercial
- purposes as long as you fullfill the conditions of both licenses. 
-
- OVERVIEW
- --------
-
- The OpenSSL toolkit includes:
-
- libssl.a:
-     Implementation of SSLv2, SSLv3, TLSv1 and the required code to support
-     both SSLv2, SSLv3 and TLSv1 in the one server and client.
-
- libcrypto.a:
-     General encryption and X.509 v1/v3 stuff needed by SSL/TLS but not
-     actually logically part of it. It includes routines for the following:
-
-     Ciphers
-        libdes - EAY's libdes DES encryption package which has been floating
-                 around the net for a few years.  It includes 15
-                 'modes/variations' of DES (1, 2 and 3 key versions of ecb,
-                 cbc, cfb and ofb; pcbc and a more general form of cfb and
-                 ofb) including desx in cbc mode, a fast crypt(3), and
-                 routines to read passwords from the keyboard.
-        RC4 encryption,
-        RC2 encryption      - 4 different modes, ecb, cbc, cfb and ofb.
-        Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
-        IDEA encryption     - 4 different modes, ecb, cbc, cfb and ofb.
-
-     Digests
-        MD5 and MD2 message digest algorithms, fast implementations,
-        SHA (SHA-0) and SHA-1 message digest algorithms,
-        MDC2 message digest. A DES based hash that is polular on smart cards.
-
-     Public Key
-        RSA encryption/decryption/generation.  
-            There is no limit on the number of bits.
-        DSA encryption/decryption/generation.   
-            There is no limit on the number of bits.
-        Diffie-Hellman key-exchange/key generation.  
-            There is no limit on the number of bits.
-
-     X.509v3 certificates
-        X509 encoding/decoding into/from binary ASN1 and a PEM
-             based ascii-binary encoding which supports encryption with a
-             private key.  Program to generate RSA and DSA certificate
-             requests and to generate RSA and DSA certificates.
-
-     Systems
-        The normal digital envelope routines and base64 encoding.  Higher
-        level access to ciphers and digests by name.  New ciphers can be
-        loaded at run time.  The BIO io system which is a simple non-blocking
-        IO abstraction.  Current methods supported are file descriptors,
-        sockets, socket accept, socket connect, memory buffer, buffering, SSL
-        client/server, file pointer, encryption, digest, non-blocking testing
-        and null.
-
-     Data structures
-        A dynamically growing hashing system
-        A simple stack.
-        A Configuration loader that uses a format similar to MS .ini files.
-
- openssl: 
-     A command line tool which provides the following functions:
-
-     enc     - a general encryption program that can encrypt/decrypt using
-               one of 17 different cipher/mode combinations.  The
-               input/output can also be converted to/from base64
-               ascii encoding.
-     dgst    - a generate message digesting program that will generate
-               message digests for any of md2, md5, sha (sha-0 or sha-1)
-               or mdc2.
-     asn1parse - parse and display the structure of an asn1 encoded
-               binary file.
-     rsa     - Manipulate RSA private keys.
-     dsa     - Manipulate DSA private keys.
-     dh      - Manipulate Diffie-Hellman parameter files.
-     dsaparam- Manipulate and generate DSA parameter files.
-     crl     - Manipulate certificate revocation lists.
-     crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate.
-     x509    - Manipulate x509 certificates, self-sign certificates.
-     req     - Manipulate PKCS#10 certificate requests and also
-               generate certificate requests.
-     genrsa  - Generates an arbitrary sized RSA private key.
-     gendsa  - Generates DSA parameters.
-     gendh   - Generates a set of Diffie-Hellman parameters, the prime
-               will be a strong prime.
-     ca      - Create certificates from PKCS#10 certificate requests.
-               This program also maintains a database of certificates
-               issued.
-     verify  - Check x509 certificate signatures.
-     speed   - Benchmark OpenSSL's ciphers.
-     s_server- A test SSL server.
-     s_client- A test SSL client.
-     s_time  - Benchmark SSL performance of SSL server programs.
-     errstr  - Convert from OpenSSL hex error codes to a readable form.
-     nseq    - Netscape certificate sequence utility
-        
- PATENTS
- -------
-
- Various companies hold various patents for various algorithms in various
- locations around the world. _YOU_ are responsible for ensuring that your use
- of any algorithms is legel by checking if there are any patents in your
- country.  The file contains some of the patents that we know about or are
- rumoured to exist. This is not a definitive list.
-
- RSA Data Security holds software patents on the RSA and RC5 algorithms.  If
- their ciphers are used used inside the USA (and Japan?), you must contact RSA
- Data Security for licencing conditions. Their web page is
- http://www.rsa.com/.
-
- RC4 is a trademark of RSA Data Security, so use of this label should perhaps
- only be used with RSA Data Security's permission. 
-
- The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy,
- Japan, Netherlands, Spain, Sweden, Switzerland, UK and the USA.  They should
- be contacted if that algorithm is to be used, their web page is
- http://www.ascom.ch/.
-
- INSTALLATION
- ------------
-
- To install this package under a Unix derivative, read the INSTALL file.  For
- a Win32 platform, read the INSTALL.W32 file.
-
- For people in the USA, it is possible to compile OpenSSL to use RSA Inc.'s
- public key library, RSAref. Read doc/ssleay.txt under 'rsaref.doc' on how to
- build with RSAref.
-
- Read the documentation in the doc/ directory.  It is quite rough, but it
- lists the functions, you will probably have to look at the code to work out
- how to used them. Look at the example programs.
-
- SUPPORT 
- -------
-
- If you have any problems with OpenSSL then please take the following steps
- first:
-
-    - Remove ASM versions of libraries
-    - Remove compiler optimisation flags 
-    - Add compiler debug flags (if using gcc then remove -fomit-frame-pointer
-      before you try to debug things)
-
- If you wish to report a bug then please include the following information in
- any bug report:
-
-    OpenSSL Details
-    - Version, most of these details can be got from the
-      'openssl version -a' command.
-    Operating System Details
-    - OS Name
-    - OS Version
-    - Hardware platform
-    Compiler Details
-    - Name
-    - Version
-    Application Details 
-    - Name 
-    - Version 
-    Problem Description
-    - include steps that will reproduce the problem (if known)
-    Stack Traceback (if the application dumps core)
-
- Report the bug to the OpenSSL project at:
-
-    openssl-users@openssl.org
-

STATUS

@@ -1,179 +0,0 @@
-
-  OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 1999/03/14 01:16:42 $
-
-  DEVELOPMENT STATE
-
-    o  OpenSSL 0.9.2: Freezed!
-       - No more feature commits, please. 
-       - Commit bugfixes and cleanups only, please.
-       - Already successfully tested platform:
-         o  FreeBSD 2.2.7    Ben Laurie            OK
-         o  FreeBSD 3.1      Ralf S. Engelschall   OK
-         o  Solaris 2.6      Ralf S. Engelschall   OK except for ctype warns
-         o  Linux RH 5.1     Steve Henson          OK
-         o  Linux 2.0 RH 5.2 Ralf S. Engelschall   OK
-         o  Linux 2.2 RH 5.2 Peter 'Luna' Altberg  OK
-         o  WinNT,95 VC++ 5  Steve Henson          OK
-
-       Proposed release time: Monday, March 15th 1999
-
-    o  OpenSSL 0.9.1c: Released on December 23th, 1998
-
-  RELEASE SHOWSTOPPERS
-
-    o Compilation warnings: ctype-related int vs. char
-    o Compilation error: "unsigned long*" and "int*" under AIX
-    o Why are NULL ciphers in front of the cipher spec?
-      (see my posting "Bug?!: Cipher Suite and NULL Ciphers" in openssl-dev)
-    o A Linux alpha user reported: "alpha.s does not have bn_div_word()"
-      (see posting "ALPHA error" in openssl-dev)
-    o Undefined BN symbols in assembler stuff on Solaris
-      (see posting "openssl-SNAP-19990308-2130 on Solaris-2.6 SC4" in openssl-dev)
-
-  AVAILABLE PATCHES
-
-    o Solaris AS error (kenji@miyake.org)
-    o getenv in ca.c and x509_def.c (jaltman@watsun.cc.columbia.edu)
-    o s3_lib.c - export clients (levitte@stacken.kth.se)
-    o linux dynamic libs (colin@field.medicine.adelaide.edu.au)
-    o MingW support (niklas@canit.se)
-    o crypto/des/enc_read.c bugfix (mike@cs.mun.ca)
-
-  IN PROGRESS
-
-    o Steve is currently working on:
-        X509 V3 extension code including:
-        1. Support for the more common PKIX extensions.
-        2. Proper (or at least usable) certificate chain verification.
-        3. Support in standard applications (req, x509, ca).
-        4. Documentation on how all the above works.
-        Next on the list is probably PKCS#12 integration.
-
-    o Mark is currently working on:
-        Folding in any changes that are in the C2Net code base that were
-        not in the original SSLeay-0.9.1.b release.  Plus other minor
-        tidying.
-
-    o Ralf is currently working on:
-        1. Support for SSL_set_default_verify_paths(),
-           SSL_load_verify_locations(), SSL_get_cert_store() and
-           SSL_set_cert_store() functions which work like their existing
-           SSL_CTX_xxx() variants but on a per connection basis. That's needed
-           to let us provide full-featured per-URL client verification in
-           mod_ssl or Apache-SSL.
-           => It still dumps core, so I suspend this and investigate
-              again for OpenSSL 0.9.3.
-        2. The perl/ stuff to make it really work the first time ;-)
-           => I'll investigate a few more hours for OpenSSL 0.9.2
-        3. The new documentation set in POD format under doc/
-           => I'll investigate a few more hours for OpenSSL 0.9.2
-        4. More cleanups to get rid of obsolete/old/ugly files in the
-           source tree which are not really needed.
-           => Done all which were possible with my personal knowledge
-
-    o Ben is currently working on:
-	1. Function Prototype Thought Police issues.
-	2. Integrated documentation.
-	3. New TLS Ciphersuites.
-	4. Anything else that takes his fancy.
-
-  NEEDS PATCH
-
-  OPEN ISSUES
-
-    o  The Makefile hierarchy and build mechanism is still not a round thing:
-
-       1. The config vs. Configure scripts
-          It's the same nasty situation as for Apache with APACI vs.
-          src/Configure. It confuses.
-          Suggestion: Merge Configure and config into a single configure
-                      script with a Autoconf style interface ;-) and remove
-                      Configure and config. Or even let us use GNU Autoconf
-                      itself. Then we can avoid a lot of those platform checks
-                      which are currently in Configure.
-
-       2. The xxx.org -> xxx.h generation:
-          It's not obvious for which file xxx.org is the source.
-          Suggestion: Rename xxx.org to xxx.h.in (Autoconf style), this way
-                      one sees that xxx.h.in is the input for xxx.h
-
-          Status: Mark +1
-
-    o  The installation under "make install" produces a very
-       installation layout: $prefix/certs and $prefix/private dirs.  That's
-       not nice. Ralf suggests to move the two certs and private dirs either
-       to $prefix/etc/, $prefix/lib/ or $prefix/share. Alternatively
-       we could also not install the certs at all.
-
-       Status: Ralf +1 for both not installing the certs at all and
-                       moving it to $prefix/etc/. +0 for $prefix/lib/
-                       and $prefix/share.
-               Paul: why is it not nice?
-               Ralf: because it messes up the install dir when
-                     $prefix is not a dedicated area like /usr/local/ssl.
-                     When we move them to a standard subdir like
-                     etc/ lib/ or share/ we don't mess up things
-                     when $prefix is /usr or /usr/local, etc.
-                     Additionally it makes package vendors life
-                     easier....
-
-    o  Support for Shared Libraries has to be added at least
-       for the major Unix platforms. The details we can rip from the stuff
-       Ralf has done for the Apache src/Configure script. Ben wants the
-       solution to be really simple.
-
-       Status: Ralf will look how we can easily incorporate the
-               compiler PIC and linker DSO flags from Apache
-               into the OpenSSL Configure script.
-
-    o  The perl/ stuff needs a major overhaul. Currently it's
-       totally obsolete. Either we clean it up and enhance it to be up-to-date
-       with the C code or we also could replace it with the really nice
-       Net::SSLeay package we can find under
-       http://www.neuronio.pt/SSLeay.pm.html.  Ralf uses this package for a
-       longer time and it works fine and is a nice Perl module. Best would be
-       to convince the author to work for the OpenSSL project and create a
-       Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for
-       us.
-
-       Status: Ralf thinks we should both contact the author of Net::SSLeay
-               and look how much effort it is to bring Eric's perl/ stuff up
-               to date.
-               Paul +1
-
-    o The EVP and ASN1 stuff is a mess. Currently you have one EVP_CIPHER
-      structure for each cipher. This may make sense for things like DES but
-      for variable length ciphers like RC2 and RC4 it is NBG. Need a way to
-      use the EVP interface and set up the cipher parameters. The ASN1 stuff
-      is also foo wrt ciphers whose AlgorithmIdentifier has more than just
-      an IV in it (e.g. RC2, RC5). This also means that EVP_Seal and EVP_Open
-      don't work unless the key length matches the fixed value (some vendors
-      use a key length decided by the size of the RSA encrypted key and expect
-      RC2 to adapt).
-
-    o Properly initialize the PRNG in the absence of /dev/random.
-
-    o > NO_RSA (ejs@bfd.com)
-      > ./Configure -DNO_IDEA -DNO_RC5 -DNO_RC4 -DNO_RC2 -DNO_RSA -DNO_ERR linux-elf
-      > I tried for a whole day to do this and could not get it to work.  Linux
-      > machine, kernel 2.0.36 and 2.2.1, redhat 5.2 latest, gcc and egcs , no
-      > go.  I also noticed the even with -DNO_IDEA, _DNO_RC2, etc. the make
-      > still goes into those subdirectories and 'makes'.
-
-  WISHES
-
-    o  Damien Miller:
-       "How about making the each of the locations compile-time defined. I
-       would like to (for example) put binaries in /usr/bin, configuration
-       data, certs and keys in /etc/openssl/certs and /etc/openssl/keys, etc.
-       This would also be a great boon to binary package makers.  The
-       SSLeay-0.9.1b RPM already includes some patches which do some of this.
-       I can forward them if you wish."
-
-    o  Mats Nilsson <mats.nilsson@xware.se>:
-       "Add reference counting to all substructures of X509 etc. For instance,
-       X509_NAME lacks a reference counter, while EVP_PKEY has one.  I'm
-       making COM-wrappers for selected parts of SSLeay for a project of ours,
-       and has found this inconsistency in copy semantics annoying."
-

apps/.cvsignore

@@ -1 +0,0 @@
-openssl

apps/CA.pl

@@ -1,153 +0,0 @@
-#!/usr/local/bin/perl
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq ... will generate a certificate request 
-# CA -sign ... will sign the generated request and output 
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key 
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#		   environment variable so this can be driven from
-#		   a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-# 27-Apr-98 snh    Translation into perl, fix existing CA bug.
-#
-#
-# Steve Henson
-# shenson@bigfoot.com
-
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
-
-$DAYS="-days 365";
-$REQ="openssl req $SSLEAY_CONFIG";
-$CA="openssl ca $SSLEAY_CONFIG";
-$VERIFY="openssl verify";
-$X509="openssl x509";
-
-$CATOP="./demoCA";
-$CAKEY="cakey.pem";
-$CACERT="cacert.pem";
-
-$DIRMODE = 0777;
-
-$RET = 0;
-
-foreach (@ARGV) {
-	if ( /^(-\?|-h|-help)$/ ) {
-	    print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n";
-	    exit 0;
-	} elsif (/^-newcert$/) {
-	    # create a certificate
-	    system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Certificate (and private key) is in newreq.pem\n"
-	} elsif (/^-newreq$/) {
-	    # create a certificate request
-	    system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request (and private key) is in newreq.pem\n";
-	} elsif (/^-newca$/) {
-		# if explictly asked for or it doesn't exist then setup the
-		# directory structure that Eric likes to manage things 
-	    $NEW="1";
-	    if ( "$NEW" || ! -f ${CATOP}/serial ) {
-		# create the directory hierarchy
-		mkdir $CATOP, $DIRMODE;
-		mkdir "${CATOP}/certs", $DIRMODE;
-		mkdir "${CATOP}/crl", $DIRMODE ;
-		mkdir "${CATOP}/newcerts", $DIRMODE;
-		mkdir "${CATOP}/private", $DIRMODE;
-		open OUT, ">${CATOP}/serial";
-		print OUT "01\n";
-		close OUT;
-		open OUT, ">${CATOP}/index.txt";
-		close OUT;
-	    }
-	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
-		print "CA certificate filename (or enter to create)\n";
-		$FILE = <STDIN>;
-
-		chop $FILE;
-
-		# ask user for existing CA certificate
-		if ($FILE) {
-		    cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
-		    cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
-		    $RET=$?;
-		} else {
-		    print "Making CA certificate ...\n";
-		    system ("$REQ -new -x509 -keyout " .
-			"${CATOP}/private/$CAKEY -out ${CATOP}/$CACERT $DAYS");
-		    $RET=$?;
-		}
-	    }
-	} elsif (/^-xsign$/) {
-	    system ("$CA -policy policy_anything -infiles newreq.pem");
-	    $RET=$?;
-	} elsif (/^(-sign|-signreq)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^-signcert$/) {
-	    system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
-								"-out tmp.pem");
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles tmp.pem");
-	    $RET = $?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^-verify$/) {
-	    if (shift) {
-		foreach $j (@ARGV) {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT $j");
-		    $RET=$? if ($? != 0);
-		}
-		exit $RET;
-	    } else {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
-		    $RET=$?;
-	    	    exit 0;
-	    }
-	} else {
-	    print STDERR "Unknown arg $_\n";
-	    print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n";
-	    exit 1;
-	}
-}
-
-exit $RET;
-
-sub cp_pem {
-my ($infile, $outfile, $bound) = @_;
-open IN, $infile;
-open OUT, ">$outfile";
-my $flag = 0;
-while (<IN>) {
-	$flag = 1 if (/^-----BEGIN.*$bound/) ;
-	print OUT $_ if ($flag);
-	if (/^-----END.*$bound/) {
-		close IN;
-		close OUT;
-		return;
-	}
-}
-}
-

apps/CA.sh

@@ -1,132 +0,0 @@
-#!/bin/sh
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq ... will generate a certificate request 
-# CA -sign ... will sign the generated request and output 
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key 
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#		   environment variable so this can be driven from
-#		   a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
-
-DAYS="-days 365"
-REQ="openssl req $SSLEAY_CONFIG"
-CA="openssl ca $SSLEAY_CONFIG"
-VERIFY="openssl verify"
-X509="openssl x509"
-
-CATOP=./demoCA
-CAKEY=./cakey.pem
-CACERT=./cacert.pem
-
-for i
-do
-case $i in
--\?|-h|-help)
-    echo "usage: CA -newcert|-newreq|-newca|-sign|-verify" >&2
-    exit 0
-    ;;
--newcert) 
-    # create a certificate
-    $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS
-    RET=$?
-    echo "Certificate (and private key) is in newreq.pem"
-    ;;
--newreq) 
-    # create a certificate request
-    $REQ -new -keyout newreq.pem -out newreq.pem $DAYS
-    RET=$?
-    echo "Request (and private key) is in newreq.pem"
-    ;;
--newca)     
-    # if explictly asked for or it doesn't exist then setup the directory
-    # structure that Eric likes to manage things 
-    NEW="1"
-    if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
-	# create the directory hierarchy
-	mkdir ${CATOP} 
-	mkdir ${CATOP}/certs 
-	mkdir ${CATOP}/crl 
-	mkdir ${CATOP}/newcerts
-	mkdir ${CATOP}/private
-	echo "01" > ${CATOP}/serial
-	touch ${CATOP}/index.txt
-    fi
-    if [ ! -f ${CATOP}/private/$CAKEY ]; then
-	echo "CA certificate filename (or enter to create)"
-	read FILE
-
-	# ask user for existing CA certificate
-	if [ "$FILE" ]; then
-	    cp $FILE ${CATOP}/private/$CAKEY
-	    RET=$?
-	else
-	    echo "Making CA certificate ..."
-	    $REQ -new -x509 -keyout ${CATOP}/private/$CAKEY \
-			   -out ${CATOP}/$CACERT $DAYS
-	    RET=$?
-	fi
-    fi
-    ;;
--xsign)
-    $CA -policy policy_anything -infiles newreq.pem 
-    RET=$?
-    ;;
--sign|-signreq) 
-    $CA -policy policy_anything -out newcert.pem -infiles newreq.pem
-    RET=$?
-    cat newcert.pem
-    echo "Signed certificate is in newcert.pem"
-    ;;
--signcert) 
-    echo "Cert passphrase will be requested twice - bug?"
-    $X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
-    $CA -policy policy_anything -out newcert.pem -infiles tmp.pem
-    cat newcert.pem
-    echo "Signed certificate is in newcert.pem"
-    ;;
--verify) 
-    shift
-    if [ -z "$1" ]; then
-	    $VERIFY -CAfile $CATOP/$CACERT newcert.pem
-	    RET=$?
-    else
-	for j
-	do
-	    $VERIFY -CAfile $CATOP/$CACERT $j
-	    if [ $? != 0 ]; then
-		    RET=$?
-	    fi
-	done
-    fi
-    exit 0
-    ;;
-*)
-    echo "Unknown arg $i";
-    exit 1
-    ;;
-esac
-done
-exit $RET
-

apps/Makefile.ssl

@@ -1,451 +0,0 @@
-#
-#  apps/Makefile.ssl
-#
-
-DIR=		apps
-TOP=		..
-CC=		cc
-INCLUDES=	-I../include
-CFLAG=		-g -static
-INSTALLTOP=	/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
-MAKEFILE=	Makefile.ssl
-RM=		rm -f
-
-PEX_LIBS=
-EX_LIBS= 
-
-CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-
-DLIBCRYPTO=../libcrypto.a
-DLIBSSL=../libssl.a
-LIBCRYPTO=-L.. -lcrypto
-LIBSSL=-L.. -lssl
-
-PROGRAM= openssl
-
-SCRIPTS=CA.sh CA.pl der_chop
-
-EXE= $(PROGRAM)
-
-E_EXE=	verify asn1pars req dgst dh enc gendh errstr ca crl \
-	rsa dsa dsaparam \
-	x509 genrsa gendsa s_server s_client speed \
-	s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq
-
-PROGS= $(PROGRAM).c
-
-A_OBJ=apps.o
-A_SRC=apps.c
-S_OBJ=	s_cb.o s_socket.o
-S_SRC=	s_cb.c s_socket.c
-
-E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \
-	pkcs7.o crl2p7.o crl.o \
-	rsa.o dsa.o dsaparam.o \
-	x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
-	s_time.o $(A_OBJ) $(S_OBJ) version.o sess_id.o \
-	ciphers.o nseq.o
-
-#	pem_mail.o
-
-E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c \
-	pkcs7.c crl2p7.c crl.c \
-	rsa.c dsa.c dsaparam.c \
-	x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
-	s_time.c $(A_SRC) $(S_SRC) version.c sess_id.c \
-	ciphers.c nseq.c
-
-#	pem_mail.c
-
-SRC=$(E_SRC)
-
-EXHEADER=
-HEADER=	apps.h progs.h s_apps.h \
-	testdsa.h testrsa.h \
-	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	@(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all:	exe
-
-exe:	$(EXE)
-
-req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
-	$(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
-
-sreq.o: req.c 
-	$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
-
-files:
-	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-install:
-	@for i in $(EXE) $(SCRIPTS); \
-	do  \
-	(echo installing $$i; \
-	 cp $$i $(INSTALLTOP)/bin/$$i; \
-	 chmod 755 $(INSTALLTOP)/bin/$$i ); \
-	 done; \
-	cp openssl.cnf $(INSTALLTOP)/lib; \
-	chmod 644 $(INSTALLTOP)/lib/openssl.cnf
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(SRC)
-
-dclean:
-	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-errors:
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
-	rm -f req
-
-$(DLIBSSL):
-	(cd ../ssl; $(MAKE))
-
-$(DLIBCRYPTO):
-	(cd ../crypto; $(MAKE))
-
-$(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
-	$(RM) $(PROGRAM)
-	$(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS)
-	@(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; sh tools/c_rehash certs)
-
-progs.h:
-	perl ./progs.pl $(E_EXE) >progs.h
-	$(RM) $(PROGRAM).o
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-apps.o: ../include/bio.h ../include/buffer.h ../include/crypto.h
-apps.o: ../include/e_os.h ../include/opensslv.h ../include/stack.h apps.h
-apps.o: progs.h
-asn1pars.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-asn1pars.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-asn1pars.o: ../include/crypto.h ../include/des.h ../include/dh.h
-asn1pars.o: ../include/dsa.h ../include/e_os.h ../include/err.h
-asn1pars.o: ../include/evp.h ../include/idea.h ../include/md2.h
-asn1pars.o: ../include/md5.h ../include/mdc2.h ../include/objects.h
-asn1pars.o: ../include/opensslv.h ../include/pem.h ../include/pem2.h
-asn1pars.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h
-asn1pars.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h
-asn1pars.o: ../include/sha.h ../include/stack.h ../include/x509.h
-asn1pars.o: ../include/x509_vfy.h apps.h progs.h
-ca.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h ../include/bn.h
-ca.o: ../include/buffer.h ../include/cast.h ../include/conf.h
-ca.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-ca.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-ca.o: ../include/lhash.h ../include/md2.h ../include/md5.h ../include/mdc2.h
-ca.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-ca.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h ../include/rc4.h
-ca.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h ../include/sha.h
-ca.o: ../include/stack.h ../include/txt_db.h ../include/x509.h
-ca.o: ../include/x509_vfy.h ../include/x509v3.h apps.h progs.h
-ciphers.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-ciphers.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-ciphers.o: ../include/crypto.h ../include/des.h ../include/dh.h
-ciphers.o: ../include/dsa.h ../include/e_os.h ../include/err.h ../include/evp.h
-ciphers.o: ../include/idea.h ../include/lhash.h ../include/md2.h
-ciphers.o: ../include/md5.h ../include/mdc2.h ../include/objects.h
-ciphers.o: ../include/opensslv.h ../include/pkcs7.h ../include/rc2.h
-ciphers.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-ciphers.o: ../include/rsa.h ../include/sha.h ../include/ssl.h ../include/ssl2.h
-ciphers.o: ../include/ssl23.h ../include/ssl3.h ../include/stack.h
-ciphers.o: ../include/tls1.h ../include/x509.h ../include/x509_vfy.h apps.h
-ciphers.o: progs.h
-crl.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h ../include/bn.h
-crl.o: ../include/buffer.h ../include/cast.h ../include/crypto.h
-crl.o: ../include/des.h ../include/dh.h ../include/dsa.h ../include/e_os.h
-crl.o: ../include/err.h ../include/evp.h ../include/idea.h ../include/md2.h
-crl.o: ../include/md5.h ../include/mdc2.h ../include/objects.h
-crl.o: ../include/opensslv.h ../include/pem.h ../include/pem2.h
-crl.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-crl.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h ../include/stack.h
-crl.o: ../include/x509.h ../include/x509_vfy.h ../include/x509v3.h apps.h
-crl.o: progs.h
-crl2p7.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-crl2p7.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-crl2p7.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-crl2p7.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-crl2p7.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-crl2p7.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-crl2p7.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h
-crl2p7.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-crl2p7.o: ../include/rsa.h ../include/sha.h ../include/stack.h
-crl2p7.o: ../include/x509.h ../include/x509_vfy.h apps.h progs.h
-dgst.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-dgst.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-dgst.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-dgst.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-dgst.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-dgst.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-dgst.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h ../include/rc4.h
-dgst.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h ../include/sha.h
-dgst.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h apps.h
-dgst.o: progs.h
-dh.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h ../include/bn.h
-dh.o: ../include/buffer.h ../include/cast.h ../include/crypto.h
-dh.o: ../include/des.h ../include/dh.h ../include/dsa.h ../include/e_os.h
-dh.o: ../include/err.h ../include/evp.h ../include/idea.h ../include/md2.h
-dh.o: ../include/md5.h ../include/mdc2.h ../include/objects.h
-dh.o: ../include/opensslv.h ../include/pem.h ../include/pem2.h
-dh.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-dh.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h ../include/stack.h
-dh.o: ../include/x509.h ../include/x509_vfy.h apps.h progs.h
-dsa.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h ../include/bn.h
-dsa.o: ../include/buffer.h ../include/cast.h ../include/crypto.h
-dsa.o: ../include/des.h ../include/dh.h ../include/dsa.h ../include/e_os.h
-dsa.o: ../include/err.h ../include/evp.h ../include/idea.h ../include/md2.h
-dsa.o: ../include/md5.h ../include/mdc2.h ../include/objects.h
-dsa.o: ../include/opensslv.h ../include/pem.h ../include/pem2.h
-dsa.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-dsa.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h ../include/stack.h
-dsa.o: ../include/x509.h ../include/x509_vfy.h apps.h progs.h
-dsaparam.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-dsaparam.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-dsaparam.o: ../include/crypto.h ../include/des.h ../include/dh.h
-dsaparam.o: ../include/dsa.h ../include/e_os.h ../include/err.h
-dsaparam.o: ../include/evp.h ../include/idea.h ../include/md2.h
-dsaparam.o: ../include/md5.h ../include/mdc2.h ../include/objects.h
-dsaparam.o: ../include/opensslv.h ../include/pem.h ../include/pem2.h
-dsaparam.o: ../include/pkcs7.h ../include/rand.h ../include/rc2.h
-dsaparam.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-dsaparam.o: ../include/rsa.h ../include/sha.h ../include/stack.h
-dsaparam.o: ../include/x509.h ../include/x509_vfy.h apps.h progs.h
-enc.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h ../include/bn.h
-enc.o: ../include/buffer.h ../include/cast.h ../include/crypto.h
-enc.o: ../include/des.h ../include/dh.h ../include/dsa.h ../include/e_os.h
-enc.o: ../include/err.h ../include/evp.h ../include/idea.h ../include/md2.h
-enc.o: ../include/md5.h ../include/mdc2.h ../include/objects.h
-enc.o: ../include/opensslv.h ../include/pem.h ../include/pem2.h
-enc.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-enc.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h ../include/stack.h
-enc.o: ../include/x509.h ../include/x509_vfy.h apps.h progs.h
-errstr.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-errstr.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-errstr.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-errstr.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-errstr.o: ../include/lhash.h ../include/md2.h ../include/md5.h
-errstr.o: ../include/mdc2.h ../include/objects.h ../include/opensslv.h
-errstr.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-errstr.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-errstr.o: ../include/ssl.h ../include/ssl2.h ../include/ssl23.h
-errstr.o: ../include/ssl3.h ../include/stack.h ../include/tls1.h
-errstr.o: ../include/x509.h ../include/x509_vfy.h apps.h progs.h
-gendh.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-gendh.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-gendh.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-gendh.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-gendh.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-gendh.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-gendh.o: ../include/pem2.h ../include/pkcs7.h ../include/rand.h
-gendh.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-gendh.o: ../include/rsa.h ../include/sha.h ../include/stack.h ../include/x509.h
-gendh.o: ../include/x509_vfy.h apps.h progs.h
-gendsa.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-gendsa.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-gendsa.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-gendsa.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-gendsa.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-gendsa.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-gendsa.o: ../include/pem2.h ../include/pkcs7.h ../include/rand.h
-gendsa.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-gendsa.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-gendsa.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h apps.h
-gendsa.o: progs.h
-genrsa.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-genrsa.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-genrsa.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-genrsa.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-genrsa.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-genrsa.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-genrsa.o: ../include/pem2.h ../include/pkcs7.h ../include/rand.h
-genrsa.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-genrsa.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-genrsa.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h apps.h
-genrsa.o: progs.h
-nseq.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-nseq.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-nseq.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-nseq.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-nseq.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-nseq.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-nseq.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h ../include/rc4.h
-nseq.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h ../include/sha.h
-nseq.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h apps.h
-nseq.o: progs.h
-openssl.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-openssl.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-openssl.o: ../include/conf.h ../include/crypto.h ../include/des.h
-openssl.o: ../include/dh.h ../include/dsa.h ../include/e_os.h ../include/err.h
-openssl.o: ../include/evp.h ../include/idea.h ../include/lhash.h
-openssl.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-openssl.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-openssl.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h
-openssl.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-openssl.o: ../include/rsa.h ../include/sha.h ../include/ssl.h ../include/ssl2.h
-openssl.o: ../include/ssl23.h ../include/ssl3.h ../include/stack.h
-openssl.o: ../include/tls1.h ../include/x509.h ../include/x509_vfy.h apps.h
-openssl.o: progs.h s_apps.h
-pkcs7.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-pkcs7.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-pkcs7.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-pkcs7.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-pkcs7.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-pkcs7.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-pkcs7.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h ../include/rc4.h
-pkcs7.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h ../include/sha.h
-pkcs7.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h apps.h
-pkcs7.o: progs.h
-req.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h ../include/bn.h
-req.o: ../include/buffer.h ../include/cast.h ../include/conf.h
-req.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-req.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-req.o: ../include/lhash.h ../include/md2.h ../include/md5.h ../include/mdc2.h
-req.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-req.o: ../include/pem2.h ../include/pkcs7.h ../include/rand.h ../include/rc2.h
-req.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h ../include/rsa.h
-req.o: ../include/sha.h ../include/stack.h ../include/x509.h
-req.o: ../include/x509_vfy.h ../include/x509v3.h apps.h progs.h
-rsa.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h ../include/bn.h
-rsa.o: ../include/buffer.h ../include/cast.h ../include/crypto.h
-rsa.o: ../include/des.h ../include/dh.h ../include/dsa.h ../include/e_os.h
-rsa.o: ../include/err.h ../include/evp.h ../include/idea.h ../include/md2.h
-rsa.o: ../include/md5.h ../include/mdc2.h ../include/objects.h
-rsa.o: ../include/opensslv.h ../include/pem.h ../include/pem2.h
-rsa.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-rsa.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h ../include/stack.h
-rsa.o: ../include/x509.h ../include/x509_vfy.h apps.h progs.h
-s_cb.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-s_cb.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-s_cb.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-s_cb.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-s_cb.o: ../include/lhash.h ../include/md2.h ../include/md5.h ../include/mdc2.h
-s_cb.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
-s_cb.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-s_cb.o: ../include/rsa.h ../include/sha.h ../include/ssl.h ../include/ssl2.h
-s_cb.o: ../include/ssl23.h ../include/ssl3.h ../include/stack.h
-s_cb.o: ../include/tls1.h ../include/x509.h ../include/x509_vfy.h apps.h
-s_cb.o: progs.h s_apps.h
-s_client.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-s_client.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-s_client.o: ../include/crypto.h ../include/des.h ../include/dh.h
-s_client.o: ../include/dsa.h ../include/e_os.h ../include/err.h
-s_client.o: ../include/evp.h ../include/idea.h ../include/lhash.h
-s_client.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-s_client.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-s_client.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h
-s_client.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-s_client.o: ../include/rsa.h ../include/sha.h ../include/ssl.h
-s_client.o: ../include/ssl2.h ../include/ssl23.h ../include/ssl3.h
-s_client.o: ../include/stack.h ../include/tls1.h ../include/x509.h
-s_client.o: ../include/x509_vfy.h apps.h progs.h s_apps.h
-s_server.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-s_server.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-s_server.o: ../include/crypto.h ../include/des.h ../include/dh.h
-s_server.o: ../include/dsa.h ../include/e_os.h ../include/err.h
-s_server.o: ../include/evp.h ../include/idea.h ../include/lhash.h
-s_server.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-s_server.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-s_server.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h
-s_server.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-s_server.o: ../include/rsa.h ../include/sha.h ../include/ssl.h
-s_server.o: ../include/ssl2.h ../include/ssl23.h ../include/ssl3.h
-s_server.o: ../include/stack.h ../include/tls1.h ../include/x509.h
-s_server.o: ../include/x509_vfy.h apps.h progs.h s_apps.h
-s_socket.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-s_socket.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-s_socket.o: ../include/crypto.h ../include/des.h ../include/dh.h
-s_socket.o: ../include/dsa.h ../include/e_os.h ../include/evp.h
-s_socket.o: ../include/idea.h ../include/lhash.h ../include/md2.h
-s_socket.o: ../include/md5.h ../include/mdc2.h ../include/objects.h
-s_socket.o: ../include/opensslv.h ../include/pkcs7.h ../include/rc2.h
-s_socket.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-s_socket.o: ../include/rsa.h ../include/sha.h ../include/ssl.h
-s_socket.o: ../include/ssl2.h ../include/ssl23.h ../include/ssl3.h
-s_socket.o: ../include/stack.h ../include/tls1.h ../include/x509.h
-s_socket.o: ../include/x509_vfy.h apps.h progs.h s_apps.h
-s_time.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-s_time.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-s_time.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-s_time.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-s_time.o: ../include/lhash.h ../include/md2.h ../include/md5.h
-s_time.o: ../include/mdc2.h ../include/objects.h ../include/opensslv.h
-s_time.o: ../include/pem.h ../include/pem2.h ../include/pkcs7.h
-s_time.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s_time.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s_time.o: ../include/ssl.h ../include/ssl2.h ../include/ssl23.h
-s_time.o: ../include/ssl3.h ../include/stack.h ../include/tls1.h
-s_time.o: ../include/x509.h ../include/x509_vfy.h apps.h progs.h s_apps.h
-sess_id.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-sess_id.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-sess_id.o: ../include/crypto.h ../include/des.h ../include/dh.h
-sess_id.o: ../include/dsa.h ../include/e_os.h ../include/err.h ../include/evp.h
-sess_id.o: ../include/idea.h ../include/lhash.h ../include/md2.h
-sess_id.o: ../include/md5.h ../include/mdc2.h ../include/objects.h
-sess_id.o: ../include/opensslv.h ../include/pem.h ../include/pem2.h
-sess_id.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h
-sess_id.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h
-sess_id.o: ../include/sha.h ../include/ssl.h ../include/ssl2.h
-sess_id.o: ../include/ssl23.h ../include/ssl3.h ../include/stack.h
-sess_id.o: ../include/tls1.h ../include/x509.h ../include/x509_vfy.h apps.h
-sess_id.o: progs.h
-speed.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-speed.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-speed.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-speed.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/hmac.h
-speed.o: ../include/idea.h ../include/md2.h ../include/md5.h ../include/mdc2.h
-speed.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
-speed.o: ../include/rand.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-speed.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-speed.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ./testdsa.h
-speed.o: ./testrsa.h apps.h progs.h
-verify.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-verify.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-verify.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-verify.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-verify.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-verify.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-verify.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h
-verify.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-verify.o: ../include/rsa.h ../include/sha.h ../include/stack.h
-verify.o: ../include/x509.h ../include/x509_vfy.h apps.h progs.h
-version.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-version.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-version.o: ../include/crypto.h ../include/des.h ../include/dh.h
-version.o: ../include/dsa.h ../include/e_os.h ../include/evp.h
-version.o: ../include/idea.h ../include/md2.h ../include/md5.h
-version.o: ../include/mdc2.h ../include/objects.h ../include/opensslv.h
-version.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-version.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-version.o: ../include/stack.h apps.h progs.h
-x509.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
-x509.o: ../include/bn.h ../include/buffer.h ../include/cast.h
-x509.o: ../include/crypto.h ../include/des.h ../include/dh.h ../include/dsa.h
-x509.o: ../include/e_os.h ../include/err.h ../include/evp.h ../include/idea.h
-x509.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
-x509.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
-x509.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h ../include/rc4.h
-x509.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h ../include/sha.h
-x509.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h
-x509.o: ../include/x509v3.h apps.h progs.h

apps/apps.c

@@ -1,320 +0,0 @@
-/* apps/apps.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#define NON_MAIN
-#include "apps.h"
-#undef NON_MAIN
-
-#ifdef WINDOWS
-#  include "bss_file.c"
-#endif
-
-#ifndef NOPROTO
-int app_init(long mesgwin);
-#else
-int app_init();
-#endif
-
-#ifdef undef /* never finished - probably never will be :-) */
-int args_from_file(file,argc,argv)
-char *file;
-int *argc;
-char **argv[];
-	{
-	FILE *fp;
-	int num,i;
-	unsigned int len;
-	static char *buf=NULL;
-	static char **arg=NULL;
-	char *p;
-	struct stat stbuf;
-
-	if (stat(file,&stbuf) < 0) return(0);
-
-	fp=fopen(file,"r");
-	if (fp == NULL)
-		return(0);
-
-	*argc=0;
-	*argv=NULL;
-
-	len=(unsigned int)stbuf.st_size;
-	if (buf != NULL) Free(buf);
-	buf=(char *)Malloc(len+1);
-	if (buf == NULL) return(0);
-
-	len=fread(buf,1,len,fp);
-	if (len <= 1) return(0);
-	buf[len]='\0';
-
-	i=0;
-	for (p=buf; *p; p++)
-		if (*p == '\n') i++;
-	if (arg != NULL) Free(arg);
-	arg=(char **)Malloc(sizeof(char *)*(i*2));
-
-	*argv=arg;
-	num=0;
-	p=buf;
-	for (;;)
-		{
-		if (!*p) break;
-		if (*p == '#') /* comment line */
-			{
-			while (*p && (*p != '\n')) p++;
-			continue;
-			}
-		/* else we have a line */
-		*(arg++)=p;
-		num++;
-		while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
-			p++;
-		if (!*p) break;
-		if (*p == '\n')
-			{
-			*(p++)='\0';
-			continue;
-			}
-		/* else it is a tab or space */
-		p++;
-		while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
-			p++;
-		if (!*p) break;
-		if (*p == '\n')
-			{
-			p++;
-			continue;
-			}
-		*(arg++)=p++;
-		num++;
-		while (*p && (*p != '\n')) p++;
-		if (!*p) break;
-		/* else *p == '\n' */
-		*(p++)='\0';
-		}
-	*argc=num;
-	return(1);
-	}
-#endif
-
-int str2fmt(s)
-char *s;
-	{
-	if 	((*s == 'D') || (*s == 'd'))
-		return(FORMAT_ASN1);
-	else if ((*s == 'T') || (*s == 't'))
-		return(FORMAT_TEXT);
-	else if ((*s == 'P') || (*s == 'p'))
-		return(FORMAT_PEM);
-	else if ((*s == 'N') || (*s == 'n'))
-		return(FORMAT_NETSCAPE);
-	else
-		return(FORMAT_UNDEF);
-	}
-
-#if defined(MSDOS) || defined(WIN32) || defined(WIN16)
-void program_name(in,out,size)
-char *in;
-char *out;
-int size;
-	{
-	int i,n;
-	char *p=NULL;
-
-	n=strlen(in);
-	/* find the last '/', '\' or ':' */
-	for (i=n-1; i>0; i--)
-		{
-		if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':'))
-			{
-			p= &(in[i+1]);
-			break;
-			}
-		}
-	if (p == NULL)
-		p=in;
-	n=strlen(p);
-	/* strip off trailing .exe if present. */
-	if ((n > 4) && (p[n-4] == '.') &&
-		((p[n-3] == 'e') || (p[n-3] == 'E')) &&
-		((p[n-2] == 'x') || (p[n-2] == 'X')) &&
-		((p[n-1] == 'e') || (p[n-1] == 'E')))
-		n-=4;
-	if (n > size-1)
-		n=size-1;
-
-	for (i=0; i<n; i++)
-		{
-		if ((p[i] >= 'A') && (p[i] <= 'Z'))
-			out[i]=p[i]-'A'+'a';
-		else
-			out[i]=p[i];
-		}
-	out[n]='\0';
-	}
-#else
-void program_name(in,out,size)
-char *in;
-char *out;
-int size;
-	{
-	char *p;
-
-	p=strrchr(in,'/');
-	if (p != NULL)
-		p++;
-	else
-		p=in;
-	strncpy(out,p,size-1);
-	out[size-1]='\0';
-	}
-#endif
-
-#ifdef WIN32
-int WIN32_rename(from,to)
-char *from;
-char *to;
-	{
-	int ret;
-
-	ret=MoveFileEx(from,to,MOVEFILE_REPLACE_EXISTING|MOVEFILE_COPY_ALLOWED);
-	return(ret?0:-1);
-	}
-#endif
-
-int chopup_args(arg,buf,argc,argv)
-ARGS *arg;
-char *buf;
-int *argc;
-char **argv[];
-	{
-	int num,len,i;
-	char *p;
-
-	*argc=0;
-	*argv=NULL;
-
-	len=strlen(buf);
-	i=0;
-	if (arg->count == 0)
-		{
-		arg->count=20;
-		arg->data=(char **)Malloc(sizeof(char *)*arg->count);
-		}
-	for (i=0; i<arg->count; i++)
-		arg->data[i]=NULL;
-
-	num=0;
-	p=buf;
-	for (;;)
-		{
-		/* first scan over white space */
-		if (!*p) break;
-		while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
-			p++;
-		if (!*p) break;
-
-		/* The start of something good :-) */
-		if (num >= arg->count)
-			{
-			arg->count+=20;
-			arg->data=(char **)Realloc(arg->data,
-				sizeof(char *)*arg->count);
-			if (argc == 0) return(0);
-			}
-		arg->data[num++]=p;
-
-		/* now look for the end of this */
-		if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */
-			{
-			i= *(p++);
-			arg->data[num-1]++; /* jump over quote */
-			while (*p && (*p != i))
-				p++;
-			*p='\0';
-			}
-		else
-			{
-			while (*p && ((*p != ' ') &&
-				(*p != '\t') && (*p != '\n')))
-				p++;
-
-			if (*p == '\0')
-				p--;
-			else
-				*p='\0';
-			}
-		p++;
-		}
-	*argc=num;
-	*argv=arg->data;
-	return(1);
-	}
-
-#ifndef APP_INIT
-int app_init(mesgwin)
-long mesgwin;
-	{
-	return(1);
-	}
-#endif

apps/apps.h

@@ -1,150 +0,0 @@
-/* apps/apps.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_APPS_H
-#define HEADER_APPS_H
-
-#include "e_os.h"
-
-#include "buffer.h"
-#include "bio.h"
-#include "crypto.h"
-#include "progs.h"
-
-#ifdef NO_STDIO
-BIO_METHOD *BIO_s_file();
-#endif
-
-#ifdef WIN32
-#define rename(from,to) WIN32_rename((from),(to))
-int WIN32_rename(char *oldname,char *newname);
-#endif
-
-#ifndef MONOLITH
-
-#define MAIN(a,v)	main(a,v)
-
-#ifndef NON_MAIN
-BIO *bio_err=NULL;
-#else
-extern BIO *bio_err;
-#endif
-
-#else
-
-#define MAIN(a,v)	PROG(a,v)
-#include "conf.h"
-extern LHASH *config;
-extern char *default_config_file;
-extern BIO *bio_err;
-
-#endif
-
-#include <signal.h>
-
-#ifdef SIGPIPE
-#define do_pipe_sig()	signal(SIGPIPE,SIG_IGN)
-#else
-#define do_pipe_sig()
-#endif
-
-#if defined(MONOLITH) && !defined(SSLEAY)
-#  define apps_startup()	do_pipe_sig()
-#else
-#  if defined(MSDOS) || defined(WIN16) || defined(WIN32)
-#    ifdef _O_BINARY
-#      define apps_startup() \
-		_fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
-		SSLeay_add_all_algorithms()
-#    else
-#      define apps_startup() \
-		_fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
-		SSLeay_add_all_algorithms()
-#    endif
-#  else
-#    define apps_startup()	do_pipe_sig(); SSLeay_add_all_algorithms();
-#  endif
-#endif
-
-typedef struct args_st
-        {
-        char **data;
-	int count;
-        } ARGS;
-
-#ifndef NOPROTO
-int should_retry(int i);
-int args_from_file(char *file, int *argc, char **argv[]);
-int str2fmt(char *s);
-void program_name(char *in,char *out,int size);
-int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
-#else
-int should_retry();
-int args_from_file();
-int str2fmt();
-void program_name();
-int chopup_args();
-#endif
-
-#define FORMAT_UNDEF    0
-#define FORMAT_ASN1     1
-#define FORMAT_TEXT     2
-#define FORMAT_PEM      3
-#define FORMAT_NETSCAPE 4
-
-#endif

apps/asn1pars.c

@@ -1,285 +0,0 @@
-/* apps/asn1pars.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* A nice addition from Dr Stephen Henson <shenson@bigfoot.com> to 
- * add the -strparse option which parses nested binary structures
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include "err.h"
-#include "evp.h"
-#include "x509.h"
-#include "pem.h"
-
-/* -inform arg	- input format - default PEM (DER or PEM)
- * -in arg	- input file - default stdin
- * -i		- indent the details by depth
- * -offset	- where in the file to start
- * -length	- how many bytes to use
- * -oid file	- extra oid decription file
- */
-
-#undef PROG
-#define PROG	asn1parse_main
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	int i,badops=0,offset=0,ret=1,j;
-	unsigned int length=0;
-	long num,tmplen;
-	BIO *in=NULL,*out=NULL,*b64=NULL;
-	int informat,indent=0;
-	char *infile=NULL,*str=NULL,*prog,*oidfile=NULL;
-	unsigned char *tmpbuf;
-	BUF_MEM *buf=NULL;
-	STACK *osk=NULL;
-	ASN1_TYPE *at=NULL;
-
-	informat=FORMAT_PEM;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	if ((osk=sk_new_null()) == NULL)
-		{
-		BIO_printf(bio_err,"Malloc failure\n");
-		goto end;
-		}
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-i") == 0)
-			{
-			indent=1;
-			}
-		else if (strcmp(*argv,"-oid") == 0)
-			{
-			if (--argc < 1) goto bad;
-			oidfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-offset") == 0)
-			{
-			if (--argc < 1) goto bad;
-			offset= atoi(*(++argv));
-			}
-		else if (strcmp(*argv,"-length") == 0)
-			{
-			if (--argc < 1) goto bad;
-			length= atoi(*(++argv));
-			if (length == 0) goto bad;
-			}
-		else if (strcmp(*argv,"-strparse") == 0)
-			{
-			if (--argc < 1) goto bad;
-			sk_push(osk,*(++argv));
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -offset arg   offset into file\n");
-		BIO_printf(bio_err," -length arg   lenth of section in file\n");
-		BIO_printf(bio_err," -i            indent entries\n");
-		BIO_printf(bio_err," -oid file     file of extra oid definitions\n");
-		BIO_printf(bio_err," -strparse offset\n");
-		BIO_printf(bio_err,"               a series of these can be used to 'dig' into multiple\n");
-		BIO_printf(bio_err,"               ASN1 blob wrappings\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (oidfile != NULL)
-		{
-		if (BIO_read_filename(in,oidfile) <= 0)
-			{
-			BIO_printf(bio_err,"problems opening %s\n",oidfile);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		OBJ_create_objects(in);
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-
-	if ((buf=BUF_MEM_new()) == NULL) goto end;
-	if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */
-
-	if (informat == FORMAT_PEM)
-		{
-		BIO *tmp;
-
-		if ((b64=BIO_new(BIO_f_base64())) == NULL)
-			goto end;
-		BIO_push(b64,in);
-		tmp=in;
-		in=b64;
-		b64=tmp;
-		}
-
-	num=0;
-	for (;;)
-		{
-		if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end;
-		i=BIO_read(in,&(buf->data[num]),BUFSIZ);
-		if (i <= 0) break;
-		num+=i;
-		}
-	str=buf->data;
-
-	/* If any structs to parse go through in sequence */
-
-	if (sk_num(osk))
-		{
-		tmpbuf=(unsigned char *)str;
-		tmplen=num;
-		for (i=0; i<sk_num(osk); i++)
-			{
-			j=atoi(sk_value(osk,i));
-			if (j == 0)
-				{
-				BIO_printf(bio_err,"'%s' is an invalid number\n",sk_value(osk,i));
-				continue;
-				}
-			tmpbuf+=j;
-			tmplen-=j;
-			if (d2i_ASN1_TYPE(&at,&tmpbuf,tmplen) == NULL)
-				{
-				BIO_printf(bio_err,"Error parsing structure\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			/* hmm... this is a little evil but it works */
-			tmpbuf=at->value.asn1_string->data;
-			tmplen=at->value.asn1_string->length;
-			}
-		str=(char *)tmpbuf;
-		num=tmplen;
-		}
-
-	if (length == 0) length=(unsigned int)num;
-	if (!ASN1_parse(out,(unsigned char *)&(str[offset]),length,indent))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free(out);
-	if (b64 != NULL) BIO_free(b64);
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	if (buf != NULL) BUF_MEM_free(buf);
-	if (at != NULL) ASN1_TYPE_free(at);
-	if (osk != NULL) sk_free(osk);
-	OBJ_cleanup();
-	EXIT(ret);
-	}
-

apps/bss_file.c

@@ -1,324 +0,0 @@
-/* crypto/bio/bss_file.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define APPS_WIN16
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include "bio.h"
-#include "err.h"
-
-#ifndef NOPROTO
-static int MS_CALLBACK file_write(BIO *h,char *buf,int num);
-static int MS_CALLBACK file_read(BIO *h,char *buf,int size);
-static int MS_CALLBACK file_puts(BIO *h,char *str);
-static int MS_CALLBACK file_gets(BIO *h,char *str,int size);
-static long MS_CALLBACK file_ctrl(BIO *h,int cmd,long arg1,char *arg2);
-static int MS_CALLBACK file_new(BIO *h);
-static int MS_CALLBACK file_free(BIO *data);
-#else
-static int MS_CALLBACK file_write();
-static int MS_CALLBACK file_read();
-static int MS_CALLBACK file_puts();
-static int MS_CALLBACK file_gets();
-static long MS_CALLBACK file_ctrl();
-static int MS_CALLBACK file_new();
-static int MS_CALLBACK file_free();
-#endif
-
-static BIO_METHOD methods_filep=
-	{
-	BIO_TYPE_FILE,"FILE pointer",
-	file_write,
-	file_read,
-	file_puts,
-	file_gets,
-	file_ctrl,
-	file_new,
-	file_free,
-	};
-
-BIO *BIO_new_file(filename,mode)
-char *filename;
-char *mode;
-	{
-	BIO *ret;
-	FILE *file;
-
-	if ((file=fopen(filename,mode)) == NULL)
-		{
-		SYSerr(SYS_F_FOPEN,errno);
-		BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
-		return(NULL);
-		}
-	if ((ret=BIO_new_fp(file,BIO_CLOSE)) == NULL)
-		{
-		fclose(file);
-		return(NULL);
-		}
-	return(ret);
-	}
-
-BIO *BIO_new_fp(stream,close_flag)
-FILE *stream;
-int close_flag;
-	{
-	BIO *ret;
-
-	if ((ret=BIO_new(BIO_s_file())) == NULL)
-		return(NULL);
-	BIO_set_fp(ret,stream,close_flag);
-	return(ret);
-	}
-
-#if !defined(WIN16) || defined(APPS_WIN16)
-
-BIO_METHOD *BIO_s_file()
-	{
-	return(&methods_filep);
-	}
-
-#else
-
-BIO_METHOD *BIO_s_file_internal_w16()
-	{
-	return(&methods_filep);
-	}
-
-#endif
-
-static int MS_CALLBACK file_new(bi)
-BIO *bi;
-	{
-	bi->init=0;
-	bi->num=0;
-	bi->ptr=NULL;
-	return(1);
-	}
-
-static int MS_CALLBACK file_free(a)
-BIO *a;
-	{
-	if (a == NULL) return(0);
-	if (a->shutdown)
-		{
-		if ((a->init) && (a->ptr != NULL))
-			{
-			fclose((FILE *)a->ptr);
-			a->ptr=NULL;
-			}
-		a->init=0;
-		}
-	return(1);
-	}
-	
-static int MS_CALLBACK file_read(b,out,outl)
-BIO *b;
-char *out;
-int outl;
-	{
-	int ret=0;
-
-	if (b->init && (out != NULL))
-		{
-		ret=fread(out,1,(int)outl,(FILE *)b->ptr);
-		}
-	return(ret);
-	}
-
-static int MS_CALLBACK file_write(b,in,inl)
-BIO *b;
-char *in;
-int inl;
-	{
-	int ret=0;
-
-	if (b->init && (in != NULL))
-		{
-		if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
-			ret=inl;
-		/* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
-		/* acording to Tim Hudson <tjh@cryptsoft.com>, the commented
-		 * out version above can cause 'inl' write calls under
-		 * some stupid stdio implementations (VMS) */
-		}
-	return(ret);
-	}
-
-static long MS_CALLBACK file_ctrl(b,cmd,num,ptr)
-BIO *b;
-int cmd;
-long num;
-char *ptr;
-	{
-	long ret=1;
-	FILE *fp=(FILE *)b->ptr;
-	FILE **fpp;
-	char p[4];
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		ret=(long)fseek(fp,num,0);
-		break;
-	case BIO_CTRL_EOF:
-		ret=(long)feof(fp);
-		break;
-	case BIO_CTRL_INFO:
-		ret=ftell(fp);
-		break;
-	case BIO_C_SET_FILE_PTR:
-		file_free(b);
-		b->shutdown=(int)num;
-		b->ptr=(char *)ptr;
-		b->init=1;
-		break;
-	case BIO_C_SET_FILENAME:
-		file_free(b);
-		b->shutdown=(int)num&BIO_CLOSE;
-		if (num & BIO_FP_APPEND)
-			{
-			if (num & BIO_FP_READ)
-				strcpy(p,"a+");
-			else	strcpy(p,"a");
-			}
-		else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
-			strcpy(p,"r+");
-		else if (num & BIO_FP_WRITE)
-			strcpy(p,"w");
-		else if (num & BIO_FP_READ)
-			strcpy(p,"r");
-		else
-			{
-			BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
-			ret=0;
-			break;
-			}
-#if defined(MSDOS) || defined(WINDOWS)
-		if (!(num & BIO_FP_TEXT))
-			strcat(p,"b");
-		else
-			strcat(p,"t");
-#endif
-		fp=fopen(ptr,p);
-		if (fp == NULL)
-			{
-			SYSerr(SYS_F_FOPEN,errno);
-			BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB);
-			ret=0;
-			break;
-			}
-		b->ptr=(char *)fp;
-		b->init=1;
-		break;
-	case BIO_C_GET_FILE_PTR:
-		/* the ptr parameter is actually a FILE ** in this case. */
-		if (ptr != NULL)
-			{
-			fpp=(FILE **)ptr;
-			*fpp=(FILE *)b->ptr;
-			}
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret=(long)b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown=(int)num;
-		break;
-	case BIO_CTRL_FLUSH:
-		fflush((FILE *)b->ptr);
-		break;
-	case BIO_CTRL_DUP:
-		ret=1;
-		break;
-
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_PUSH:
-	case BIO_CTRL_POP:
-	default:
-		ret=0;
-		break;
-		}
-	return(ret);
-	}
-
-static int MS_CALLBACK file_gets(bp,buf,size)
-BIO *bp;
-char *buf;
-int size;
-	{
-	int ret=0;
-
-	buf[0]='\0';
-	fgets(buf,size,(FILE *)bp->ptr);
-	if (buf[0] != '\0')
-		ret=strlen(buf);
-	return(ret);
-	}
-
-static int MS_CALLBACK file_puts(bp,str)
-BIO *bp;
-char *str;
-	{
-	int n,ret;
-
-	n=strlen(str);
-	ret=file_write(bp,str,n);
-	return(ret);
-	}
-

apps/c512-key.pem

@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm
-q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko
-/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1
-HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0
-ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/
-nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw
-ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg==
------END RSA PRIVATE KEY-----

apps/c512-req.pem

@@ -1,8 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa
-MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0
-IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i
-2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs6
-2NNtXrT8odkCAwEAATANBgkqhkiG9w0BAQQFAANBAC5JBTeji7RosqMaUIDzIW13
-oO6+kPhx9fXSpMFHIsY3aH92Milkov/2A4SuZTcnv/P6+8klmS0EaiUKcRzak4E=
------END CERTIFICATE REQUEST-----

apps/ca-cert.srl

@@ -1 +0,0 @@
-05

apps/ca-key.pem

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----

apps/ca-req.pem

@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBmTCCAQICAQAwWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
-GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgx
-MDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgy
-bTsZDCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/d
-FXSv1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUe
-cQU2mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAKlk7
-cxu9gCJN3/iQFyJXQ6YphaiQAT5VBXTx9ftRrQIjA3vxlDzPWGDy+V5Tqa7h8PtR
-5Bn00JShII2zf0hjyjKils6x/UkWmjEiwSiFp4hR70iE8XwSNEHY2P6j6nQEIpgW
-kbfgmmUqk7dl2V+ossTJ80B8SBpEhrn81V/cHxA=
------END CERTIFICATE REQUEST-----

apps/cert.pem

@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBoDCCAUoCAQAwDQYJKoZIhvcNAQEEBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD
-VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw05NzA5MDkwMzQxMjZa
-Fw05NzEwMDkwMzQxMjZaMF4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0
-YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMT
-DkVyaWMgdGhlIFlvdW5nMFEwCQYFKw4DAgwFAANEAAJBALVEqPODnpI4rShlY8S7
-tB713JNvabvn6Gned7zylwLLiXQAo/PAT6mfdWPTyCX9RlId/Aroh1ou893BA32Q
-sggwDQYJKoZIhvcNAQEEBQADQQCU5SSgapJSdRXJoX+CpCvFy+JVh9HpSjCpSNKO
-19raHv98hKAUJuP9HyM+SUsffO6mAIgitUaqW8/wDMePhEC3
------END CERTIFICATE-----

apps/ciphers.c

@@ -1,191 +0,0 @@
-/* apps/ciphers.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef NO_STDIO
-#define APPS_WIN16
-#endif
-#include "apps.h"
-#include "err.h"
-#include "ssl.h"
-
-#undef PROG
-#define PROG	ciphers_main
-
-static char *ciphers_usage[]={
-"usage: ciphers args\n",
-" -v          - verbose mode, a textual listing of the ciphers in SSLeay\n",
-" -ssl2       - SSL2 mode\n",
-" -ssl3       - SSL3 mode\n",
-NULL
-};
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	int ret=1,i;
-	int verbose=0;
-	char **pp,*p;
-	int badops=0;
-	SSL_CTX *ctx=NULL;
-	SSL *ssl=NULL;
-	char *ciphers=NULL;
-	SSL_METHOD *meth=NULL;
-	STACK *sk;
-	char buf[512];
-	BIO *STDout=NULL;
-
-#if !defined(NO_SSL2) && !defined(NO_SSL3)
-	meth=SSLv23_server_method();
-#elif !defined(NO_SSL3)
-	meth=SSLv3_server_method();
-#elif !defined(NO_SSL2)
-	meth=SSLv2_server_method();
-#endif
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-	STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-v") == 0)
-			verbose=1;
-#ifndef NO_SSL2
-		else if (strcmp(*argv,"-ssl2") == 0)
-			meth=SSLv2_client_method();
-#endif
-#ifndef NO_SSL3
-		else if (strcmp(*argv,"-ssl3") == 0)
-			meth=SSLv3_client_method();
-#endif
-		else if ((strncmp(*argv,"-h",2) == 0) ||
-			 (strcmp(*argv,"-?") == 0))
-			{
-			badops=1;
-			break;
-			}
-		else
-			{
-			ciphers= *argv;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-		for (pp=ciphers_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,*pp);
-		goto end;
-		}
-
-	SSLeay_add_ssl_algorithms();
-
-	ctx=SSL_CTX_new(meth);
-	if (ctx == NULL) goto err;
-	if (ciphers != NULL)
-		SSL_CTX_set_cipher_list(ctx,ciphers);
-	ssl=SSL_new(ctx);
-	if (ssl == NULL) goto err;
-
-
-	if (!verbose)
-		{
-		for (i=0; ; i++)
-			{
-			p=SSL_get_cipher_list(ssl,i);
-			if (p == NULL) break;
-			if (i != 0) BIO_printf(STDout,":");
-			BIO_printf(STDout,"%s",p);
-			}
-		BIO_printf(STDout,"\n");
-		}
-	else
-		{
-		sk=SSL_get_ciphers(ssl);
-
-		for (i=0; i<sk_num(sk); i++)
-			{
-			BIO_puts(STDout,SSL_CIPHER_description(
-				(SSL_CIPHER *)sk_value(sk,i),
-				buf,512));
-			}
-		}
-
-	ret=0;
-	if (0)
-		{
-err:
-		SSL_load_error_strings();
-		ERR_print_errors(bio_err);
-		}
-end:
-	if (ctx != NULL) SSL_CTX_free(ctx);
-	if (ssl != NULL) SSL_free(ssl);
-	if (STDout != NULL) BIO_free(STDout);
-	EXIT(ret);
-	}
-

apps/client.pem

@@ -1,24 +0,0 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Client test cert (512 bit)
------BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQIwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU2WhcNOTgwNjA5
-MTM1NzU2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0IGNl
-cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i2Plw
-Z1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs62NNt
-XrT8odkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBwtMmI7oGUG8nKmftQssATViH5
-NRRtoEw07DxJp/LfatHdrhqQB73eGdL5WILZJXk46Xz2e9WMSUjVCSYhdKxtflU3
-UR2Ajv1Oo0sTNdfz0wDqJNirLNtzyhhsaq8qMTrLwXrCP31VxBiigFSQSUFnZyTE
-9TKwhS4GlwbtCfxSKQ==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm
-q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko
-/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1
-HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0
-ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/
-nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw
-ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg==
------END RSA PRIVATE KEY-----

apps/crl.c

@@ -1,307 +0,0 @@
-/* apps/crl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include "bio.h"
-#include "err.h"
-#include "x509.h"
-#include "x509v3.h"
-#include "pem.h"
-
-#undef PROG
-#define PROG	crl_main
-
-#undef POSTFIX
-#define	POSTFIX	".rvk"
-
-static char *crl_usage[]={
-"usage: crl args\n",
-"\n",
-" -inform arg     - input format - default PEM (one of DER, TXT or PEM)\n",
-" -outform arg    - output format - default PEM\n",
-" -text           - print out a text format version\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -hash           - print hash value\n",
-" -issuer         - print issuer DN\n",
-" -lastupdate     - lastUpdate field\n",
-" -nextupdate     - nextUpdate field\n",
-" -noout          - no CRL output\n",
-NULL
-};
-
-#ifndef NOPROTO
-static X509_CRL *load_crl(char *file, int format);
-#else
-static X509_CRL *load_crl();
-#endif
-
-static BIO *bio_out=NULL;
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	X509_CRL *x=NULL;
-	int ret=1,i,num,badops=0;
-	BIO *out=NULL;
-	int informat,outformat;
-	char *infile=NULL,*outfile=NULL;
-	int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
-	char **pp,buf[256];
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (bio_out == NULL)
-		if ((bio_out=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	argc--;
-	argv++;
-	num=0;
-	while (argc >= 1)
-		{
-#ifdef undef
-		if	(strcmp(*argv,"-p") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!args_from_file(++argv,Nargc,Nargv)) { goto end; }*/
-			}
-#endif
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-text") == 0)
-			text = 1;
-		else if (strcmp(*argv,"-hash") == 0)
-			hash= ++num;
-		else if (strcmp(*argv,"-issuer") == 0)
-			issuer= ++num;
-		else if (strcmp(*argv,"-lastupdate") == 0)
-			lastupdate= ++num;
-		else if (strcmp(*argv,"-nextupdate") == 0)
-			nextupdate= ++num;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout= ++num;
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		for (pp=crl_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,*pp);
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-	X509V3_add_standard_extensions();
-	x=load_crl(infile,informat);
-	if (x == NULL) { goto end; }
-
-	if (num)
-		{
-		for (i=1; i<=num; i++)
-			{
-			if (issuer == i)
-				{
-				X509_NAME_oneline(x->crl->issuer,buf,256);
-				BIO_printf(bio_out,"issuer= %s\n",buf);
-				}
-
-			if (hash == i)
-				{
-				BIO_printf(bio_out,"%08lx\n",
-					X509_NAME_hash(x->crl->issuer));
-				}
-			if (lastupdate == i)
-				{
-				BIO_printf(bio_out,"lastUpdate=");
-				ASN1_TIME_print(bio_out,x->crl->lastUpdate);
-				BIO_printf(bio_out,"\n");
-				}
-			if (nextupdate == i)
-				{
-				BIO_printf(bio_out,"nextUpdate=");
-				if (x->crl->nextUpdate != NULL)
-					ASN1_TIME_print(bio_out,x->crl->nextUpdate);
-				else
-					BIO_printf(bio_out,"NONE");
-				BIO_printf(bio_out,"\n");
-				}
-			}
-		}
-
-	if (noout) goto end;
-
-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (text) X509_CRL_print(out, x);
-	if 	(outformat == FORMAT_ASN1)
-		i=(int)i2d_X509_CRL_bio(out,x);
-	else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_X509_CRL(out,x);
-	else	
-		{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
-	ret=0;
-end:
-	BIO_free(out);
-	BIO_free(bio_out);
-	X509_CRL_free(x);
-	X509V3_EXT_cleanup();
-	EXIT(ret);
-	}
-
-static X509_CRL *load_crl(infile, format)
-char *infile;
-int format;
-	{
-	X509_CRL *x=NULL;
-	BIO *in=NULL;
-
-	in=BIO_new(BIO_s_file());
-	if (in == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if 	(format == FORMAT_ASN1)
-		x=d2i_X509_CRL_bio(in,NULL);
-	else if (format == FORMAT_PEM)
-		x=PEM_read_bio_X509_CRL(in,NULL,NULL);
-	else	{
-		BIO_printf(bio_err,"bad input format specified for input crl\n");
-		goto end;
-		}
-	if (x == NULL)
-		{
-		BIO_printf(bio_err,"unable to load CRL\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	
-end:
-	BIO_free(in);
-	return(x);
-	}
-

apps/crl.out

@@ -1,8 +0,0 @@
------BEGIN X509 CRL-----
-MIIBDjCBuTANBgkqhkiG9w0BAQQFADBgMQswCQYDVQQGEwJBVTEMMAoGA1UECBMD
-UUxEMRkwFwYDVQQKExBNaW5jb20gUHR5LiBMdGQuMQswCQYDVQQLEwJDUzEbMBkG
-A1UEAxMSU1NMZWF5IGRlbW8gc2VydmVyFw05NzA3MDkwMDAwMjJaFw05NzA4MDgw
-MDAwMjJaMCgwEgIBARcNOTUxMDA5MjMzMjA1WjASAgEDFw05NTEyMDEwMTAwMDBa
-MA0GCSqGSIb3DQEBBAUAA0EAcEBIWVZPXxSlLMPPLfBi4s0N3lzTgskZkgO6pjZi
-oQRwh5vi5zFqDNQteGx7RTHpUYntgyoAZ87FZE0GOJgBaQ==
------END X509 CRL-----

apps/crl2p7.c

@@ -1,342 +0,0 @@
-/* apps/crl2p7.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* This was written by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu>
- * and donated 'to the cause' along with lots and lots of other fixes to
- * the library. */
-
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "apps.h"
-#include "err.h"
-#include "evp.h"
-#include "x509.h"
-#include "pkcs7.h"
-#include "pem.h"
-#include "objects.h"
-
-#ifndef NOPROTO
-static int add_certs_from_file(STACK *stack, char *certfile);
-#else
-static int add_certs_from_file();
-#endif
-
-#undef PROG
-#define PROG	crl2pkcs7_main
-
-/* -inform arg	- input format - default PEM (one of DER, TXT or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- */
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	int i,badops=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat;
-	char *infile,*outfile,*prog,*certfile;
-	PKCS7 *p7 = NULL;
-	PKCS7_SIGNED *p7s = NULL;
-	X509_CRL *crl=NULL;
-	STACK *certflst=NULL;
-	STACK *crl_stack=NULL;
-	STACK *cert_stack=NULL;
-	int ret=1,nocrl=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-nocrl") == 0)
-			{
-			nocrl=1;
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-certfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if(!certflst) certflst = sk_new(NULL);
-			sk_push(certflst,*(++argv));
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg    input format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -outform arg   output format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg        input file\n");
-		BIO_printf(bio_err," -out arg       output file\n");
-		BIO_printf(bio_err," -certfile arg  certificates file of chain to a trusted CA\n");
-		BIO_printf(bio_err,"                (can be used more than once)\n");
-		BIO_printf(bio_err," -nocrl         no crl to load, just certs from '-certfile'\n");
-		EXIT(1);
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (!nocrl)
-		{
-		if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		else
-			{
-			if (BIO_read_filename(in,infile) <= 0)
-				{
-				perror(infile);
-				goto end;
-				}
-			}
-
-		if 	(informat == FORMAT_ASN1)
-			crl=d2i_X509_CRL_bio(in,NULL);
-		else if (informat == FORMAT_PEM)
-			crl=PEM_read_bio_X509_CRL(in,NULL,NULL);
-		else	{
-			BIO_printf(bio_err,"bad input format specified for input crl\n");
-			goto end;
-			}
-		if (crl == NULL)
-			{
-			BIO_printf(bio_err,"unable to load CRL\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	
-	if ((p7=PKCS7_new()) == NULL) goto end;
-	if ((p7s=PKCS7_SIGNED_new()) == NULL) goto end;
-	p7->type=OBJ_nid2obj(NID_pkcs7_signed);
-	p7->d.sign=p7s;
-	p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data);
-
-	if (!ASN1_INTEGER_set(p7s->version,1)) goto end;
-	if ((crl_stack=sk_new(NULL)) == NULL) goto end;
-	p7s->crl=crl_stack;
-	if (crl != NULL)
-		{
-		sk_push(crl_stack,(char *)crl);
-		crl=NULL; /* now part of p7 for Freeing */
-		}
-
-	if ((cert_stack=sk_new(NULL)) == NULL) goto end;
-	p7s->cert=cert_stack;
-
-	if(certflst) for(i = 0; i < sk_num(certflst); i++) {
-		certfile = sk_value(certflst, i);
-		if (add_certs_from_file(cert_stack,certfile) < 0)
-			{
-			BIO_printf(bio_err, "error loading certificates\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-	}
-
-	sk_free(certflst);
-
-	if (outfile == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if 	(outformat == FORMAT_ASN1)
-		i=i2d_PKCS7_bio(out,p7);
-	else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_PKCS7(out,p7);
-	else	{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (!i)
-		{
-		BIO_printf(bio_err,"unable to write pkcs7 object\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free(out);
-	if (p7 != NULL) PKCS7_free(p7);
-	if (crl != NULL) X509_CRL_free(crl);
-
-	EXIT(ret);
-	}
-
-/*
- *----------------------------------------------------------------------
- * int add_certs_from_file
- *
- *	Read a list of certificates to be checked from a file.
- *
- * Results:
- *	number of certs added if successful, -1 if not.
- *----------------------------------------------------------------------
- */
-static int add_certs_from_file(stack,certfile)
-STACK *stack;
-char *certfile;
-	{
-	struct stat st;
-	BIO *in=NULL;
-	int count=0;
-	int ret= -1;
-	STACK *sk=NULL;
-	X509_INFO *xi;
-
-	if ((stat(certfile,&st) != 0))
-		{
-		BIO_printf(bio_err,"unable to load the file, %s\n",certfile);
-		goto end;
-		}
-
-	in=BIO_new(BIO_s_file());
-	if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0))
-		{
-		BIO_printf(bio_err,"error opening the file, %s\n",certfile);
-		goto end;
-		}
-
-	/* This loads from a file, a stack of x509/crl/pkey sets */
-	sk=PEM_X509_INFO_read_bio(in,NULL,NULL);
-	if (sk == NULL) {
-		BIO_printf(bio_err,"error reading the file, %s\n",certfile);
-		goto end;
-	}
-
-	/* scan over it and pull out the CRL's */
-	while (sk_num(sk))
-		{
-		xi=(X509_INFO *)sk_shift(sk);
-		if (xi->x509 != NULL)
-			{
-			sk_push(stack,(char *)xi->x509);
-			xi->x509=NULL;
-			count++;
-			}
-		X509_INFO_free(xi);
-		}
-
-	ret=count;
-end:
- 	/* never need to Free x */
-	if (in != NULL) BIO_free(in);
-	if (sk != NULL) sk_free(sk);
-	return(ret);
-	}
-

apps/demoCA/cacert.pem

@@ -1,14 +0,0 @@
-subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
------BEGIN X509 CERTIFICATE-----
-
-MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
-BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
-MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
-RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
-BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
-LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
-/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
-DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
-IMs6ZOZB
------END X509 CERTIFICATE-----

apps/demoCA/index.txt

@@ -1,39 +0,0 @@
-R	980705233205Z	951009233205Z	01	certs/00000001	/CN=Eric Young
-E	951009233205Z		02	certs/00000002	/CN=Duncan Young
-R	980705233205Z	951201010000Z	03	certs/00000003	/CN=Tim Hudson
-V	980705233205Z		04	certs/00000004	/CN=Eric Young4
-V	980705233205Z		05	certs/00000004	/CN=Eric Young5
-V	980705233205Z		06	certs/00000004	/CN=Eric Young6
-V	980705233205Z		07	certs/00000004	/CN=Eric Young7
-V	980705233205Z		08	certs/00000004	/CN=Eric Young8
-V	980705233205Z		09	certs/00000004	/CN=Eric Young9
-V	980705233205Z		0A	certs/00000004	/CN=Eric YoungA
-V	980705233205Z		0B	certs/00000004	/CN=Eric YoungB
-V	980705233205Z		0C	certs/00000004	/CN=Eric YoungC
-V	980705233205Z		0D	certs/00000004	/CN=Eric YoungD
-V	980705233205Z		0E	certs/00000004	/CN=Eric YoungE
-V	980705233205Z		0F	certs/00000004	/CN=Eric YoungF
-V	980705233205Z		10	certs/00000004	/CN=Eric Young10
-V	980705233205Z		11	certs/00000004	/CN=Eric Young11
-V	980705233205Z		12	certs/00000004	/CN=Eric Young12
-V	980705233205Z		13	certs/00000004	/CN=Eric Young13
-V	980705233205Z		14	certs/00000004	/CN=Eric Young14
-V	980705233205Z		15	certs/00000004	/CN=Eric Young15
-V	980705233205Z		16	certs/00000004	/CN=Eric Young16
-V	980705233205Z		17	certs/00000004	/CN=Eric Young17
-V	961206150305Z		010C	unknown	/C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
-V	961206153245Z		010D	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
-V	970322074816Z		010E	unknown	/CN=Eric Young/Email=eay@mincom.oz.au
-V	970322075152Z		010F	unknown	/CN=Eric Young
-V	970322075906Z		0110	unknown	/CN=Eric Youngg
-V	970324092238Z		0111	unknown	/C=AU/SP=Queensland/CN=Eric Young
-V	970324221931Z		0112	unknown	/CN=Fred
-V	970324224934Z		0113	unknown	/C=AU/CN=eay
-V	971001005237Z		0114	unknown	/C=AU/SP=QLD/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
-V	971001010331Z		0115	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test again - x509v3
-V	971001013945Z		0117	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
-V	971014225415Z		0118	unknown	/C=AU/SP=Queensland/CN=test
-V	971015004448Z		0119	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test2
-V	971016035001Z		011A	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test64
-V	971016080129Z		011B	unknown	/C=FR/O=ALCATEL/OU=Alcatel Mobile Phones/CN=bourque/Email=bourque@art.alcatel.fr
-V	971016224000Z		011D	unknown	/L=Bedford/O=Cranfield University/OU=Computer Centre/CN=Peter R Lister/Email=P.Lister@cranfield.ac.uk

apps/demoCA/private/cakey.pem

@@ -1,24 +0,0 @@
-issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
------BEGIN X509 CERTIFICATE-----
-
-MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
-BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
-MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
-RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
-BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
-LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
-/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
-DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
-IMs6ZOZB
------END X509 CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-
-MIIBPAIBAAJBALcsJdxJxa5rQ8UuQcEubZV6OqkDUXhFDyrRWNGI9p+PH9n9pYfe
-Kl0xW+4kZr/AVdv+cMUsOV9an6gI/CEG1U8CAwEAAQJAXJMBZ34ZXHd1vtgL/3hZ
-hexKbVTx/djZO4imXO/dxPGRzG2ylYZpHmG32/T1kaHpZlCHoEPgHoSzmxYXfxjG
-sQIhAPmZ/bQOjmRUHM/VM2X5zrjjM6z18R1P6l3ObFwt9FGdAiEAu943Yh9SqMRw
-tL0xHGxKmM/YJueUw1gB6sLkETN71NsCIQCeT3RhoqXfrpXDoEcEU+gwzjI1bpxq
-agiNTOLfqGoA5QIhAIQFYjgzONxex7FLrsKBm16N2SFl5pXsN9SpRqqL2n63AiEA
-g9VNIQ3xwpw7og3IbONifeku+J9qGMGQJMKwSTwrFtI=
------END RSA PRIVATE KEY-----

apps/demoCA/serial

@@ -1 +0,0 @@
-011E

apps/der_chop

@@ -1,305 +0,0 @@
-#!/usr/local/bin/perl
-#
-# der_chop ... this is one total hack that Eric is really not proud of
-#              so don't look at it and don't ask for support
-#
-# The "documentation" for this (i.e. all the comments) are my fault --tjh
-#
-# This program takes the "raw" output of derparse/asn1parse and 
-# converts it into tokens and then runs regular expression matches
-# to try to figure out what to grab to get the things that are needed
-# and it is possible that this will do the wrong thing as it is a *hack*
-#
-# SSLeay 0.5.2+ should have direct read support for x509 (via -inform NET)
-# [I know ... promises promises :-)]
-#
-# To convert a Netscape Certificate:
-#    der_chop < ServerCert.der > cert.pem
-# To convert a Netscape Key (and encrypt it again to protect it)
-#    rsa -inform NET -in ServerKey.der -des > key.pem
-#
-# 23-Apr-96 eay    Added the extra ASN.1 string types, I still think this
-#		   is an evil hack.  If nothing else the parsing should
-#		   be relative, not absolute.
-# 19-Apr-96 tjh    hacked (with eay) into 0.5.x format
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-
-require 'getopts.pl';
-
-$debug=0;
-
-# this was the 0.4.x way of doing things ...
-$cmd="derparse";
-$x509_cmd="x509";
-$crl_cmd="crl";
-$rc4_cmd="rc4";
-$md2_cmd="md2";
-$md4_cmd="md4";
-$rsa_cmd="rsa -des -inform der ";
-
-# this was the 0.5.x way of doing things ...
-$cmd="openssl asn1parse";
-$x509_cmd="openssl x509";
-$crl_cmd="openssl crl";
-$rc4_cmd="openssl rc4";
-$md2_cmd="openssl md2";
-$md4_cmd="openssl md4";
-$rsa_cmd="openssl rsa -des -inform der ";
-
-&Getopts('vd:') || die "usage:$0 [-v] [-d num] file";
-$depth=($opt_d =~ /^\d+$/)?$opt_d:0;
-
-&init_der();
-
-if ($#ARGV != -1)
-	{
-	foreach $file (@ARGV)
-		{
-		print STDERR "doing $file\n";
-		&dofile($file);
-		}
-	}
-else
-	{
-	$file="/tmp/a$$.DER";
-	open(OUT,">$file") || die "unable to open $file:$!\n";
-	for (;;)
-		{
-		$i=sysread(STDIN,$b,1024*10);
-		last if ($i <= 0);
-		$i=syswrite(OUT,$b,$i);
-		}
-	&dofile($file);
-	unlink($file);
-	}
-	
-sub dofile
-	{
-	local($file)=@_;
-	local(@p);
-
-	$b=&load_file($file);
-	@p=&load_file_parse($file);
-
-	foreach $_ (@p)
-		{
-		($off,$d,$hl,$len)=&parse_line($_);
-		$d-=$depth;
-		next if ($d != 0);
-		next if ($len == 0);
-
-		$o=substr($b,$off,$len+$hl);
-		($str,@data)=&der_str($o);
-		print "$str\n" if ($opt_v);
-		if ($str =~ /^$crl/)
-			{
-			open(OUT,"|$crl_cmd -inform d -hash -issuer") ||
-				die "unable to run $crl_cmd:$!\n";
-			print OUT $o;
-			close(OUT);
-			}
-		elsif ($str =~ /^$x509/)
-			{
-			open(OUT,"|$x509_cmd -inform d -hash -subject -issuer")
-				|| die "unable to run $x509_cmd:$!\n";
-			print OUT $o;
-			close(OUT);
-			}
-		elsif ($str =~ /^$rsa/)
-			{
-			($type)=($data[3] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
-			next unless ($type eq "rsaEncryption");
-			($off,$d,$hl,$len)=&parse_line($data[5]);
-			$os=substr($o,$off+$hl,$len);
-			open(OUT,"|$rsa_cmd")
-				|| die "unable to run $rsa_cmd:$!\n";
-			print OUT $os;
-			close(OUT);
-			}
-		elsif ($str =~ /^0G-1D-1G/)
-			{
-			($off,$d,$hl,$len)=&parse_line($data[1]);
-			$os=substr($o,$off+$hl,$len);
-			print STDERR "<$os>\n" if $opt_v;
-			&do_certificate($o,@data)
-				if (($os eq "certificate") &&
-				    ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
-			&do_private_key($o,@data)
-				if (($os eq "private-key") &&
-				    ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
-			}
-		}
-	}
-
-sub der_str
-	{
-	local($str)=@_;
-	local(*OUT,*IN,@a,$t,$d,$ret);
-	local($file)="/tmp/b$$.DER";
-	local(@ret);
-
-	open(OUT,">$file");
-	print OUT $str;
-	close(OUT);
-	open(IN,"$cmd -inform 'd' -in $file |") ||
-		die "unable to run $cmd:$!\n";
-	$ret="";
-	while (<IN>)
-		{
-		chop;
-		push(@ret,$_);
-
-		print STDERR "$_\n" if ($debug);
-
-		@a=split(/\s*:\s*/);
-		($d)=($a[1] =~ /d=\s*(\d+)/);
-		$a[2] =~ s/\s+$//;
-		$t=$DER_s2i{$a[2]};
-		$ret.="$d$t-";
-		}
-	close(IN);
-	unlink($file);
-	chop $ret;
-	$ret =~ s/(-3H(-4G-5F-5[IJKMQRS])+)+/-NAME/g;
-	$ret =~ s/(-3G-4B-4L)+/-RCERT/g;
-	return($ret,@ret);
-	}
-
-sub init_der
-	{
-	$crl= "0G-1G-2G-3F-3E-2G-NAME-2L-2L-2G-RCERT-1G-2F-2E-1C";
-	$x509="0G-1G-2B-2G-3F-3E-2G-NAME-2G-3L-3L-2G-NAME-2G-3G-4F-4E-3C-1G-2F-2E-1C";
-	$rsa= "0G-1B-1G-2F-2E-1D";
-
-	%DER_i2s=(
-		# SSLeay 0.4.x has this list
-		"A","EOC",
-		"B","INTEGER",
-		"C","BIT STRING",
-		"D","OCTET STRING",
-		"E","NULL",
-		"F","OBJECT",
-		"G","SEQUENCE",
-		"H","SET",
-		"I","PRINTABLESTRING",
-		"J","T61STRING",
-		"K","IA5STRING",
-		"L","UTCTIME",
-		"M","NUMERICSTRING",
-		"N","VIDEOTEXSTRING",
-		"O","GENERALIZEDTIME",
-		"P","GRAPHICSTRING",
-		"Q","ISO64STRING",
-		"R","GENERALSTRING",
-		"S","UNIVERSALSTRING",
-
-		# SSLeay 0.5.x changed some things ... and I'm
-		# leaving in the old stuff but adding in these
-		# to handle the new as well --tjh
-		# - Well I've just taken them out and added the extra new
-		# ones :-) - eay
-		);
-
-	foreach (keys %DER_i2s)
-		{ $DER_s2i{$DER_i2s{$_}}=$_; }
-	}
-
-sub parse_line
-	{
-	local($_)=@_;
-
-	return(/\s*(\d+):d=\s*(\d+)\s+hl=\s*(\d+)\s+l=\s*(\d+|inf)\s/);
-	}
-
-#  0:d=0 hl=4 l=377 cons: univ: SEQUENCE          
-#  4:d=1 hl=2 l= 11 prim: univ: OCTET_STRING      
-# 17:d=1 hl=4 l=360 cons: univ: SEQUENCE          
-# 21:d=2 hl=2 l= 12 cons: univ: SEQUENCE          
-# 23:d=3 hl=2 l=  8 prim: univ: OBJECT_IDENTIFIER :rc4
-# 33:d=3 hl=2 l=  0 prim: univ: NULL              
-# 35:d=2 hl=4 l=342 prim: univ: OCTET_STRING
-sub do_private_key
-	{
-	local($data,@struct)=@_;
-	local($file)="/tmp/b$$.DER";
-	local($off,$d,$hl,$len,$_,$b,@p,$s);
-
-	($type)=($struct[4] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
-	if ($type eq "rc4")
-		{
-		($off,$d,$hl,$len)=&parse_line($struct[6]);
-		open(OUT,"|$rc4_cmd >$file") ||
-			die "unable to run $rc4_cmd:$!\n";
-		print OUT substr($data,$off+$hl,$len);
-		close(OUT);
-
-		$b=&load_file($file);
-		unlink($file);
-
-		($s,@p)=&der_str($b);
-		die "unknown rsa key type\n$s\n"
-			if ($s ne '0G-1B-1G-2F-2E-1D');
-		local($off,$d,$hl,$len)=&parse_line($p[5]);
-		$b=substr($b,$off+$hl,$len);
-		($s,@p)=&der_str($b);
-		open(OUT,"|$rsa_cmd") || die "unable to run $rsa_cmd:$!\n";
-		print OUT $b;
-		close(OUT);
-		}
-	else
-		{
-		print "'$type' is unknown\n";
-		exit(1);
-		}
-	}
-
-sub do_certificate
-	{
-	local($data,@struct)=@_;
-	local($file)="/tmp/b$$.DER";
-	local($off,$d,$hl,$len,$_,$b,@p,$s);
-
-	($off,$d,$hl,$len)=&parse_line($struct[2]);
-	$b=substr($data,$off,$len+$hl);
-
-	open(OUT,"|$x509_cmd -inform d") || die "unable to run $x509_cmd:$!\n";
-	print OUT $b;
-	close(OUT);
-	}
-
-sub load_file
-	{
-	local($file)=@_;
-	local(*IN,$r,$b,$i);
-
-	$r="";
-	open(IN,"<$file") || die "unable to open $file:$!\n";
-	for (;;)
-		{
-		$i=sysread(IN,$b,10240);
-		last if ($i <= 0);
-		$r.=$b;
-		}
-	close(IN);
-	return($r);
-	}
-
-sub load_file_parse
-	{
-	local($file)=@_;
-	local(*IN,$r,@ret,$_,$i,$n,$b);
-
-	open(IN,"$cmd -inform d -in $file|")
-		|| die "unable to run der_parse\n";
-	while (<IN>)
-		{
-		chop;
-		push(@ret,$_);
-		}
-	return($r,@ret);
-	}
-

apps/dgst.c

@@ -1,229 +0,0 @@
-/* apps/dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include "apps.h"
-#include "bio.h"
-#include "err.h"
-#include "evp.h"
-#include "objects.h"
-#include "x509.h"
-#include "pem.h"
-
-#undef BUFSIZE
-#define BUFSIZE	1024*8
-
-#undef PROG
-#define PROG	dgst_main
-
-#ifndef NOPROTO
-void do_fp(unsigned char *buf,BIO *f,int sep);
-#else
-void do_fp();
-#endif
-
-int MAIN(argc,argv)
-int argc;
-char **argv;
-	{
-	unsigned char *buf=NULL;
-	int i,err=0;
-	EVP_MD *md=NULL,*m;
-	BIO *in=NULL,*inp;
-	BIO *bmd=NULL;
-	char *name;
-#define PROG_NAME_SIZE  16
-        char pname[PROG_NAME_SIZE];
-	int separator=0;
-	int debug=0;
-
-	apps_startup();
-
-	if ((buf=(unsigned char *)Malloc(BUFSIZE)) == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		goto end;
-		}
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	/* first check the program name */
-        program_name(argv[0],pname,PROG_NAME_SIZE);
-
-	md=EVP_get_digestbyname(pname);
-
-	argc--;
-	argv++;
-	for (i=0; i<argc; i++)
-		{
-		if ((*argv)[0] != '-') break;
-		if (strcmp(*argv,"-c") == 0)
-			separator=1;
-		else if (strcmp(*argv,"-d") == 0)
-			debug=1;
-		else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
-			md=m;
-		else
-			break;
-		argc--;
-		argv++;
-		}
-
-	if (md == NULL)
-		md=EVP_md5();
-
-	if ((argc > 0) && (argv[0][0] == '-')) /* bad option */
-		{
-		BIO_printf(bio_err,"unknown option '%s'\n",*argv);
-		BIO_printf(bio_err,"options are\n");
-		BIO_printf(bio_err,"-c   to output the digest with separating colons\n");
-		BIO_printf(bio_err,"-d   to output debug info\n");
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
-			LN_md5,LN_md5);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_md2,LN_md2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_sha1,LN_sha1);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_sha,LN_sha);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_mdc2,LN_mdc2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_ripemd160,LN_ripemd160);
-		err=1;
-		goto end;
-		}
-	
-	in=BIO_new(BIO_s_file());
-	bmd=BIO_new(BIO_f_md());
-	if (debug)
-		{
-		BIO_set_callback(in,BIO_debug_callback);
-		/* needed for windows 3.1 */
-		BIO_set_callback_arg(in,bio_err);
-		}
-
-	if ((in == NULL) || (bmd == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	/* we use md as a filter, reading from 'in' */
-	BIO_set_md(bmd,md);
-	inp=BIO_push(bmd,in);
-
-	if (argc == 0)
-		{
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		do_fp(buf,inp,separator);
-		}
-	else
-		{
-		name=OBJ_nid2sn(md->type);
-		for (i=0; i<argc; i++)
-			{
-			if (BIO_read_filename(in,argv[i]) <= 0)
-				{
-				perror(argv[i]);
-				err++;
-				continue;
-				}
-			printf("%s(%s)= ",name,argv[i]);
-			do_fp(buf,inp,separator);
-			BIO_reset(bmd);
-			}
-		}
-end:
-	if (buf != NULL)
-		{
-		memset(buf,0,BUFSIZE);
-		Free(buf);
-		}
-	if (in != NULL) BIO_free(in);
-	if (bmd != NULL) BIO_free(bmd);
-	EXIT(err);
-	}
-
-void do_fp(buf,bp,sep)
-unsigned char *buf;
-BIO *bp;
-int sep;
-	{
-	int len;
-	int i;
-
-	for (;;)
-		{
-		i=BIO_read(bp,(char *)buf,BUFSIZE);
-		if (i <= 0) break;
-		}
-	len=BIO_gets(bp,(char *)buf,BUFSIZE);
-
-	for (i=0; i<len; i++)
-		{
-		if (sep && (i != 0))
-			putc(':',stdout);
-		printf("%02x",buf[i]);
-		}
-	printf("\n");
-	}
-

apps/dh.c

@@ -1,312 +0,0 @@
-/* apps/dh.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include "apps.h"
-#include "bio.h"
-#include "err.h"
-#include "bn.h"
-#include "dh.h"
-#include "x509.h"
-#include "pem.h"
-
-#undef PROG
-#define PROG	dh_main
-
-/* -inform arg	- input format - default PEM (one of DER, TXT or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -check	- check the parameters are ok
- * -noout
- * -text
- * -C
- */
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	DH *dh=NULL;
-	int i,badops=0,text=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,check=0,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-check") == 0)
-			check=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-C") == 0)
-			C=1;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -check        check the DH parameters\n");
-		BIO_printf(bio_err," -text         print a text form of the DH parameters\n");
-		BIO_printf(bio_err," -C            Output C code\n");
-		BIO_printf(bio_err," -noout        no output\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if (outfile == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if	(informat == FORMAT_ASN1)
-		dh=d2i_DHparams_bio(in,NULL);
-	else if (informat == FORMAT_PEM)
-		dh=PEM_read_bio_DHparams(in,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified\n");
-		goto end;
-		}
-	if (dh == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DH parameters\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	
-
-	if (text)
-		{
-		DHparams_print(out,dh);
-#ifdef undef
-		printf("p=");
-		BN_print(stdout,dh->p);
-		printf("\ng=");
-		BN_print(stdout,dh->g);
-		printf("\n");
-		if (dh->length != 0)
-			printf("recomented private length=%ld\n",dh->length);
-#endif
-		}
-	
-	if (check)
-		{
-		if (!DH_check(dh,&i))
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		if (i & DH_CHECK_P_NOT_PRIME)
-			printf("p value is not prime\n");
-		if (i & DH_CHECK_P_NOT_STRONG_PRIME)
-			printf("p value is not a strong prime\n");
-		if (i & DH_UNABLE_TO_CHECK_GENERATOR)
-			printf("unable to check the generator value\n");
-		if (i & DH_NOT_SUITABLE_GENERATOR)
-			printf("the g value is not a generator\n");
-		if (i == 0)
-			printf("DH parameters appear to be ok.\n");
-		}
-	if (C)
-		{
-		unsigned char *data;
-		int len,l,bits;
-
-		len=BN_num_bytes(dh->p);
-		bits=BN_num_bits(dh->p);
-		data=(unsigned char *)Malloc(len);
-		if (data == NULL)
-			{
-			perror("Malloc");
-			goto end;
-			}
-		l=BN_bn2bin(dh->p,data);
-		printf("static unsigned char dh%d_p[]={",bits);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t};\n");
-
-		l=BN_bn2bin(dh->g,data);
-		printf("static unsigned char dh%d_g[]={",bits);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t};\n\n");
-
-		printf("DH *get_dh%d()\n\t{\n",bits);
-		printf("\tDH *dh;\n\n");
-		printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
-		printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
-			bits,bits);
-		printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
-			bits,bits);
-		printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
-		printf("\t\treturn(NULL);\n");
-		printf("\treturn(dh);\n\t}\n");
-		}
-
-
-	if (!noout)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DHparams_bio(out,dh);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DHparams(out,dh);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write DH paramaters\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free(out);
-	if (dh != NULL) DH_free(dh);
-	EXIT(ret);
-	}

apps/dh1024.pem

@@ -1,5 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
-/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
-/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
------END DH PARAMETERS-----

apps/dsa-ca.pem

@@ -1,40 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBugIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
-PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
-u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
-Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
-hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
-SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
-Mu0OArgCgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuHvSLw9YUrJahcBHmbpvt4
-94lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUqAylOVFJJJXuirVJ+o+0T
-tOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u3enxhqnDGQIUB78dhW77
-J6zsFbSEHaQGUmfSeoM=
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
-ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
-sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
-rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
-cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
-bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
-CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
-F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
-vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
-AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
-3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
-AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
-AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
-ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
-MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
-MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
-C1Q=
------END CERTIFICATE-----
-

apps/dsa-pca.pem

@@ -1,46 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBvAIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
-PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
-u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
-Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
-hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
-SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
-Mu0OArgCgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
-umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
-29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUCFQDNvrBz
-6TicfImU7UFRn9h00j0lJQ==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
-MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
-lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
-Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
-5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
-aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
-kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
-QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
-6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
-yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
-z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
-nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
-ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
-R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
-JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
-BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
-mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
-VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
-uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
-umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
-29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
-AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
-5rKUjNBhSg==
------END CERTIFICATE-----
-

apps/dsa.c

@@ -1,257 +0,0 @@
-/* apps/dsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include "apps.h"
-#include "bio.h"
-#include "err.h"
-#include "dsa.h"
-#include "evp.h"
-#include "x509.h"
-#include "pem.h"
-
-#undef PROG
-#define PROG	dsa_main
-
-/* -inform arg	- input format - default PEM (one of DER, NET or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -des		- encrypt output if PEM format with DES in cbc mode
- * -des3	- encrypt output if PEM format
- * -idea	- encrypt output if PEM format
- * -text	- print a text version
- * -modulus	- print the DSA public key
- */
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	int ret=1;
-	DSA *dsa=NULL;
-	int i,badops=0;
-	EVP_CIPHER *enc=NULL;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,text=0,noout=0;
-	char *infile,*outfile,*prog;
-	int modulus=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus=1;
-		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -des          encrypt PEM output with cbc des\n");
-		BIO_printf(bio_err," -des3         encrypt PEM output with ede cbc des using 168 bit key\n");
-#ifndef NO_IDEA
-		BIO_printf(bio_err," -idea         encrypt PEM output with cbc idea\n");
-#endif
-		BIO_printf(bio_err," -text         print the key in text\n");
-		BIO_printf(bio_err," -noout        don't print key out\n");
-		BIO_printf(bio_err," -modulus      print the DSA public value\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-
-	BIO_printf(bio_err,"read DSA private key\n");
-	if	(informat == FORMAT_ASN1)
-		dsa=d2i_DSAPrivateKey_bio(in,NULL);
-	else if (informat == FORMAT_PEM)
-		dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified for key\n");
-		goto end;
-		}
-	if (dsa == NULL)
-		{
-		BIO_printf(bio_err,"unable to load Private Key\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (text) 
-		if (!DSA_print(out,dsa,0))
-			{
-			perror(outfile);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-	if (modulus)
-		{
-		fprintf(stdout,"Public Key=");
-		BN_print(out,dsa->pub_key);
-		fprintf(stdout,"\n");
-		}
-
-	if (noout) goto end;
-	BIO_printf(bio_err,"writing DSA private key\n");
-	if 	(outformat == FORMAT_ASN1)
-		i=i2d_DSAPrivateKey_bio(out,dsa);
-	else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL);
-	else	{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (!i)
-		{
-		BIO_printf(bio_err,"unable to write private key\n");
-		ERR_print_errors(bio_err);
-		}
-	else
-		ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free(out);
-	if (dsa != NULL) DSA_free(dsa);
-	EXIT(ret);
-	}
-

apps/dsa1024.pem

@@ -1,9 +0,0 @@
------BEGIN DSA PARAMETERS-----
-MIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQPnUx
-mUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtelu+Us
-OSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcHMe36
-bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLsohkj8
-3pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbuSXQH
-zlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7YMu0O
-Arg=
------END DSA PARAMETERS-----

apps/dsa512.pem

@@ -1,6 +0,0 @@
------BEGIN DSA PARAMETERS-----
-MIGdAkEAnRtpjibb8isRcBmG9hnI+BnyGFOURgbQYlAzSwI8UjADizv5X9EkBk97
-TLqqQJv9luQ3M7stWtdaEUBmonZ9MQIVAPtT71C0QJIxVoZTeuiLIppJ+3GPAkEA
-gz6I5cWJc847bAFJv7PHnwrqRJHlMKrZvltftxDXibeOdPvPKR7rqCxUUbgQ3qDO
-L8wka5B33qJoplISogOdIA==
------END DSA PARAMETERS-----

apps/dsap.pem

@@ -1,6 +0,0 @@
------BEGIN DSA PARAMETERS-----
-MIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZS4J1PHvPrm9MXj5ntVheDPkdmBDTncya
-GAJcMjwsyB/GvLDGd6yGCw/8eF+09wIVAK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2
-t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjgtWiJc/tpvcuzeuAayH89UofjAGueKjXD
-ADiRffvSdhrNw5dkqdql
------END DSA PARAMETERS-----

apps/dsaparam.c

@@ -1,361 +0,0 @@
-/* apps/dsaparam.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include "apps.h"
-#include "bio.h"
-#include "err.h"
-#include "bn.h"
-#include "rand.h"
-#include "dsa.h"
-#include "x509.h"
-#include "pem.h"
-
-#undef PROG
-#define PROG	dsaparam_main
-
-/* -inform arg	- input format - default PEM (one of DER, TXT or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -noout
- * -text
- * -C
- * -noout
- * -genkey
- */
-
-#ifndef NOPROTO
-static void MS_CALLBACK dsa_cb(int p, int n, char *arg);
-#else
-static void MS_CALLBACK dsa_cb();
-#endif
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	DSA *dsa=NULL;
-	int i,badops=0,text=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog,*inrand=NULL;
-	int numbits= -1,num,genkey=0;
-	char buffer[200],*randfile=NULL;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-C") == 0)
-			C=1;
-		else if (strcmp(*argv,"-genkey") == 0)
-			genkey=1;
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (sscanf(*argv,"%d",&num) == 1)
-			{
-			/* generate a key */
-			numbits=num;
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] [bits] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -text         check the DSA parameters\n");
-		BIO_printf(bio_err," -C            Output C code\n");
-		BIO_printf(bio_err," -noout        no output\n");
-		BIO_printf(bio_err," -rand         files to use for random number input\n");
-		BIO_printf(bio_err," number        number of bits to use for generating private key\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if (outfile == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (numbits > 0)
-		{
-		randfile=RAND_file_name(buffer,200);
-		RAND_load_file(randfile,1024L*1024L);
-
-		BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
-	        BIO_printf(bio_err,"This could take some time\n");
-	        dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,
-			dsa_cb,(char *)bio_err);
-		}
-	else if	(informat == FORMAT_ASN1)
-		dsa=d2i_DSAparams_bio(in,NULL);
-	else if (informat == FORMAT_PEM)
-		dsa=PEM_read_bio_DSAparams(in,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified\n");
-		goto end;
-		}
-	if (dsa == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DSA parameters\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (text)
-		{
-		DSAparams_print(out,dsa);
-		}
-	
-	if (C)
-		{
-		unsigned char *data;
-		int l,len,bits_p,bits_q,bits_g;
-
-		len=BN_num_bytes(dsa->p);
-		bits_p=BN_num_bits(dsa->p);
-		bits_q=BN_num_bits(dsa->q);
-		bits_g=BN_num_bits(dsa->g);
-		data=(unsigned char *)Malloc(len+20);
-		if (data == NULL)
-			{
-			perror("Malloc");
-			goto end;
-			}
-		l=BN_bn2bin(dsa->p,data);
-		printf("static unsigned char dsa%d_p[]={",bits_p);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t};\n");
-
-		l=BN_bn2bin(dsa->q,data);
-		printf("static unsigned char dsa%d_q[]={",bits_p);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t};\n");
-
-		l=BN_bn2bin(dsa->g,data);
-		printf("static unsigned char dsa%d_g[]={",bits_p);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
-			}
-		printf("\n\t};\n\n");
-
-		printf("DSA *get_dsa%d()\n\t{\n",bits_p);
-		printf("\tDSA *dsa;\n\n");
-		printf("\tif ((dsa=DSA_new()) == NULL) return(NULL);\n");
-		printf("\tdsa->p=BN_bin2bn(dsa%d_p,sizeof(dsa%d_p),NULL);\n",
-			bits_p,bits_p);
-		printf("\tdsa->q=BN_bin2bn(dsa%d_q,sizeof(dsa%d_q),NULL);\n",
-			bits_p,bits_p);
-		printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n",
-			bits_p,bits_p);
-		printf("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
-		printf("\t\treturn(NULL);\n");
-		printf("\treturn(dsa);\n\t}\n");
-		}
-
-
-	if (!noout)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DSAparams_bio(out,dsa);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DSAparams(out,dsa);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write DSA paramaters\n");
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-	if (genkey)
-		{
-		DSA *dsakey;
-
-		if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;
-		if (!DSA_generate_key(dsakey)) goto end;
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DSAPrivateKey_bio(out,dsakey);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		DSA_free(dsakey);
-		}
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free(out);
-	if (dsa != NULL) DSA_free(dsa);
-	EXIT(ret);
-	}
-
-static void MS_CALLBACK dsa_cb(p, n, arg)
-int p;
-int n;
-char *arg;
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	BIO_flush((BIO *)arg);
-#ifdef LINT
-	p=n;
-#endif
-	}

apps/eay.c

@@ -1,130 +0,0 @@
-/* apps/eay.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define MONOLITH
-#define USE_SOCKETS
-#include "../e_os.h"
-
-#include "bio.h"
-#include "stack.h"
-#include "lhash.h"
-
-#include "err.h"
-
-#include "bn.h"
-
-#include "evp.h"
-
-#include "rand.h"
-#include "conf.h"
-#include "txt_db.h"
-
-#include "err.h"
-
-#include "x509.h"
-#include "pkcs7.h"
-#include "pem.h"
-#include "asn1.h"
-#include "objects.h"
-
-#define MONOLITH
-
-#include "openssl.c"
-#include "apps.c"
-#include "asn1pars.c"
-#ifndef NO_RSA
-#include "ca.c"
-#include "genrsa.c"
-#include "req.c"
-#include "rsa.c"
-#endif
-#ifndef NO_DH
-#include "gendh.c"
-#include "dh.c"
-#endif
-#include "crl.c"
-#include "crl2p7.c"
-#include "dgst.c"
-#include "enc.c"
-#include "errstr.c"
-#if !defined(NO_SSL2) || !defined(NO_SSL3)
-#ifndef NO_SOCK
-#include "s_cb.c"
-#include "s_client.c"
-#include "s_server.c"
-#include "s_socket.c"
-#include "s_time.c"
-#endif
-#endif
-#include "speed.c"
-#include "verify.c"
-#include "version.c"
-#include "x509.c"
-#include "ciphers.c"
-#include "sess_id.c"
-#include "pkcs7.c"
-#ifndef NO_DSA
-#include "dsaparam.c"
-#include "dsa.c"
-#include "gendsa.c"
-#endif
-

apps/enc.c

@@ -1,561 +0,0 @@
-/* apps/enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include "bio.h"
-#include "err.h"
-#include "evp.h"
-#include "objects.h"
-#include "x509.h"
-#ifdef NO_MD5
-#include "md5.h"
-#endif
-#include "pem.h"
-
-#ifndef NOPROTO
-int set_hex(char *in,unsigned char *out,int size);
-#else
-int set_hex();
-#endif
-
-#undef SIZE
-#undef BSIZE
-#undef PROG
-
-#define SIZE	(512)
-#define BSIZE	(8*1024)
-#define	PROG	enc_main
-
-int MAIN(argc,argv)
-int argc;
-char **argv;
-	{
-	char *strbuf=NULL;
-	unsigned char *buff=NULL,*bufsize=NULL;
-	int bsize=BSIZE,verbose=0;
-	int ret=1,inl;
-	unsigned char key[24],iv[MD5_DIGEST_LENGTH];
-	char *str=NULL;
-	char *hkey=NULL,*hiv=NULL;
-	int enc=1,printkey=0,i,base64=0;
-	int debug=0,olb64=0;
-	EVP_CIPHER *cipher=NULL,*c;
-	char *inf=NULL,*outf=NULL;
-	BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
-#define PROG_NAME_SIZE  16
-        char pname[PROG_NAME_SIZE];
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	/* first check the program name */
-        program_name(argv[0],pname,PROG_NAME_SIZE);
-	if (strcmp(pname,"base64") == 0)
-		base64=1;
-
-	cipher=EVP_get_cipherbyname(pname);
-	if (!base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0))
-		{
-		BIO_printf(bio_err,"%s is an unknown cipher\n",pname);
-		goto bad;
-		}
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-e") == 0)
-			enc=1;
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inf= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outf= *(++argv);
-			}
-		else if	(strcmp(*argv,"-d") == 0)
-			enc=0;
-		else if	(strcmp(*argv,"-p") == 0)
-			printkey=1;
-		else if	(strcmp(*argv,"-v") == 0)
-			verbose=1;
-		else if	((strcmp(*argv,"-debug") == 0) ||
-			 (strcmp(*argv,"-d") == 0))
-			debug=1;
-		else if	(strcmp(*argv,"-P") == 0)
-			printkey=2;
-		else if	(strcmp(*argv,"-A") == 0)
-			olb64=1;
-		else if	(strcmp(*argv,"-a") == 0)
-			base64=1;
-		else if	(strcmp(*argv,"-base64") == 0)
-			base64=1;
-		else if (strcmp(*argv,"-bufsize") == 0)
-			{
-			if (--argc < 1) goto bad;
-			bufsize=(unsigned char *)*(++argv);
-			}
-		else if (strcmp(*argv,"-k") == 0)
-			{
-			if (--argc < 1) goto bad;
-			str= *(++argv);
-			}
-		else if (strcmp(*argv,"-kfile") == 0)
-			{
-			static char buf[128];
-			FILE *infile;
-			char *file;
-
-			if (--argc < 1) goto bad;
-			file= *(++argv);
-			infile=fopen(file,"r");
-			if (infile == NULL)
-				{
-				BIO_printf(bio_err,"unable to read key from '%s'\n",
-					file);
-				goto bad;
-				}
-			buf[0]='\0';
-			fgets(buf,128,infile);
-			fclose(infile);
-			i=strlen(buf);
-			if ((i > 0) &&
-				((buf[i-1] == '\n') || (buf[i-1] == '\r')))
-				buf[--i]='\0';
-			if ((i > 0) &&
-				((buf[i-1] == '\n') || (buf[i-1] == '\r')))
-				buf[--i]='\0';
-			if (i < 1)
-				{
-				BIO_printf(bio_err,"zero length password\n");
-				goto bad;
-				}
-			str=buf;
-			}
-		else if (strcmp(*argv,"-K") == 0)
-			{
-			if (--argc < 1) goto bad;
-			hkey= *(++argv);
-			}
-		else if (strcmp(*argv,"-iv") == 0)
-			{
-			if (--argc < 1) goto bad;
-			hiv= *(++argv);
-			}
-		else if	((argv[0][0] == '-') &&
-			((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL))
-			{
-			cipher=c;
-			}
-		else if (strcmp(*argv,"-none") == 0)
-			cipher=NULL;
-		else
-			{
-			BIO_printf(bio_err,"unknown option '%s'\n",*argv);
-bad:
-			BIO_printf(bio_err,"options are\n");
-			BIO_printf(bio_err,"%-14s input file\n","-in <file>");
-			BIO_printf(bio_err,"%-14s output fileencrypt\n","-out <file>");
-			BIO_printf(bio_err,"%-14s encrypt\n","-e");
-			BIO_printf(bio_err,"%-14s decrypt\n","-d");
-			BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64");
-			BIO_printf(bio_err,"%-14s key is the next argument\n","-k");
-			BIO_printf(bio_err,"%-14s key is the first line of the file argument\n","-kfile");
-			BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
-			BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
-			BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
-
-			BIO_printf(bio_err,"Cipher Types\n");
-			BIO_printf(bio_err,"des     : 56 bit key DES encryption\n");
-			BIO_printf(bio_err,"des_ede :112 bit key ede DES encryption\n");
-			BIO_printf(bio_err,"des_ede3:168 bit key ede DES encryption\n");
-#ifndef NO_IDEA
-			BIO_printf(bio_err,"idea    :128 bit key IDEA encryption\n");
-#endif
-#ifndef NO_RC4
-			BIO_printf(bio_err,"rc2     :128 bit key RC2 encryption\n");
-#endif
-#ifndef NO_BLOWFISH
-			BIO_printf(bio_err,"bf      :128 bit key BlowFish encryption\n");
-#endif
-#ifndef NO_RC4
-			BIO_printf(bio_err," -%-5s :128 bit key RC4 encryption\n",
-				LN_rc4);
-#endif
-
-			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
-				LN_des_ecb,LN_des_cbc,
-				LN_des_cfb64,LN_des_ofb64);
-			BIO_printf(bio_err," -%-4s (%s)\n",
-				"des", LN_des_cbc);
-
-			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
-				LN_des_ede,LN_des_ede_cbc,
-				LN_des_ede_cfb64,LN_des_ede_ofb64);
-			BIO_printf(bio_err," -desx -none\n");
-
-
-			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
-				LN_des_ede3,LN_des_ede3_cbc,
-				LN_des_ede3_cfb64,LN_des_ede3_ofb64);
-			BIO_printf(bio_err," -%-4s (%s)\n",
-				"des3", LN_des_ede3_cbc);
-
-#ifndef NO_IDEA
-			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
-				LN_idea_ecb, LN_idea_cbc,
-				LN_idea_cfb64, LN_idea_ofb64);
-			BIO_printf(bio_err," -%-4s (%s)\n","idea",LN_idea_cbc);
-#endif
-#ifndef NO_RC2
-			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
-				LN_rc2_ecb, LN_rc2_cbc,
-				LN_rc2_cfb64, LN_rc2_ofb64);
-			BIO_printf(bio_err," -%-4s (%s)\n","rc2", LN_rc2_cbc);
-#endif
-#ifndef NO_BLOWFISH
-			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
-				LN_bf_ecb, LN_bf_cbc,
-				LN_bf_cfb64, LN_bf_ofb64);
-			BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc);
-#endif
-#ifndef NO_BLOWFISH
-			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
-				LN_cast5_ecb, LN_cast5_cbc,
-				LN_cast5_cfb64, LN_cast5_ofb64);
-			BIO_printf(bio_err," -%-4s (%s)\n","cast", LN_cast5_cbc);
-#endif
-#ifndef NO_BLOWFISH
-			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
-				LN_rc5_ecb, LN_rc5_cbc,
-				LN_rc5_cfb64, LN_rc5_ofb64);
-			BIO_printf(bio_err," -%-4s (%s)\n","rc5", LN_rc5_cbc);
-#endif
-			goto end;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (bufsize != NULL)
-		{
-		unsigned long n;
-
-		for (n=0; *bufsize; bufsize++)
-			{
-			i= *bufsize;
-			if ((i <= '9') && (i >= '0'))
-				n=n*10+i-'0';
-			else if (i == 'k')
-				{
-				n*=1024;
-				bufsize++;
-				break;
-				}
-			}
-		if (*bufsize != '\0')
-			{
-			BIO_printf(bio_err,"invalid 'bufsize' specified.\n");
-			goto end;
-			}
-
-		/* It must be large enough for a base64 encoded line */
-		if (n < 80) n=80;
-
-		bsize=(int)n;
-		if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
-		}
-
-	strbuf=Malloc(SIZE);
-	buff=(unsigned char *)Malloc(EVP_ENCODE_LENGTH(bsize));
-	if ((buff == NULL) || (strbuf == NULL))
-		{
-		BIO_printf(bio_err,"Malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize));
-		goto end;
-		}
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	if (debug)
-		{
-		BIO_set_callback(in,BIO_debug_callback);
-		BIO_set_callback(out,BIO_debug_callback);
-		BIO_set_callback_arg(in,bio_err);
-		BIO_set_callback_arg(out,bio_err);
-		}
-
-	if (inf == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,inf) <= 0)
-			{
-			perror(inf);
-			goto end;
-			}
-		}
-
-	if ((str == NULL) && (cipher != NULL) && (hkey == NULL))
-		{
-		for (;;)
-			{
-			char buf[200];
-
-			sprintf(buf,"enter %s %s password:",
-				OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
-				(enc)?"encryption":"decryption");
-			strbuf[0]='\0';
-			i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
-			if (i == 0)
-				{
-				if (strbuf[0] == '\0')
-					{
-					ret=1;
-					goto end;
-					}
-				str=strbuf;
-				break;
-				}
-			if (i < 0)
-				{
-				BIO_printf(bio_err,"bad password read\n");
-				goto end;
-				}
-			}
-		}
-
-	if (cipher != NULL)
-		{
-		if (str != NULL)
-			{
-			EVP_BytesToKey(cipher,EVP_md5(),NULL,
-				(unsigned char *)str,
-				strlen(str),1,key,iv);
-			/* zero the complete buffer or the string
-			 * passed from the command line
-			 * bug picked up by
-			 * Larry J. Hughes Jr. <hughes@indiana.edu> */
-			if (str == strbuf)
-				memset(str,0,SIZE);
-			else
-				memset(str,0,strlen(str));
-			}
-		if ((hiv != NULL) && !set_hex(hiv,iv,8))
-			{
-			BIO_printf(bio_err,"invalid hex iv value\n");
-			goto end;
-			}
-		if ((hkey != NULL) && !set_hex(hkey,key,24))
-			{
-			BIO_printf(bio_err,"invalid hex key value\n");
-			goto end;
-			}
-
-		if ((benc=BIO_new(BIO_f_cipher())) == NULL)
-			goto end;
-		BIO_set_cipher(benc,cipher,key,iv,enc);
-		if (debug)
-			{
-			BIO_set_callback(benc,BIO_debug_callback);
-			BIO_set_callback_arg(benc,bio_err);
-			}
-
-		if (printkey)
-			{
-			if (cipher->key_len > 0)
-				{
-				printf("key=");
-				for (i=0; i<cipher->key_len; i++)
-					printf("%02X",key[i]);
-				printf("\n");
-				}
-			if (cipher->iv_len > 0)
-				{
-				printf("iv =");
-				for (i=0; i<cipher->iv_len; i++)
-					printf("%02X",iv[i]);
-				printf("\n");
-				}
-			if (printkey == 2)
-				{
-				ret=0;
-				goto end;
-				}
-			}
-		}
-
-
-	if (outf == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outf) <= 0)
-			{
-			perror(outf);
-			goto end;
-			}
-		}
-
-	rbio=in;
-	wbio=out;
-
-	if (base64)
-		{
-		if ((b64=BIO_new(BIO_f_base64())) == NULL)
-			goto end;
-		if (debug)
-			{
-			BIO_set_callback(b64,BIO_debug_callback);
-			BIO_set_callback_arg(b64,bio_err);
-			}
-		if (olb64)
-			BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
-		if (enc)
-			wbio=BIO_push(b64,wbio);
-		else
-			rbio=BIO_push(b64,rbio);
-		}
-
-	/* Only encrypt/decrypt as we write the file */
-	if (benc != NULL)
-		wbio=BIO_push(benc,wbio);
-
-	for (;;)
-		{
-		inl=BIO_read(rbio,(char *)buff,bsize);
-		if (inl <= 0) break;
-		if (BIO_write(wbio,(char *)buff,inl) != inl)
-			{
-			BIO_printf(bio_err,"error writing output file\n");
-			goto end;
-			}
-		}
-	if (!BIO_flush(wbio))
-		{
-		BIO_printf(bio_err,"bad decrypt\n");
-		goto end;
-		}
-
-	ret=0;
-	if (verbose)
-		{
-		BIO_printf(bio_err,"bytes read   :%8ld\n",BIO_number_read(in));
-		BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out));
-		}
-end:
-	if (strbuf != NULL) Free(strbuf);
-	if (buff != NULL) Free(buff);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free(out);
-	if (benc != NULL) BIO_free(benc);
-	if (b64 != NULL) BIO_free(b64);
-	EXIT(ret);
-	}
-
-int set_hex(in,out,size)
-char *in;
-unsigned char *out;
-int size;
-	{
-	int i,n;
-	unsigned char j;
-
-	n=strlen(in);
-	if (n > (size*2))
-		{
-		BIO_printf(bio_err,"hex string is too long\n");
-		return(0);
-		}
-	memset(out,0,size);
-	for (i=0; i<n; i++)
-		{
-		j=(unsigned char)*in;
-		*(in++)='\0';
-		if (j == 0) break;
-		if ((j >= '0') && (j <= '9'))
-			j-='0';
-		else if ((j >= 'A') && (j <= 'F'))
-			j=j-'A'+10;
-		else if ((j >= 'a') && (j <= 'f'))
-			j=j-'a'+10;
-		else
-			{
-			BIO_printf(bio_err,"non-hex digit\n");
-			return(0);
-			}
-		if (i&1)
-			out[i/2]|=j;
-		else
-			out[i/2]=(j<<4);
-		}
-	return(1);
-	}

apps/errstr.c

@@ -1,116 +0,0 @@
-/* apps/errstr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include "bio.h"
-#include "lhash.h"
-#include "err.h"
-#include "ssl.h"
-
-#undef PROG
-#define PROG	errstr_main
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	int i,ret=0;
-	char buf[256];
-	unsigned long l;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	SSL_load_error_strings();
-
-	if ((argc > 1) && (strcmp(argv[1],"-stats") == 0))
-		{
-		BIO *out=NULL;
-
-		out=BIO_new(BIO_s_file());
-		if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE))
-			{
-			lh_node_stats_bio((LHASH *)ERR_get_string_table(),out);
-			lh_stats_bio((LHASH *)ERR_get_string_table(),out);
-			lh_node_usage_stats_bio((LHASH *)
-				ERR_get_string_table(),out);
-			}
-		if (out != NULL) BIO_free(out);
-		argc--;
-		argv++;
-		}
-
-	for (i=1; i<argc; i++)
-		{
-		if (sscanf(argv[i],"%lx",&l))
-			printf("%s\n",ERR_error_string(l,buf));
-		else
-			{
-			printf("%s: bad error code\n",argv[i]);
-			printf("usage: errstr [-stats] <errno> ...\n");
-			ret++;
-			}
-		}
-	EXIT(ret);
-	}

apps/gendh.c

@@ -1,235 +0,0 @@
-/* apps/gendh.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "apps.h"
-#include "bio.h"
-#include "rand.h"
-#include "err.h"
-#include "bn.h"
-#include "dh.h"
-#include "x509.h"
-#include "pem.h"
-
-#define DEFBITS	512
-#undef PROG
-#define PROG gendh_main
-
-#ifndef NOPROTO
-static void MS_CALLBACK dh_cb(int p, int n, char *arg);
-static long dh_load_rand(char *names);
-#else
-static void MS_CALLBACK dh_cb();
-static long dh_load_rand();
-#endif
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	char buffer[200];
-	DH *dh=NULL;
-	int ret=1,num=DEFBITS;
-	int g=2;
-	char *outfile=NULL;
-	char *inrand=NULL,*randfile;
-	BIO *out=NULL;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	argv++;
-	argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-2") == 0)
-			g=2;
-	/*	else if (strcmp(*argv,"-3") == 0)
-			g=3; */
-		else if (strcmp(*argv,"-5") == 0)
-			g=5;
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else
-			break;
-		argv++;
-		argc--;
-		}
-	if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
-		{
-bad:
-		BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
-		BIO_printf(bio_err," -out file - output the key to 'file\n");
-		BIO_printf(bio_err," -2    use 2 as the generator value\n");
-	/*	BIO_printf(bio_err," -3    use 3 as the generator value\n"); */
-		BIO_printf(bio_err," -5    use 5 as the generator value\n");
-		BIO_printf(bio_err," -rand file:file:...\n");
-		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"             the random number generator\n");
-		goto end;
-		}
-		
-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	randfile=RAND_file_name(buffer,200);
-	if ((randfile == NULL)|| !RAND_load_file(randfile,1024L*1024L))
-		BIO_printf(bio_err,"unable to load 'random state'\n");
-
-	if (inrand == NULL)
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-	else
-		{
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			dh_load_rand(inrand));
-		}
-
-	BIO_printf(bio_err,"Generating DH parameters, %d bit long strong prime, generator of %d\n",num,g);
-	BIO_printf(bio_err,"This is going to take a long time\n");
-	dh=DH_generate_parameters(num,g,dh_cb,(char *)bio_err);
-		
-	if (dh == NULL) goto end;
-
-	if (randfile == NULL)
-		BIO_printf(bio_err,"unable to write 'random state'\n");
-	else
-		RAND_write_file(randfile);
-
-	if (!PEM_write_bio_DHparams(out,dh))
-		goto end;
-	ret=0;
-end:
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	if (out != NULL) BIO_free(out);
-	if (dh != NULL) DH_free(dh);
-	EXIT(ret);
-	}
-
-static void MS_CALLBACK dh_cb(p,n,arg)
-int p;
-int n;
-char *arg;
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	BIO_flush((BIO *)arg);
-#ifdef LINT
-	p=n;
-#endif
-	}
-
-static long dh_load_rand(name)
-char *name;
-	{
-	char *p,*n;
-	int last;
-	long tot=0;
-
-	for (;;)
-		{
-		last=0;
-		for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
-		if (*p == '\0') last=1;
-		*p='\0';
-		n=name;
-		name=p+1;
-		if (*n == '\0') break;
-
-		tot+=RAND_load_file(n,1);
-		if (last) break;
-		}
-	return(tot);
-	}
-
-

apps/gendsa.c

@@ -1,240 +0,0 @@
-/* apps/gendsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "apps.h"
-#include "bio.h"
-#include "rand.h"
-#include "err.h"
-#include "bn.h"
-#include "dsa.h"
-#include "x509.h"
-#include "pem.h"
-
-#define DEFBITS	512
-#undef PROG
-#define PROG gendsa_main
-
-#ifndef NOPROTO
-static long dsa_load_rand(char *names);
-#else
-static long dsa_load_rand();
-#endif
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	char buffer[200];
-	DSA *dsa=NULL;
-	int ret=1;
-	char *outfile=NULL;
-	char *inrand=NULL,*randfile,*dsaparams=NULL;
-	BIO *out=NULL,*in=NULL;
-	EVP_CIPHER *enc=NULL;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	argv++;
-	argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else if (strcmp(*argv,"-") == 0)
-			goto bad;
-		else if (dsaparams == NULL)
-			{
-			dsaparams= *argv;
-			}
-#ifndef NO_DES
-		else if (strcmp(*argv,"-des") == 0)
-			enc=EVP_des_cbc();
-		else if (strcmp(*argv,"-des3") == 0)
-			enc=EVP_des_ede3_cbc();
-#endif
-#ifndef NO_IDEA
-		else if (strcmp(*argv,"-idea") == 0)
-			enc=EVP_idea_cbc();
-#endif
-		else
-			goto bad;
-		argv++;
-		argc--;
-		}
-
-	if (dsaparams == NULL)
-		{
-bad:
-		BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
-		BIO_printf(bio_err," -out file - output the key to 'file'\n");
-#ifndef NO_DES
-		BIO_printf(bio_err," -des      - encrypt the generated key with DES in cbc mode\n");
-		BIO_printf(bio_err," -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
-#endif
-#ifndef NO_IDEA
-		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
-#endif
-		BIO_printf(bio_err," -rand file:file:...\n");
-		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"             the random number generator\n");
-		BIO_printf(bio_err," dsaparam-file\n");
-		BIO_printf(bio_err,"           - a DSA parameter file as generated by the dsaparam command\n");
-		goto end;
-		}
-
-	in=BIO_new(BIO_s_file());
-	if (!(BIO_read_filename(in,dsaparams)))
-		{
-		perror(dsaparams);
-		goto end;
-		}
-
-	if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL)) == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DSA parameter file\n");
-		goto end;
-		}
-	BIO_free(in);
-		
-	out=BIO_new(BIO_s_file());
-	if (out == NULL) goto end;
-
-	if (outfile == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	randfile=RAND_file_name(buffer,200);
-	if ((randfile == NULL)|| !RAND_load_file(randfile,1024L*1024L))
-		BIO_printf(bio_err,"unable to load 'random state'\n");
-
-	if (inrand == NULL)
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-	else
-		{
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			dsa_load_rand(inrand));
-		}
-
-	BIO_printf(bio_err,"Generating DSA key, %d bits\n",
-							BN_num_bits(dsa->p));
-	if (!DSA_generate_key(dsa)) goto end;
-
-	if (randfile == NULL)
-		BIO_printf(bio_err,"unable to write 'random state'\n");
-	else
-		RAND_write_file(randfile);
-
-	if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL))
-		goto end;
-	ret=0;
-end:
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	if (out != NULL) BIO_free(out);
-	if (dsa != NULL) DSA_free(dsa);
-	EXIT(ret);
-	}
-
-static long dsa_load_rand(name)
-char *name;
-	{
-	char *p,*n;
-	int last;
-	long tot=0;
-
-	for (;;)
-		{
-		last=0;
-		for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
-		if (*p == '\0') last=1;
-		*p='\0';
-		n=name;
-		name=p+1;
-		if (*n == '\0') break;
-
-		tot+=RAND_load_file(n,1);
-		if (last) break;
-		}
-	return(tot);
-	}
-
-

apps/genrsa.c

@@ -1,278 +0,0 @@
-/* apps/genrsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "apps.h"
-#include "bio.h"
-#include "rand.h"
-#include "err.h"
-#include "bn.h"
-#include "rsa.h"
-#include "evp.h"
-#include "x509.h"
-#include "pem.h"
-
-#define DEFBITS	512
-#undef PROG
-#define PROG genrsa_main
-
-#ifndef NOPROTO
-static void MS_CALLBACK genrsa_cb(int p, int n, char *arg);
-static long gr_load_rand(char *names);
-#else
-static void MS_CALLBACK genrsa_cb();
-static long gr_load_rand();
-#endif
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	int ret=1;
-	char buffer[200];
-	RSA *rsa=NULL;
-	int i,num=DEFBITS;
-	long rnum=0,l;
-	EVP_CIPHER *enc=NULL;
-	unsigned long f4=RSA_F4;
-	char *outfile=NULL;
-	char *inrand=NULL,*randfile;
-	BIO *out=NULL;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-	if ((out=BIO_new(BIO_s_file())) == NULL)
-		{
-		BIO_printf(bio_err,"unable to creat BIO for output\n");
-		goto err;
-		}
-
-	argv++;
-	argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-3") == 0)
-			f4=3;
-		else if (strcmp(*argv,"-F4") == 0)
-			f4=RSA_F4;
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-#ifndef NO_DES
-		else if (strcmp(*argv,"-des") == 0)
-			enc=EVP_des_cbc();
-		else if (strcmp(*argv,"-des3") == 0)
-			enc=EVP_des_ede3_cbc();
-#endif
-#ifndef NO_IDEA
-		else if (strcmp(*argv,"-idea") == 0)
-			enc=EVP_idea_cbc();
-#endif
-		else
-			break;
-		argv++;
-		argc--;
-		}
-	if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
-		{
-bad:
-		BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n");
-		BIO_printf(bio_err," -des      - encrypt the generated key with DES in cbc mode\n");
-		BIO_printf(bio_err," -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
-#ifndef NO_IDEA
-		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
-#endif
-		BIO_printf(bio_err," -out file - output the key to 'file\n");
-		BIO_printf(bio_err," -f4       - use F4 (0x10001) for the E value\n");
-		BIO_printf(bio_err," -3        - use 3 for the E value\n");
-		BIO_printf(bio_err," -rand file:file:...\n");
-		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"             the random number generator\n");
-		goto err;
-		}
-		
-	ERR_load_crypto_strings();
-	if (outfile == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto err;
-			}
-		}
-
-#ifdef WINDOWS
-	BIO_printf(bio_err,"Loading 'screen' into random state -");
-	BIO_flush(bio_err);
-	RAND_screen();
-	BIO_printf(bio_err," done\n");
-#endif
-	randfile=RAND_file_name(buffer,200);
-	if ((randfile == NULL) ||
-		 !(rnum=(long)RAND_load_file(randfile,1024L*1024L)))
-		{
-		BIO_printf(bio_err,"unable to load 'random state'\n");
-		}
-
-	if (inrand == NULL)
-		{
-		if (rnum == 0)
-			{
-			BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-			}
-		}
-	else
-		{
-		rnum+=gr_load_rand(inrand);
-		}
-	if (rnum != 0)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",rnum);
-
-	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
-		num);
-	rsa=RSA_generate_key(num,f4,genrsa_cb,(char *)bio_err);
-		
-	if (randfile == NULL)
-		BIO_printf(bio_err,"unable to write 'random state'\n");
-	else
-		RAND_write_file(randfile);
-
-	if (rsa == NULL) goto err;
-	
-	/* We need to do the folloing for when the base number size is <
-	 * long, esp windows 3.1 :-(. */
-	l=0L;
-	for (i=0; i<rsa->e->top; i++)
-		{
-#ifndef SIXTY_FOUR_BIT
-		l<<=BN_BITS4;
-		l<<=BN_BITS4;
-#endif
-		l+=rsa->e->d[i];
-		}
-	BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
-	if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL))
-		goto err;
-
-	ret=0;
-err:
-	if (rsa != NULL) RSA_free(rsa);
-	if (out != NULL) BIO_free(out);
-	if (ret != 0)
-		ERR_print_errors(bio_err);
-	EXIT(ret);
-	}
-
-static void MS_CALLBACK genrsa_cb(p, n, arg)
-int p;
-int n;
-char *arg;
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	BIO_flush((BIO *)arg);
-#ifdef LINT
-	p=n;
-#endif
-	}
-
-static long gr_load_rand(name)
-char *name;
-	{
-	char *p,*n;
-	int last;
-	long tot=0;
-
-	for (;;)
-		{
-		last=0;
-		for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
-		if (*p == '\0') last=1;
-		*p='\0';
-		n=name;
-		name=p+1;
-		if (*n == '\0') break;
-
-		tot+=RAND_load_file(n,1024L*1024L);
-		if (last) break;
-		}
-	return(tot);
-	}
-
-

apps/nseq.c

@@ -1,182 +0,0 @@
-/* nseq.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "pem.h"
-#include "err.h"
-#include "apps.h"
-
-#undef PROG
-#define PROG nseq_main
-
-#ifdef NOPROTO
-static int dump_cert_text(BIO *out, X509 *x);
-#else
-static int dump_cert_text();
-#endif
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-{
-	char **args, *infile = NULL, *outfile = NULL;
-	BIO *in = NULL, *out = NULL;
-	int toseq = 0;
-	X509 *x509 = NULL;
-	NETSCAPE_CERT_SEQUENCE *seq = NULL;
-	int i, ret = 1;
-	int badarg = 0;
-	if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-	ERR_load_crypto_strings();
-        SSLeay_add_all_algorithms();
-	args = argv + 1;
-	while (!badarg && *args && *args[0] == '-') {
-		if (!strcmp (*args, "-toseq")) toseq = 1;
-		else if (!strcmp (*args, "-in")) {
-			if (args[1]) {
-				args++;
-				infile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-out")) {
-			if (args[1]) {
-				args++;
-				outfile = *args;
-			} else badarg = 1;
-		} else badarg = 1;
-		args++;
-	}
-
-	if (badarg) {
-		BIO_printf (bio_err, "Netscape certificate sequence utility\n");
-		BIO_printf (bio_err, "Usage nseq [options]\n");
-		BIO_printf (bio_err, "where options are\n");
-                BIO_printf (bio_err, "-in file  input file\n");
-                BIO_printf (bio_err, "-out file output file\n");
-                BIO_printf (bio_err, "-toseq    output NS Sequence file\n");
-		EXIT(1);
-	}
-
-	if (infile) {
-		if (!(in = BIO_new_file (infile, "r"))) {
-			BIO_printf (bio_err,
-				 "Can't open input file %s\n", infile);
-			goto end;
-		}
-	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if (outfile) {
-		if (!(out = BIO_new_file (outfile, "w"))) {
-			BIO_printf (bio_err,
-				 "Can't open output file %s\n", outfile);
-			goto end;
-		}
-	} else out = BIO_new_fp(stdout, BIO_NOCLOSE);
-
-	if (toseq) {
-		seq = NETSCAPE_CERT_SEQUENCE_new();
-		seq->certs = sk_new(NULL);
-		while((x509 = PEM_read_bio_X509(in, NULL, NULL))) 
-					sk_push(seq->certs, (char *)x509);
-
-		if(!sk_num(seq->certs))
-		{
-			BIO_printf (bio_err, "Error reading certs file %s\n", infile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-		PEM_write_bio_NETSCAPE_CERT_SEQUENCE(out, seq);
-		ret = 0;
-		goto end;
-	}
-
-	if (!(seq = PEM_read_bio_NETSCAPE_CERT_SEQUENCE(in, NULL, NULL))) {
-		BIO_printf (bio_err, "Error reading sequence file %s\n", infile);
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	for(i = 0; i < sk_num(seq->certs); i++) {
-		x509 = (X509 *) sk_value(seq->certs, i);
-		dump_cert_text(out, x509);
-		PEM_write_bio_X509(out, x509);
-	}
-	ret = 0;
-end:
-	BIO_free(in);
-	BIO_free(out);
-	NETSCAPE_CERT_SEQUENCE_free(seq);
-
-	EXIT(ret);
-}
-
-static int dump_cert_text(out, x)
-BIO *out;
-X509 *x;
-{
-        char buf[256];
-        X509_NAME_oneline(X509_get_subject_name(x),buf,256);
-        BIO_puts(out,"subject=");
-        BIO_puts(out,buf);
-
-        X509_NAME_oneline(X509_get_issuer_name(x),buf,256);
-        BIO_puts(out,"\nissuer= ");
-        BIO_puts(out,buf);
-        BIO_puts(out,"\n");
-        return 0;
-}
-

apps/oid.cnf

@@ -1,6 +0,0 @@
-2.99999.1       SET.ex1         SET x509v3 extension 1
-2.99999.2       SET.ex2         SET x509v3 extension 2
-2.99999.3       SET.ex3         SET x509v3 extension 3
-2.99999.4       SET.ex4         SET x509v3 extension 4
-2.99999.5       SET.ex5         SET x509v3 extension 5
-2.99999.6       SET.ex6         SET x509v3 extension 6

apps/openssl.c

@@ -1,361 +0,0 @@
-/* apps/openssl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef DEBUG
-#undef DEBUG
-#endif
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include "bio.h"
-#include "crypto.h"
-#include "lhash.h"
-#include "conf.h"
-#include "x509.h"
-#include "pem.h"
-#include "ssl.h"
-#define SSLEAY	/* turn off a few special case MONOLITH macros */
-#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
-#define SSLEAY_SRC
-#include "apps.h"
-#include "s_apps.h"
-#include "err.h"
-
-/*
-#ifdef WINDOWS
-#include "bss_file.c"
-#endif
-*/
-
-#ifndef NOPROTO
-static unsigned long MS_CALLBACK hash(FUNCTION *a);
-static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
-static LHASH *prog_init(void );
-static int do_cmd(LHASH *prog,int argc,char *argv[]);
-#else
-static unsigned long MS_CALLBACK hash();
-static int MS_CALLBACK cmp();
-static LHASH *prog_init();
-static int do_cmd();
-#endif
-
-LHASH *config=NULL;
-char *default_config_file=NULL;
-
-#ifdef DEBUG
-static void sig_stop(i)
-int i;
-	{
-	char *a=NULL;
-
-	*a='\0';
-	}
-#endif
-
-/* Make sure there is only one when MONOLITH is defined */
-#ifdef MONOLITH
-BIO *bio_err=NULL;
-#endif
-
-int main(Argc,Argv)
-int Argc;
-char *Argv[];
-	{
-	ARGS arg;
-#define PROG_NAME_SIZE	16
-	char pname[PROG_NAME_SIZE];
-	FUNCTION f,*fp;
-	MS_STATIC char *prompt,buf[1024],config_name[256];
-	int n,i,ret=0;
-	int argc;
-	char **argv,*p;
-	LHASH *prog=NULL;
-	long errline;
- 
-	arg.data=NULL;
-	arg.count=0;
-
-	/* SSLeay_add_ssl_algorithms(); is called in apps_startup() */
-	apps_startup();
-
-#if defined(DEBUG) && !defined(WINDOWS) && !defined(MSDOS)
-#ifdef SIGBUS
-	signal(SIGBUS,sig_stop);
-#endif
-#ifdef SIGSEGV
-	signal(SIGSEGV,sig_stop);
-#endif
-#endif
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
-	ERR_load_crypto_strings();
-
-	/* Lets load up our environment a little */
-	p=getenv("OPENSSL_CONF");
-	if (p == NULL)
-		p=getenv("SSLEAY_CONF");
-	if (p == NULL)
-		{
-		strcpy(config_name,X509_get_default_cert_area());
-		strcat(config_name,"/lib/");
-		strcat(config_name,OPENSSL_CONF);
-		p=config_name;
-		}
-
-	default_config_file=p;
-
-	config=CONF_load(config,p,&errline);
-	if (config == NULL) ERR_clear_error();
-
-	prog=prog_init();
-
-	/* first check the program name */
-	program_name(Argv[0],pname,PROG_NAME_SIZE);
-
-	f.name=pname;
-	fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
-	if (fp != NULL)
-		{
-		Argv[0]=pname;
-		ret=fp->func(Argc,Argv);
-		goto end;
-		}
-
-	/* ok, now check that there are not arguments, if there are,
-	 * run with them, shifting the ssleay off the front */
-	if (Argc != 1)
-		{
-		Argc--;
-		Argv++;
-		ret=do_cmd(prog,Argc,Argv);
-		if (ret < 0) ret=0;
-		goto end;
-		}
-
-	/* ok, lets enter the old 'OpenSSL>' mode */
-	
-	for (;;)
-		{
-		ret=0;
-		p=buf;
-		n=1024;
-		i=0;
-		for (;;)
-			{
-			p[0]='\0';
-			if (i++)
-				prompt=">";
-			else	prompt="OpenSSL> ";
-			fputs(prompt,stdout);
-			fflush(stdout);
-			fgets(p,n,stdin);
-			if (p[0] == '\0') goto end;
-			i=strlen(p);
-			if (i <= 1) break;
-			if (p[i-2] != '\\') break;
-			i-=2;
-			p+=i;
-			n-=i;
-			}
-		if (!chopup_args(&arg,buf,&argc,&argv)) break;
-
-		ret=do_cmd(prog,argc,argv);
-		if (ret < 0)
-			{
-			ret=0;
-			goto end;
-			}
-		if (ret != 0)
-			BIO_printf(bio_err,"error in %s\n",argv[0]);
-		BIO_flush(bio_err);
-		}
-	BIO_printf(bio_err,"bad exit\n");
-	ret=1;
-end:
-	if (config != NULL)
-		{
-		CONF_free(config);
-		config=NULL;
-		}
-	if (prog != NULL) lh_free(prog);
-	if (arg.data != NULL) Free(arg.data);
-	ERR_remove_state(0);
-
-	EVP_cleanup();
-	ERR_free_strings();
-
-	CRYPTO_mem_leaks(bio_err);
-	if (bio_err != NULL)
-		{
-		BIO_free(bio_err);
-		bio_err=NULL;
-		}
-	EXIT(ret);
-	}
-
-static int do_cmd(prog,argc,argv)
-LHASH *prog;
-int argc;
-char *argv[];
-	{
-	FUNCTION f,*fp;
-	int i,ret=1,tp,nl;
-
-	if ((argc <= 0) || (argv[0] == NULL))
-		{ ret=0; goto end; }
-	f.name=argv[0];
-	fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
-	if (fp != NULL)
-		{
-		ret=fp->func(argc,argv);
-		}
-	else if ((strcmp(argv[0],"quit") == 0) ||
-		(strcmp(argv[0],"q") == 0) ||
-		(strcmp(argv[0],"exit") == 0) ||
-		(strcmp(argv[0],"bye") == 0))
-		{
-		ret= -1;
-		goto end;
-		}
-	else
-		{
-		BIO_printf(bio_err,"openssl:Error: '%s' is an invalid command.\n",
-			argv[0]);
-		BIO_printf(bio_err, "\nStandard commands");
-		i=0;
-		tp=0;
-		for (fp=functions; fp->name != NULL; fp++)
-			{
-			nl=0;
-			if (((i++) % 5) == 0)
-				{
-				BIO_printf(bio_err,"\n");
-				nl=1;
-				}
-			if (fp->type != tp)
-				{
-				tp=fp->type;
-				if (!nl) BIO_printf(bio_err,"\n");
-				if (tp == FUNC_TYPE_MD)
-					{
-					i=1;
-					BIO_printf(bio_err,
-						"\nMessage Digest commands (see the `dgst' command for more details)\n");
-					}
-				else if (tp == FUNC_TYPE_CIPHER)
-					{
-					i=1;
-					BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
-					}
-				}
-			BIO_printf(bio_err,"%-15s",fp->name);
-			}
-		BIO_printf(bio_err,"\n\n");
-		ret=0;
-		}
-end:
-	return(ret);
-	}
-
-static int SortFnByName(const void *_f1,const void *_f2)
-    {
-    const FUNCTION *f1=_f1;
-    const FUNCTION *f2=_f2;
-
-    if(f1->type != f2->type)
-	return f1->type-f2->type;
-    return strcmp(f1->name,f2->name);
-    }
-
-static LHASH *prog_init()
-	{
-	LHASH *ret;
-	FUNCTION *f;
-	int i;
-
-	/* Purely so it looks nice when the user hits ? */
-	for(i=0,f=functions ; f->name != NULL ; ++f,++i)
-	    ;
-	qsort(functions,i,sizeof *functions,SortFnByName);
-
-	if ((ret=lh_new(hash,cmp)) == NULL) return(NULL);
-
-	for (f=functions; f->name != NULL; f++)
-		lh_insert(ret,(char *)f);
-	return(ret);
-	}
-
-static int MS_CALLBACK cmp(a,b)
-FUNCTION *a,*b;
-	{
-	return(strncmp(a->name,b->name,8));
-	}
-
-static unsigned long MS_CALLBACK hash(a)
-FUNCTION *a;
-	{
-	return(lh_strhash(a->name));
-	}
-
-#undef SSLEAY

apps/openssl.cnf

@@ -1,199 +0,0 @@
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= $ENV::HOME/.rnd
-oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= ./demoCA		# Where everything is kept
-certs		= $dir/certs		# Where the issued certs are kept
-crl_dir		= $dir/crl		# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir/newcerts		# default place for new certs.
-
-certificate	= $dir/cacert.pem 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/private/cakey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-crl_extensions	= crl_ext		# Extensions to add to CRL
-default_days	= 365			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= 1024
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= Some-State
-
-localityName			= Locality Name (eg, city)
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= Internet Widgits Pty Ltd
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (eg, YOUR name)
-commonName_max			= 64
-
-emailAddress			= Email Address
-emailAddress_max		= 40
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-#nsCertType			= server
-
-# For an object signing certificate this would be used.
-#nsCertType = objsign
-
-# For normal client use this is typical
-#nsCertType = client, email
-
-# This is typical also
-
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-nsComment			= "OpenSSL Generated Certificate"
-
-# PKIX recommendations
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-# Import the email address.
-
-subjectAltName=email:copy
-
-# Copy subject details
-
-issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ v3_ca]
-
-# Extensions for a typical CA
-
-# It's a CA certificate
-basicConstraints = CA:true
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-
-# Key usage: again this should really be critical.
-keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-#nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-subjectAltName=email:copy
-# Copy issuer details
-issuerAltName=issuer:copy
-
-# RAW DER hex encoding of an extension: beware experts only!
-# 1.2.3.5=RAW:02:03
-# You can even override a supported extension:
-# basicConstraints= critical, RAW:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always

apps/pca-cert.srl

@@ -1 +0,0 @@
-01

apps/pca-key.pem

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----

apps/pca-req.pem

@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBmjCCAQMCAQAwXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
-GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAo
-MTAyNCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfj
-Irkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUX
-MRsp22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3
-vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAEzz
-IG8NnfpnPTQSCN5zJhOfy6p9AcDyQzuJirYv1HR/qoYWalPh/U2uiK0lAim7qMcv
-wOlK3I7A8B7/4dLqvIqgtUj9b1WT8zIrnwdvJI4osLI2BY+c1pVlp174DHLMol1L
-Cl1e3N5BTm7lCitTYjuUhsw6hiA8IcdNKDo6sktV
------END CERTIFICATE REQUEST-----

apps/pem_mail.c

@@ -1,170 +0,0 @@
-/* apps/pem_mail.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "rsa.h"
-#include "evp.h"
-#include "objects.h"
-#include "x509.h"
-#include "err.h"
-#include "pem.h"
-#include "apps.h"
-
-#undef PROG
-#define PROG	pem_mail_main
-
-static char *usage[]={
-"usage: pem_mail args\n",
-"\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -cert arg       - the certificate to use\n",
-" -key arg        - the private key to use\n",
-" -MIC           - sign the message\n",
-" -enc arg        - encrypt with one of cbc-des\n",
-NULL
-};
-
-
-typedef struct lines_St
-	{
-	char *line;
-	struct lines_st *next;
-	} LINES;
-
-int main(argc, argv)
-int argc;
-char **argv;
-	{
-	FILE *in;
-	RSA *rsa=NULL;
-	EVP_MD_CTX ctx;
-	unsigned int mic=0,i,n;
-	unsigned char buf[1024*15];
-	char *prog,*infile=NULL,*outfile=NULL,*key=NULL;
-	int badops=0;
-
-	apps_startup();
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			key= *(++argv);
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-mic") == 0)
-			mic=1;
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options  are\n");
-		EXIT(1);
-		}
-
-	if (key == NULL)
-		{ BIO_printf(bio_err,"you need to specify a key\n"); EXIT(1); }
-	in=fopen(key,"r");
-	if (in == NULL) { perror(key); EXIT(1); }
-	rsa=PEM_read_RSAPrivateKey(in,NULL,NULL);
-	if (rsa == NULL)
-		{
-		BIO_printf(bio_err,"unable to load Private Key\n");
-		ERR_print_errors(bio_err);
-		EXIT(1);
-		}
-	fclose(in);
-
-	PEM_SignInit(&ctx,EVP_md5());
-	for (;;)
-		{
-		i=fread(buf,1,1024*10,stdin);
-		if (i <= 0) break;
-		PEM_SignUpdate(&ctx,buf,i);
-		}
-	if (!PEM_SignFinal(&ctx,buf,&n,rsa)) goto err;
-	BIO_printf(bio_err,"%s\n",buf);
-	EXIT(0);
-err:
-	ERR_print_errors(bio_err);
-	EXIT(1);
-	}

apps/pkcs7.c

@@ -1,315 +0,0 @@
-/* apps/pkcs7.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include "apps.h"
-#include "err.h"
-#include "objects.h"
-#include "evp.h"
-#include "x509.h"
-#include "pkcs7.h"
-#include "pem.h"
-
-#undef PROG
-#define PROG	pkcs7_main
-
-/* -inform arg	- input format - default PEM (one of DER, TXT or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -des		- encrypt output if PEM format with DES in cbc mode
- * -des3	- encrypt output if PEM format
- * -idea	- encrypt output if PEM format
- * -print_certs
- */
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	PKCS7 *p7=NULL;
-	int i,badops=0;
-#if !defined(NO_DES) || !defined(NO_IDEA)
-	EVP_CIPHER *enc=NULL;
-#endif
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat;
-	char *infile,*outfile,*prog,buf[256];
-	int print_certs=0;
-	int ret=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-print_certs") == 0)
-			print_certs=1;
-#ifndef NO_DES
-		else if (strcmp(*argv,"-des") == 0)
-			enc=EVP_des_cbc();
-		else if (strcmp(*argv,"-des3") == 0)
-			enc=EVP_des_ede3_cbc();
-#endif
-#ifndef NO_IDEA
-		else if (strcmp(*argv,"-idea") == 0)
-			enc=EVP_idea_cbc();
-#endif
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -print_certs  print any certs or crl in the input\n");
-		BIO_printf(bio_err," -des          encrypt PEM output with cbc des\n");
-		BIO_printf(bio_err," -des3         encrypt PEM output with ede cbc des using 168 bit key\n");
-#ifndef NO_IDEA
-		BIO_printf(bio_err," -idea         encrypt PEM output with cbc idea\n");
-#endif
-		EXIT(1);
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-                goto end;
-                }
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-		if (in == NULL)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-
-	if	(informat == FORMAT_ASN1)
-		p7=d2i_PKCS7_bio(in,NULL);
-	else if (informat == FORMAT_PEM)
-		p7=PEM_read_bio_PKCS7(in,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified for pkcs7 object\n");
-		goto end;
-		}
-	if (p7 == NULL)
-		{
-		BIO_printf(bio_err,"unable to load PKCS7 object\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (print_certs)
-		{
-		STACK *certs=NULL;
-		STACK *crls=NULL;
-
-		i=OBJ_obj2nid(p7->type);
-		switch (i)
-			{
-		case NID_pkcs7_signed:
-			certs=p7->d.sign->cert;
-			crls=p7->d.sign->crl;
-			break;
-		case NID_pkcs7_signedAndEnveloped:
-			certs=p7->d.signed_and_enveloped->cert;
-			crls=p7->d.signed_and_enveloped->crl;
-			break;
-		default:
-			break;
-			}
-
-		if (certs != NULL)
-			{
-			X509 *x;
-
-			for (i=0; i<sk_num(certs); i++)
-				{
-				x=(X509 *)sk_value(certs,i);
-
-				X509_NAME_oneline(X509_get_subject_name(x),
-					buf,256);
-				BIO_puts(out,"subject=");
-				BIO_puts(out,buf);
-
-				X509_NAME_oneline(X509_get_issuer_name(x),
-					buf,256);
-				BIO_puts(out,"\nissuer= ");
-				BIO_puts(out,buf);
-				BIO_puts(out,"\n");
-
-				PEM_write_bio_X509(out,x);
-				BIO_puts(out,"\n");
-				}
-			}
-		if (crls != NULL)
-			{
-			X509_CRL *crl;
-
-			for (i=0; i<sk_num(crls); i++)
-				{
-				crl=(X509_CRL *)sk_value(crls,i);
-
-				X509_NAME_oneline(crl->crl->issuer,buf,256);
-				BIO_puts(out,"issuer= ");
-				BIO_puts(out,buf);
-
-				BIO_puts(out,"\nlast update=");
-				ASN1_TIME_print(out,crl->crl->lastUpdate);
-				BIO_puts(out,"\nnext update=");
-				ASN1_TIME_print(out,crl->crl->nextUpdate);
-				BIO_puts(out,"\n");
-
-				PEM_write_bio_X509_CRL(out,crl);
-				BIO_puts(out,"\n");
-				}
-			}
-
-		ret=0;
-		goto end;
-		}
-
-	if 	(outformat == FORMAT_ASN1)
-		i=i2d_PKCS7_bio(out,p7);
-	else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_PKCS7(out,p7);
-	else	{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-
-	if (!i)
-		{
-		BIO_printf(bio_err,"unable to write pkcs7 object\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	ret=0;
-end:
-	if (p7 != NULL) PKCS7_free(p7);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free(out);
-	EXIT(ret);
-	}

apps/privkey.pem

@@ -1,18 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF
-
-6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9
-Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo
-F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3
-XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE
-jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy
-vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh
-JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf
-PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM
-POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS
-gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz
-8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v
-Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC
-dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw==
------END RSA PRIVATE KEY-----

apps/progs.h

@@ -1,254 +0,0 @@
-#ifndef NOPROTO
-extern int verify_main(int argc,char *argv[]);
-extern int asn1parse_main(int argc,char *argv[]);
-extern int req_main(int argc,char *argv[]);
-extern int dgst_main(int argc,char *argv[]);
-extern int dh_main(int argc,char *argv[]);
-extern int enc_main(int argc,char *argv[]);
-extern int gendh_main(int argc,char *argv[]);
-extern int errstr_main(int argc,char *argv[]);
-extern int ca_main(int argc,char *argv[]);
-extern int crl_main(int argc,char *argv[]);
-extern int rsa_main(int argc,char *argv[]);
-extern int dsa_main(int argc,char *argv[]);
-extern int dsaparam_main(int argc,char *argv[]);
-extern int x509_main(int argc,char *argv[]);
-extern int genrsa_main(int argc,char *argv[]);
-extern int gendsa_main(int argc,char *argv[]);
-extern int s_server_main(int argc,char *argv[]);
-extern int s_client_main(int argc,char *argv[]);
-extern int speed_main(int argc,char *argv[]);
-extern int s_time_main(int argc,char *argv[]);
-extern int version_main(int argc,char *argv[]);
-extern int pkcs7_main(int argc,char *argv[]);
-extern int crl2pkcs7_main(int argc,char *argv[]);
-extern int sess_id_main(int argc,char *argv[]);
-extern int ciphers_main(int argc,char *argv[]);
-extern int nseq_main(int argc,char *argv[]);
-#else
-extern int verify_main();
-extern int asn1parse_main();
-extern int req_main();
-extern int dgst_main();
-extern int dh_main();
-extern int enc_main();
-extern int gendh_main();
-extern int errstr_main();
-extern int ca_main();
-extern int crl_main();
-extern int rsa_main();
-extern int dsa_main();
-extern int dsaparam_main();
-extern int x509_main();
-extern int genrsa_main();
-extern int gendsa_main();
-extern int s_server_main();
-extern int s_client_main();
-extern int speed_main();
-extern int s_time_main();
-extern int version_main();
-extern int pkcs7_main();
-extern int crl2pkcs7_main();
-extern int sess_id_main();
-extern int ciphers_main();
-extern int nseq_main();
-#endif
-
-#ifdef SSLEAY_SRC
-
-#define FUNC_TYPE_GENERAL	1
-#define FUNC_TYPE_MD		2
-#define FUNC_TYPE_CIPHER	3
-
-typedef struct {
-	int type;
-	char *name;
-	int (*func)();
-	} FUNCTION;
-
-FUNCTION functions[] = {
-	{FUNC_TYPE_GENERAL,"verify",verify_main},
-	{FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main},
-	{FUNC_TYPE_GENERAL,"req",req_main},
-	{FUNC_TYPE_GENERAL,"dgst",dgst_main},
-#ifndef NO_DH
-	{FUNC_TYPE_GENERAL,"dh",dh_main},
-#endif
-	{FUNC_TYPE_GENERAL,"enc",enc_main},
-#ifndef NO_DH
-	{FUNC_TYPE_GENERAL,"gendh",gendh_main},
-#endif
-	{FUNC_TYPE_GENERAL,"errstr",errstr_main},
-	{FUNC_TYPE_GENERAL,"ca",ca_main},
-	{FUNC_TYPE_GENERAL,"crl",crl_main},
-#ifndef NO_RSA
-	{FUNC_TYPE_GENERAL,"rsa",rsa_main},
-#endif
-#ifndef NO_DSA
-	{FUNC_TYPE_GENERAL,"dsa",dsa_main},
-#endif
-#ifndef NO_DSA
-	{FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
-#endif
-	{FUNC_TYPE_GENERAL,"x509",x509_main},
-#ifndef NO_RSA
-	{FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
-#endif
-#ifndef NO_DSA
-	{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
-#endif
-#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
-	{FUNC_TYPE_GENERAL,"s_server",s_server_main},
-#endif
-#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
-	{FUNC_TYPE_GENERAL,"s_client",s_client_main},
-#endif
-	{FUNC_TYPE_GENERAL,"speed",speed_main},
-#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
-	{FUNC_TYPE_GENERAL,"s_time",s_time_main},
-#endif
-	{FUNC_TYPE_GENERAL,"version",version_main},
-	{FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main},
-	{FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
-	{FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
-#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
-	{FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
-#endif
-	{FUNC_TYPE_GENERAL,"nseq",nseq_main},
-	{FUNC_TYPE_MD,"md2",dgst_main},
-	{FUNC_TYPE_MD,"md5",dgst_main},
-	{FUNC_TYPE_MD,"sha",dgst_main},
-	{FUNC_TYPE_MD,"sha1",dgst_main},
-	{FUNC_TYPE_MD,"mdc2",dgst_main},
-	{FUNC_TYPE_MD,"rmd160",dgst_main},
-	{FUNC_TYPE_CIPHER,"base64",enc_main},
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des3",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"desx",enc_main},
-#endif
-#ifndef NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea",enc_main},
-#endif
-#ifndef NO_RC4
-	{FUNC_TYPE_CIPHER,"rc4",enc_main},
-#endif
-#ifndef NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2",enc_main},
-#endif
-#ifndef NO_BLOWFISH
-	{FUNC_TYPE_CIPHER,"bf",enc_main},
-#endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast",enc_main},
-#endif
-#ifndef NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-ecb",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-cbc",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-cbc",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-cbc",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-cfb",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-cfb",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-cfb",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-ofb",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main},
-#endif
-#ifndef NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main},
-#endif
-#ifndef NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-cbc",enc_main},
-#endif
-#ifndef NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-ecb",enc_main},
-#endif
-#ifndef NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-cfb",enc_main},
-#endif
-#ifndef NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
-#endif
-#ifndef NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
-#endif
-#ifndef NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-ecb",enc_main},
-#endif
-#ifndef NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-cfb",enc_main},
-#endif
-#ifndef NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-ofb",enc_main},
-#endif
-#ifndef NO_BLOWFISH
-	{FUNC_TYPE_CIPHER,"bf-cbc",enc_main},
-#endif
-#ifndef NO_BLOWFISH
-	{FUNC_TYPE_CIPHER,"bf-ecb",enc_main},
-#endif
-#ifndef NO_BLOWFISH
-	{FUNC_TYPE_CIPHER,"bf-cfb",enc_main},
-#endif
-#ifndef NO_BLOWFISH
-	{FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
-#endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
-#endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
-#endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
-#endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
-#endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
-#endif
-#ifndef NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
-#endif
-#ifndef NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
-#endif
-#ifndef NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
-#endif
-#ifndef NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
-#endif
-	{0,NULL,NULL}
-	};
-#endif
-

apps/progs.pl

@@ -1,82 +0,0 @@
-#!/usr/local/bin/perl
-
-print "#ifndef NOPROTO\n";
-
-grep(s/^asn1pars$/asn1parse/,@ARGV);
-
-foreach (@ARGV)
-	{ printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
-print "#else\n";
-foreach (@ARGV)
-	{ printf "extern int %s_main();\n",$_; }
-print "#endif\n";
-
-
-print <<'EOF';
-
-#ifdef SSLEAY_SRC
-
-#define FUNC_TYPE_GENERAL	1
-#define FUNC_TYPE_MD		2
-#define FUNC_TYPE_CIPHER	3
-
-typedef struct {
-	int type;
-	char *name;
-	int (*func)();
-	} FUNCTION;
-
-FUNCTION functions[] = {
-EOF
-
-foreach (@ARGV)
-	{
-	push(@files,$_);
-	$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
-	if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
-		{ print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))\n${str}#endif\n"; } 
-	elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) ) 
-		{ print "#ifndef NO_RSA\n${str}#endif\n";  }
-	elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
-		{ print "#ifndef NO_DSA\n${str}#endif\n"; }
-	elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/))
-		{ print "#ifndef NO_DH\n${str}#endif\n"; }
-	else
-		{ print $str; }
-	}
-
-foreach ("md2","md5","sha","sha1","mdc2","rmd160")
-	{
-	push(@files,$_);
-	printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_;
-	}
-
-foreach (
-	"base64",
-	"des", "des3", "desx", "idea", "rc4", "rc2","bf","cast","rc5",
-	"des-ecb", "des-ede",    "des-ede3",
-	"des-cbc", "des-ede-cbc","des-ede3-cbc",
-	"des-cfb", "des-ede-cfb","des-ede3-cfb",
-	"des-ofb", "des-ede-ofb","des-ede3-ofb",
-	"idea-cbc","idea-ecb",   "idea-cfb", "idea-ofb",
-	"rc2-cbc", "rc2-ecb",    "rc2-cfb",  "rc2-ofb",
-	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb",
-	"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
-	"cast-cbc", "rc5-cbc",   "rc5-ecb",  "rc5-cfb",  "rc5-ofb")
-	{
-	push(@files,$_);
-
-	$t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
-	if    ($_ =~ /des/)  { $t="#ifndef NO_DES\n${t}#endif\n"; }
-	elsif ($_ =~ /idea/) { $t="#ifndef NO_IDEA\n${t}#endif\n"; }
-	elsif ($_ =~ /rc4/)  { $t="#ifndef NO_RC4\n${t}#endif\n"; }
-	elsif ($_ =~ /rc2/)  { $t="#ifndef NO_RC2\n${t}#endif\n"; }
-	elsif ($_ =~ /bf/)   { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
-	elsif ($_ =~ /cast/) { $t="#ifndef NO_CAST\n${t}#endif\n"; }
-	elsif ($_ =~ /rc5/)  { $t="#ifndef NO_RC5\n${t}#endif\n"; }
-	print $t;
-	}
-
-print "\t{0,NULL,NULL}\n\t};\n";
-print "#endif\n\n";
-

apps/req.pem

@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBlzCCAVcCAQAwXjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMORXJp
-YyB0aGUgWW91bmcwge8wgaYGBSsOAwIMMIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZ
-S4J1PHvPrm9MXj5ntVheDPkdmBDTncyaGAJcMjwsyB/GvLDGd6yGCw/8eF+09wIV
-AK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjg
-tWiJc/tpvcuzeuAayH89UofjAGueKjXDADiRffvSdhrNw5dkqdqlA0QAAkEAtUSo
-84OekjitKGVjxLu0HvXck29pu+foad53vPKXAsuJdACj88BPqZ91Y9PIJf1GUh38
-CuiHWi7z3cEDfZCyCKAAMAkGBSsOAwIbBQADLwAwLAIUTg8amKVBE9oqC5B75dDQ
-Chy3LdQCFHKodGEj3LjuTzdm/RTe2KZL9Uzf
------END CERTIFICATE REQUEST-----

apps/rsa.c

@@ -1,303 +0,0 @@
-/* apps/rsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include "apps.h"
-#include "bio.h"
-#include "err.h"
-#include "rsa.h"
-#include "evp.h"
-#include "x509.h"
-#include "pem.h"
-
-#undef PROG
-#define PROG	rsa_main
-
-/* -inform arg	- input format - default PEM (one of DER, NET or PEM)
- * -outform arg - output format - default PEM
- * -in arg	- input file - default stdin
- * -out arg	- output file - default stdout
- * -des		- encrypt output if PEM format with DES in cbc mode
- * -des3	- encrypt output if PEM format
- * -idea	- encrypt output if PEM format
- * -text	- print a text version
- * -modulus	- print the RSA key modulus
- */
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	int ret=1;
-	RSA *rsa=NULL;
-	int i,badops=0;
-	EVP_CIPHER *enc=NULL;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,text=0,noout=0;
-	char *infile,*outfile,*prog;
-	int modulus=0;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	prog=argv[0];
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus=1;
-		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -des          encrypt PEM output with cbc des\n");
-		BIO_printf(bio_err," -des3         encrypt PEM output with ede cbc des using 168 bit key\n");
-#ifndef NO_IDEA
-		BIO_printf(bio_err," -idea         encrypt PEM output with cbc idea\n");
-#endif
-		BIO_printf(bio_err," -text         print the key in text\n");
-		BIO_printf(bio_err," -noout        don't print key out\n");
-		BIO_printf(bio_err," -modulus      print the RSA key modulus\n");
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-
-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-
-	BIO_printf(bio_err,"read RSA private key\n");
-	if	(informat == FORMAT_ASN1)
-		rsa=d2i_RSAPrivateKey_bio(in,NULL);
-#ifndef NO_RC4
-	else if (informat == FORMAT_NETSCAPE)
-		{
-		BUF_MEM *buf=NULL;
-		unsigned char *p;
-		int size=0;
-
-		buf=BUF_MEM_new();
-		for (;;)
-			{
-			if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
-				goto end;
-			i=BIO_read(in,&(buf->data[size]),1024*10);
-			size+=i;
-			if (i == 0) break;
-			if (i < 0)
-				{
-				perror("reading private key");
-				BUF_MEM_free(buf);
-				goto end;
-				}
-			}
-		p=(unsigned char *)buf->data;
-		rsa=(RSA *)d2i_Netscape_RSA(NULL,&p,(long)size,NULL);
-		BUF_MEM_free(buf);
-		}
-#endif
-	else if (informat == FORMAT_PEM)
-		rsa=PEM_read_bio_RSAPrivateKey(in,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified for key\n");
-		goto end;
-		}
-	if (rsa == NULL)
-		{
-		BIO_printf(bio_err,"unable to load Private Key\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (outfile == NULL)
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
-			perror(outfile);
-			goto end;
-			}
-		}
-
-	if (text) 
-		if (!RSA_print(out,rsa,0))
-			{
-			perror(outfile);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-	if (modulus)
-		{
-		fprintf(stdout,"Modulus=");
-		BN_print(out,rsa->n);
-		fprintf(stdout,"\n");
-		}
-
-	if (noout) goto end;
-	BIO_printf(bio_err,"writing RSA private key\n");
-	if 	(outformat == FORMAT_ASN1)
-		i=i2d_RSAPrivateKey_bio(out,rsa);
-#ifndef NO_RC4
-	else if (outformat == FORMAT_NETSCAPE)
-		{
-		unsigned char *p,*pp;
-		int size;
-
-		i=1;
-		size=i2d_Netscape_RSA(rsa,NULL,NULL);
-		if ((p=(unsigned char *)Malloc(size)) == NULL)
-			{
-			BIO_printf(bio_err,"Malloc failure\n");
-			goto end;
-			}
-		pp=p;
-		i2d_Netscape_RSA(rsa,&p,NULL);
-		BIO_write(out,(char *)pp,size);
-		Free(pp);
-		}
-#endif
-	else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL);
-	else	{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
-		goto end;
-		}
-	if (!i)
-		{
-		BIO_printf(bio_err,"unable to write private key\n");
-		ERR_print_errors(bio_err);
-		}
-	else
-		ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free(out);
-	if (rsa != NULL) RSA_free(rsa);
-	EXIT(ret);
-	}
-

apps/rsa/01.pem

@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
-MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
-BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
-cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
-qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
-MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
-gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
-LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
-Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
-Pjrmw2eSgbdmmdumWAcNPVbV
------END CERTIFICATE-----

apps/rsa/1.txt

@@ -1,50 +0,0 @@
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-subject=/C=US/ST=New York/L=New York/O=Industrial Press Inc./CN=www.industrialpress.com
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            68:ae:14:a4:c9:9f:a9:f3:9a:23:cf:2f:15:19:b3:5a
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: May 18 00:00:00 1998 GMT
-            Not After : May 18 23:59:59 1999 GMT
-        Subject: C=US, ST=New York, L=New York, O=Industrial Press Inc., CN=www.industrialpress.com
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:aa:21:fd:c5:42:4d:1e:fa:82:99:a0:e8:9f:6e:
-                    d5:6a:52:5b:a9:32:f2:98:5d:f2:28:a5:81:c5:b3:
-                    83:2d:68:d7:ef:22:a3:7b:0a:2a:5a:1a:2d:68:40:
-                    11:23:a8:d7:3e:aa:26:53:ce:e0:15:4d:6d:1f:8a:
-                    ff:6e:0c:21:dc:59:94:30:ad:ea:a3:dd:97:3a:cb:
-                    f0:34:01:f3:5f:35:91:5d:03:49:9a:6e:78:83:61:
-                    75:45:4b:74:d2:98:18:88:ec:62:98:3b:1e:d6:df:
-                    51:2f:93:ce:08:31:1b:7d:7f:03:82:e8:2b:13:f5:
-                    b0:91:2d:85:ad:2a:1c:e7:f7
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md5WithRSAEncryption
-        8c:3b:7e:f1:74:12:d1:2f:ac:d4:bf:2d:8b:aa:02:05:30:fe:
-        d1:f4:14:b8:02:92:a2:8b:99:86:26:ff:24:7e:67:48:43:d9:
-        e3:ff:52:11:7e:8c:0c:26:57:ca:c7:b4:19:da:4c:ce:e8:37:
-        6d:d1:55:6d:a4:09:ff:2c:a2:21:9f:af:63:d8:b5:fb:9f:a5:
-        7b:5d:ed:ac:d4:15:af:96:24:25:a7:a7:43:76:f4:41:b4:05:
-        1d:49:38:50:b4:43:fe:1d:87:f5:fd:aa:e9:4c:f2:5b:aa:3e:
-        3a:e6:c3:67:92:81:b7:66:99:db:a6:58:07:0d:3d:56:d5
------BEGIN CERTIFICATE-----
-MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
-MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
-BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
-cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
-qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
-MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
-gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
-LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
-Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
-Pjrmw2eSgbdmmdumWAcNPVbV
------END CERTIFICATE-----

apps/rsa/SecureServer.pem

@@ -1,47 +0,0 @@
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
-        Signature Algorithm: md2WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: Nov  9 00:00:00 1994 GMT
-            Not After : Jan  7 23:59:59 2010 GMT
-        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1000 bit)
-                Modulus (1000 bit):
-                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
-                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
-                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
-                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
-                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
-                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
-                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
-                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
-                    dd:2d:d6:c8:1e:7b
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md2WithRSAEncryption
-        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
-        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
-        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
-        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
-        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
-        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
-        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
------BEGIN CERTIFICATE-----
-MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
-MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
-BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
-dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
-ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
-0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
-uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
-hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
-YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
-1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
------END CERTIFICATE-----

apps/rsa/s.txt

@@ -1,49 +0,0 @@
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
-        Signature Algorithm: md2WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: Nov  9 00:00:00 1994 GMT
-            Not After : Jan  7 23:59:59 2010 GMT
-        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1000 bit)
-                Modulus (1000 bit):
-                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
-                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
-                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
-                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
-                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
-                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
-                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
-                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
-                    dd:2d:d6:c8:1e:7b
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md2WithRSAEncryption
-        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
-        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
-        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
-        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
-        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
-        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
-        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
------BEGIN CERTIFICATE-----
-MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
-MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
-BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
-dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
-ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
-0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
-uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
-hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
-YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
-1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
------END CERTIFICATE-----

apps/rsa8192.pem

@@ -1,101 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-
-MIISKAIBAAKCBAEAiQ2f1X6Bte1DKD0OoCBKEikzPW+5w3oXk3WwnE97Wxzy6wJZ
-ebbZC3CZKKBnJeBMrysPf+lK+9+fP6Vm8bp1wvbcSIA59BDrX6irFSuM/bdnkbuF
-MFlDjt+uVrxwoyqfPi2IPot1HQg3l5mdyBqcTWvbOnU2L9HZxJfPUCjfzdTMPrMY
-55/A20XL7tlV2opEfwhy3uVlveQBM0DnZ3MUQfrk+lRRNWv7yE4ScbOfER9fjvOm
-yJc3ZbOa3e+AMGGU9OqJ/fyOl0SGYyP2k23omy/idBV4uOs8QWdnAvq8UOzDdua3
-tuf5Tn17XBurPJ8juwyPBNispkwwn8BjxAZVPhwUIcxFBg339IxJ9cW0WdVy4nNA
-LWo/8Ahlf+kZNnFNGCPFytU9gGMLMhab9w/rLrwa9qNe4L8Fmu1JxONn1WfhMOKE
-aFmycf2olJsYLgUIGYZrjnYu0p/7P3yhTOv8JIhmK+SzmA/I0xiQoF84rpaQzH2d
-PvxICOA9oQSowou0gLuBSZWm6LiXirg1DZCziU46v33ErQlWM1dSyNaUSzihcV59
-mVD0nmzboXH75lGiyiZlp8cLbozzoCwvk9rYqpUGSBzbAy0ECCpabGpzO2Ug+oDi
-71e5z4WMpeoR4IS8MaOG/GsJnwaXhiB/gNYfK+8pRADVk5StEAZDE2alSuCbDs0z
-d9zYr4/em5T9VZsLetxRE7pm/Es9yELuViz8/Tm0/8MVdmNYc/xZU1t6qYYFdyQ2
-wlGDTiNPsjR8yXCkmBjKwqnuleu1X6LaZu3VPhEkXGcyFAquQUkSiMv0Yu74qAe0
-bQ2v+jjZzP6AM9LUo89cW4Kd8SGD96BdNlAVPNMXoBcIOsZBwsOtETBd4KAyvkXE
-Ob17u+PLl4UPnSxm9ypKZunUNFRPxtKUyjySYnvlGL+kTjAXrIrZwKJqIn0uhnfa
-Ck3o7bU6yVMK22ODxy2/Vi3E0P6k5JLwnrF0VIOBqGhts66qo6mWDP8l6MZHARFd
-pU+nofssVmr8tLKmMmjYGMM5GmKIXRNBs0ksTwFnKRs9AmpE5owC8tTSVdTAkGuS
-os7QwLvyvNzq7BGJiVr0Iy3Dhsl1vzR35acNOrCsDl3DcCQONKJ2sVXV4pD3dBah
-mG3sR/jHgjasffJJ35uiGoAua9dbT7HG/+D0z1SHYaVqH8zO4VZSOnGJh/P9rtxx
-cckFDbiag/JMWig2lbnCjebTtp/BcUsK3TNaDOb7vb0LvbAeRJadd1EFu6PSlH3K
-LykSUPm4UedvUU3cWjqkSY5lITFJkVaIYOv/EljYtK7p7kFZFTaEwMAWxgsXU3pQ
-tTzVmq1gZ4vXPwcUq0zK50Frq0F7SQc21ZsunwIDAQABAoIEADuQAkDEpBausJsS
-PgL1RXuzECPJJJCBxTE+2qx0FoY4hJICCWTORHGmU8nGPE3Ht0wBiNDsULw6KXl9
-psmzYW6D3qRbpdQebky6fu/KZ5H0XTyGpJGomaXELH5hkwo2gdKB805LSXB+m7p0
-9o96kSdMkpBLVGtf5iZ8W4rY2LsZmlI9f7taQHSLVt/M8HTz1mTnBRU92QO3zZW6
-xVa+OrWaFl18u3ZeIaSh2X40tBK68cqstXVD0r2OWuXNKobcQeJW8/XABzBShZ0c
-ihL0lzyqiN4uXrLu+Nbr22b+FU2OODy6dGk3U6/69NvI4piMCPlHsfhHOnFjd1ZW
-RIVywyUlCtLNdcn11CchuRro+0J3c2Ba+i9Cl9r3qzT11xFEGF8/XLyUBBCB+uGf
-1dR/xJQhCA7cXWWLXyI/semxcvTaGpImP6kiIl1MAjHjXZTSdvyw4JmfXyYGhSjI
-P0mw3Xn7FXxJ/os9gOfNKz2nZHjr0q4sgWRYO+4vllkeL0GteZrg4oVaVpmZb7LH
-77afhodLylhijlEtV5skfkPujbBLQk6E5Ez3U/huEt2NLg6guADmwxMxfBRliZO4
-4Ex/td4cuggpEj3FGJV74qRvdvj/MF/uF7IxC/3WapPIsFBFH4zrJsUYt6u3L68I
-/KC/bfioDeUR/8ANw1DNh+UsnPV3GJIwDkIJKdppi2uXPahJyJQQ8Inps53nn8Gg
-GifS+HnOXNgMoKOJnZ9IDGjXpfjIs8dJNrGfDHF0mH30N2WARq2v/a3cNUC+f8Bq
-HSKQ9YrZopktMunsut8u7ZYbTmjIqJpXCaM0CCrSlzSMTDHFSj2tzLk6+qnxeGxB
-ZwIdShbdeK+0ETG91lE1e9RPQs/uXQP9+uCHJV0YpqQcA6pkCLYJfYpoSMu/Bafy
-AgfVZz6l5tyEnV0wCcbopsQShc1k9xtTbYNF1h9AQHknj6zeDW4iZMvmVeh3RovT
-52OA2R8oLyauF+QaG6x2wUjEx13SJlaBarJZ4seZIOJ+a8+oNzKsbgokXc2cyC9p
-5FAZz1OsOb68o93qD1Xvl7bY97fq2q55L7G1XHPPLtZE5lGiLGDtnAuwY8UPrdpr
-7Mv2yIxB7xVGurXyHb5PvusR88XED6HMPfLBG/55ENHTal7G5mRix+IWSBAIkxA5
-KZ0j8r5Ng4+wELZhqFQai39799bIAyiV6CEz4kyDXlo0kSSexp8o4iz5sPq5vp6h
-cCb7rdRw7uRnbXrHmXahxoB+ibXaurgV/6B2yurrU/UFoxEp2sHp8LXZGfF6ztY1
-dMhSQAACK2vGy5yNagbkTHLgVaHicG5zavJBqzCE+lbPlCqhOUQPdOIwvjHNjdS/
-DL3WV/ECggIBAMbW65wPk/i43nSyeZeYwcHtR1SUJqDXavYfBPC0VRhKz+7DVMFw
-Nwnocn6gITABc445W1yl7U3uww+LGuDlSlFnd8WuiXpVYud9/jeNu6Mu4wvNsnWr
-f4f4ua8CcS03GmqmcbROD2Z6by1AblCZ2UL1kv9cUX1FLVjPP1ESAGKoePt3BmZQ
-J1uJfK8HilNT8dcUlj/5CBi2uHxttDhoG0sxXE/SVsG9OD/Pjme0mj7gdzc6Ztd+
-TALuvpNQR4pRzfo5XWDZBcEYntcEE3PxYJB1+vnZ8509ew5/yLHTbLjFxIcx71zY
-fhH0gM36Sz7mz37r0+E/QkRkc5bVIDC4LDnWmjpAde6QUx0d218ShNx6sJo4kt5c
-Dd7tEVx8nuX8AIZYgwsOb382anLyFRkkmEdK3gRvwQ6SWR36Ez5L7/mHWODpLAX5
-mVBKSG4/ccFbc633/g0xHw0Nwajir/klckdakuYPlwF0yAxJSKDLhmNctDhRmxjC
-YP+fISkl5oTvFRzJH6HEyNu8M3ybRvmpPIjM5J5JpnB2IYbohYBR+T6/97C1DKrd
-mzL5PjlrWm0c1/d7LlDoP65fOShDMmj2zCiBAHHOM0Alokx+v5LmMd8NJumZIwGJ
-Rt5OpeMOhowz6j1AjYxYgV7PmJL6Ovpfb775od/aLaUbbwHz2uWIvfF7AoICAQCw
-c7NaO7oJVLJClhYw6OCvjT6oqtgNVWaennnDiJgzY9lv5HEgV0MAG0eYuB3hvj+w
-Y1P9DJxP1D+R+cshYrAFg8yU/3kaYVNI0Bl3ygX0eW1b/0HZTdocs+8kM/9PZQDR
-WrKQoU5lHvqRt99dXlD4NWGI2YQtzdZ8iet9QLqnjwRZabgE96mF01qKisMnFcsh
-KjT7ieheU4J15TZj/mdZRNK126d7e3q/rNj73e5EJ9tkYLcolSr4gpknUMJULSEi
-JH1/Qx7C/mTAMRsN5SkOthnGq0djCNWfPv/3JV0H67Uf5krFlnwLebrgfTYoPPdo
-yO7iBUNJzv6Qh22malLp4P8gzACkD7DGlSTnoB5cLwcjmDGg+i9WrUBbOiVTeQfZ
-kOj1o+Tz35ndpq/DDUVlqliB9krcxva+QHeJPH53EGI+YVg1nD+s/vUDZ3mQMGX9
-DQou2L8uU6RnWNv/BihGcL8QvS4Ty6QyPOUPpD3zc70JQAEcQk9BxQNaELgJX0IN
-22cYn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU
-ojF5U6cwextMja1ZIIZgh9eugIRUeIE7319nQNDzuXWjRCcoBLA25P7wnpHWDRpz
-D9ovXCIvdja74lL5psqobV6L5+fbLPkSgXoImKR0LQKCAgAIC9Jk8kxumCyIVGCP
-PeM5Uby9M3GMuKrfYsn0Y5e97+kSJF1dpojTodBgR2KQar6eVrvXt+8uZCcIjfx8
-dUrYmHNEUJfHl4T1ESgkX1vkcpVFeQFruZDjk7EP3+1sgvpSroGTZkVBRFsTXbQZ
-FuCv0Pgt1TKG+zGmklxhj3TsiRy8MEjWAxBUp++ftZJnZNI4feDGnfEx7tLwVhAg
-6DWSiWDO6hgQpvOLwX5lu+0x9itc1MQsnDO/OqIDnBAJDN5k7cVVkfKlqbVjxgpz
-eqUJs3yAd81f44kDQTCB4ahYocgeIGsrOqd/WoGL1EEPPo/O9wQP7VtlIRt8UwuG
-bS18+a4sBUfAa56xYu/pnPo7YcubsgZfcSIujzFQqMpVTClJRnOnEuJ4J1+PXzRz
-XAO9fs4VJ+CMEmgAyonUz4Xadxulnknlw//sO9VKgM69oFHCDHL/XamAAbqAdwvf
-7R/+uy+Ol7romC0wMhb6SsIZazrvvH2mNtduAKZ638nAP1x/WbQp+6iVG7yJok7w
-82Q7tO7baOePTXh12Rrt4mNPor0HLYxhra4GFgfqkumJ2Mz0esuZAozxJXFOq8ly
-beo9CVtXP5zbT6qNpeNismX6PLICaev8t+1iOZSE56WSLtefuuj/cOVrTMNDz1Rr
-pUkEVV2zjUSjlcScM538A9iL2QKCAgBLbBk0r6T0ihRsK9UucMxhnYEz/Vq+UEu9
-70Vi1AciqEJv9nh4d3Q3HnH7EHANZxG4Jqzm1DYYVUQa9GfkTFeq88xFv/GW2hUM
-YY8RSfRDrIeXNEOETCe37x2AHw25dRXlZtw+wARPau91y9+Y/FCl18NqCHfcUEin
-ERjsf/eI2bPlODAlR2tZvZ7M60VBdqpN8cmV3zvI3e88z43xLfQlDyr1+v7a5Evy
-lEJnXlSTI2o+vKxtl103vjMSwA1gh63K90gBVsJWXQDZueOzi8mB9UqNRfcMmOEe
-4YHttTXPxeu0x+4cCRfam9zKShsVFgI28vRQ/ijl6qmbQ5gV8wqf18GV1j1L4z0P
-lP6iVynDA4MMrug/w9DqPsHsfK0pwekeETfSj4y0xVXyjWZBfHG2ZBrS6mDTf+RG
-LC4sJgR0hjdILLnUqIX7PzuhieBHRrjBcopwvcryVWRHnI7kslAS0+yHjiWc5oW3
-x5mtlum4HzelNYuD9cAE/95P6CeSMfp9CyIE/KSX4VvsRm6gQVkoQRKMxnQIFQ3w
-O5gl1l88vhjoo2HxYScgCp70BsDwiUNTqIR3NM+ZBHYFweVf3Gwz5LzHZT2rEZtD
-6VXRP75Q/2wOLnqCO4bK4BUs6sqxcQZmOldruPkPynrY0oPfHHExjxZDvQu4/r80
-Ls3n0L8yvQKCAgEAnYWS6EikwaQNpJEfiUnOlglgFz4EE1eVkrDbBY4J3oPU+doz
-DrqmsvgpSZIAfd2MUbkN4pOMsMTjbeIYWDnZDa1RoctKs3FhwFPHwAjQpznab4mn
-Bp81FMHM40qyb0NaNuFRwghdXvoQvBBX1p8oEnFzDRvTiuS/vTPTA8KDY8IeRp8R
-oGzKHpfziNwq/URpqj7pwi9odNjGZvR2IwYw9jCLPIqaEbMoSOdI0mg4MoYyqP4q
-nm7d4wqSDwrYxiXZ6f3nYpkhEY1lb0Wbksp1ig8sKSF4nDZRGK1RSfE+6gjBp94H
-X/Wog6Zb6NC9ZpusTiDLvuIUXcyUJvmHiWjSNqiTv8jurlwEsgSwhziEQfqLrtdV
-QI3PRMolBkD1iCk+HFE53r05LMf1bp3r4MS+naaQrLbIrl1kgDNGwVdgS+SCM7Bg
-TwEgE67iOb2iIoUpon/NyP4LesMzvdpsu2JFlfz13PmmQ34mFI7tWvOb3NA5DP3c
-46C6SaWI0TD9B11nJbHGTYN3Si9n0EBgoDJEXUKeh3km9O47dgvkSug4WzhYsvrE
-rMlMLtKfp2w8HlMZpsUlToNCx6CI+tJrohzcs3BAVAbjFAXRKWGijB1rxwyDdHPv
-I+/wJTNaRNPQ1M0SwtEL/zJd21y3KSPn4eL+GP3efhlDSjtlDvZqkdAUsU8=
------END RSA PRIVATE KEY-----
-

apps/s1024key.pem

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
-S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
-pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
-AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
-dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
-bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
-Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
-zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
-6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
-QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
-dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
-0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
-nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
------END RSA PRIVATE KEY-----

apps/s1024req.pem

@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBojCCAQsCAQAwZDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
-GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSQwIgYDVQQDExtTZXJ2ZXIgdGVz
-dCBjZXJ0ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALMR
-9TwT5kZMa0ddXleG8zYuDfZ9dQiPJ1dvfgEZU9fqg3v5o1VL15ZrK9b/73+9RvRo
-KqKUmukV6yAi1XZPxWGGM4T75dTPjq42lwxTvAcwQBdS58+nO2kWbxkSTa0Uq9p2
-RJKg3yVvXWO69lWRKQ+UHrmkWFJ7hApKnongeuRjAgMBAAEwDQYJKoZIhvcNAQEE
-BQADgYEAStHlk4pBbwiNeQ2/PKTPPXzITYC8Gn0XMbrU94e/6JIKiO7aArq9Espq
-nrBSvC14dHcNl6NNvnkEKdQ7hAkcACfBbnOXA/oQvMBd4GD78cH3k0jVDoVUEjil
-frLfWlckW6WzpTktt0ZPDdAjJCmKVh0ABHimi7Bo9FC3wIGIe5M=
------END CERTIFICATE REQUEST-----

apps/s512-key.pem

@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
-TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
-OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
-gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
-rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
-PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
-vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
------END RSA PRIVATE KEY-----

apps/s512-req.pem

@@ -1,8 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa
-MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0
-IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8S
-MVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8E
-y2//Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAANBAAB+uQi+qwn6qRSHB8EUTvsm
-5TNTHzYDeN39nyIbZNX2s0se3Srn2Bxft5YCwD3moFZ9QoyDHxE0h6qLX5yjD+8=
------END CERTIFICATE REQUEST-----

apps/s_apps.h

@@ -1,119 +0,0 @@
-/* apps/s_apps.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define PORT            4433
-#define PORT_STR        "4433"
-#define PROTOCOL        "tcp"
-
-#ifndef NOPROTO
-int do_accept(int acc_sock, int *sock, char **host);
-int do_server(int port, int *ret, int (*cb) (), char *context);
-#ifdef HEADER_X509_H
-int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
-#else
-int MS_CALLBACK verify_callback(int ok, char *ctx);
-#endif
-#ifdef HEADER_SSL_H
-int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
-#else
-int set_cert_stuff(char *ctx, char *cert_file, char *key_file);
-#endif
-int init_client(int *sock, char *server, int port);
-int init_client_ip(int *sock,unsigned char ip[4], int port);
-int nbio_init_client_ip(int *sock,unsigned char ip[4], int port);
-int nbio_sock_error(int sock);
-int spawn(int argc, char **argv, int *in, int *out);
-int init_server(int *sock, int port);
-int init_server_long(int *sock, int port,char *ip);
-int should_retry(int i);
-void sock_cleanup(void );
-int extract_port(char *str, short *port_ptr);
-int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
-int host_ip(char *str, unsigned char ip[4]);
-
-long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, char *argp,
-	int argi, long argl, long ret);
-
-#ifdef HEADER_SSL_H
-void MS_CALLBACK apps_ssl_info_callback(SSL *s, int where, int ret);
-#else
-void MS_CALLBACK apps_ssl_info_callback(char *s, int where, int ret);
-#endif
-
-#else
-int do_accept();
-int do_server();
-int MS_CALLBACK verify_callback();
-int set_cert_stuff();
-int init_client();
-int init_client_ip();
-int nbio_init_client_ip();
-int nbio_sock_error();
-int spawn();
-int init_server();
-int should_retry();
-void sock_cleanup();
-int extract_port();
-int extract_host_port();
-int host_ip();
-
-long MS_CALLBACK bio_dump_cb();
-void MS_CALLBACK apps_ssl_info_callback();
-
-#endif
-

apps/s_cb.c

@@ -1,251 +0,0 @@
-/* apps/s_cb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#define USE_SOCKETS
-#define NON_MAIN
-#include "apps.h"
-#undef NON_MAIN
-#undef USE_SOCKETS
-#include "err.h"
-#include "x509.h"
-#include "ssl.h"
-#include "s_apps.h"
-
-int verify_depth=0;
-int verify_error=X509_V_OK;
-
-int MS_CALLBACK verify_callback(ok, ctx)
-int ok;
-X509_STORE_CTX *ctx;
-	{
-	char buf[256];
-	X509 *err_cert;
-	int err,depth;
-
-	err_cert=X509_STORE_CTX_get_current_cert(ctx);
-	err=	X509_STORE_CTX_get_error(ctx);
-	depth=	X509_STORE_CTX_get_error_depth(ctx);
-
-	X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
-	BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
-	if (!ok)
-		{
-		BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
-			X509_verify_cert_error_string(err));
-		if (verify_depth >= depth)
-			{
-			ok=1;
-			verify_error=X509_V_OK;
-			}
-		else
-			{
-			ok=0;
-			verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
-			}
-		}
-	switch (ctx->error)
-		{
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-		X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
-		BIO_printf(bio_err,"issuer= %s\n",buf);
-		break;
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-		BIO_printf(bio_err,"notBefore=");
-		ASN1_TIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
-		BIO_printf(bio_err,"\n");
-		break;
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-		BIO_printf(bio_err,"notAfter=");
-		ASN1_TIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
-		BIO_printf(bio_err,"\n");
-		break;
-		}
-	BIO_printf(bio_err,"verify return:%d\n",ok);
-	return(ok);
-	}
-
-int set_cert_stuff(ctx, cert_file, key_file)
-SSL_CTX *ctx;
-char *cert_file;
-char *key_file;
-	{
-	if (cert_file != NULL)
-		{
-		/*
-		SSL *ssl;
-		X509 *x509;
-		*/
-
-		if (SSL_CTX_use_certificate_file(ctx,cert_file,
-			SSL_FILETYPE_PEM) <= 0)
-			{
-			BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
-			ERR_print_errors(bio_err);
-			return(0);
-			}
-		if (key_file == NULL) key_file=cert_file;
-		if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
-			SSL_FILETYPE_PEM) <= 0)
-			{
-			BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
-			ERR_print_errors(bio_err);
-			return(0);
-			}
-
-		/*
-		In theory this is no longer needed 
-		ssl=SSL_new(ctx);
-		x509=SSL_get_certificate(ssl);
-
-		if (x509 != NULL) {
-			EVP_PKEY *pktmp;
-			pktmp = X509_get_pubkey(x509);
-			EVP_PKEY_copy_parameters(pktmp,
-						SSL_get_privatekey(ssl));
-			EVP_PKEY_free(pktmp);
-		}
-		SSL_free(ssl);
-		*/
-
-		/* If we are using DSA, we can copy the parameters from
-		 * the private key */
-		
-		
-		/* Now we know that a key and cert have been set against
-		 * the SSL context */
-		if (!SSL_CTX_check_private_key(ctx))
-			{
-			BIO_printf(bio_err,"Private key does not match the certificate public key\n");
-			return(0);
-			}
-		}
-	return(1);
-	}
-
-long MS_CALLBACK bio_dump_cb(bio,cmd,argp,argi,argl,ret)
-BIO *bio;
-int cmd;
-char *argp;
-int argi;
-long argl;
-long ret;
-	{
-	BIO *out;
-
-	out=(BIO *)BIO_get_callback_arg(bio);
-	if (out == NULL) return(ret);
-
-	if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
-		{
-		BIO_printf(out,"read from %08X [%08lX] (%d bytes => %ld (0x%X))\n",
-			bio,argp,argi,ret,ret);
-		BIO_dump(out,argp,(int)ret);
-		return(ret);
-		}
-	else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
-		{
-		BIO_printf(out,"write to %08X [%08lX] (%d bytes => %ld (0x%X))\n",
-			bio,argp,argi,ret,ret);
-		BIO_dump(out,argp,(int)ret);
-		}
-	return(ret);
-	}
-
-void MS_CALLBACK apps_ssl_info_callback(s,where,ret)
-SSL *s;
-int where;
-int ret;
-	{
-	char *str;
-	int w;
-
-	w=where& ~SSL_ST_MASK;
-
-	if (w & SSL_ST_CONNECT) str="SSL_connect";
-	else if (w & SSL_ST_ACCEPT) str="SSL_accept";
-	else str="undefined";
-
-	if (where & SSL_CB_LOOP)
-		{
-		BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
-		}
-	else if (where & SSL_CB_ALERT)
-		{
-		str=(where & SSL_CB_READ)?"read":"write";
-		BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
-			str,
-			SSL_alert_type_string_long(ret),
-			SSL_alert_desc_string_long(ret));
-		}
-	else if (where & SSL_CB_EXIT)
-		{
-		if (ret == 0)
-			BIO_printf(bio_err,"%s:failed in %s\n",
-				str,SSL_state_string_long(s));
-		else if (ret < 0)
-			{
-			BIO_printf(bio_err,"%s:error in %s\n",
-				str,SSL_state_string_long(s));
-			}
-		}
-	}
-

apps/s_client.c

@@ -1,758 +0,0 @@
-/* apps/s_client.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#define USE_SOCKETS
-#ifdef NO_STDIO
-#define APPS_WIN16
-#endif
-#include "apps.h"
-#include "x509.h"
-#include "ssl.h"
-#include "err.h"
-#include "pem.h"
-#include "s_apps.h"
-
-#undef PROG
-#define PROG	s_client_main
-
-/*#define SSL_HOST_NAME	"www.netscape.com" */
-/*#define SSL_HOST_NAME	"193.118.187.102" */
-#define SSL_HOST_NAME	"localhost"
-
-/*#define TEST_CERT "client.pem" */ /* no default cert. */
-
-#undef BUFSIZZ
-#define BUFSIZZ 1024*8
-
-extern int verify_depth;
-extern int verify_error;
-
-#ifdef FIONBIO
-static int c_nbio=0;
-#endif
-static int c_Pause=0;
-static int c_debug=0;
-
-#ifndef NOPROTO
-static void sc_usage(void);
-static void print_stuff(BIO *berr,SSL *con,int full);
-#else
-static void sc_usage();
-static void print_stuff();
-#endif
-
-static BIO *bio_c_out=NULL;
-static int c_quiet=0;
-
-static void sc_usage()
-	{
-	BIO_printf(bio_err,"usage: s_client args\n");
-	BIO_printf(bio_err,"\n");
-	BIO_printf(bio_err," -host host     - use -connect instead\n");
-	BIO_printf(bio_err," -port port     - use -connect instead\n");
-	BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
-
-	BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
-	BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");
-	BIO_printf(bio_err," -key arg      - Private key file to use, PEM format assumed, in cert file if\n");
-	BIO_printf(bio_err,"                 not specified but cert file is.\n");
-	BIO_printf(bio_err," -CApath arg   - PEM format directory of CA's\n");
-	BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
-	BIO_printf(bio_err," -reconnect    - Drop and re-make the connection with the same Session-ID\n");
-	BIO_printf(bio_err," -pause        - sleep(1) after each read(2) and write(2) system call\n");
-	BIO_printf(bio_err," -debug        - extra output\n");
-	BIO_printf(bio_err," -nbio_test    - more ssl protocol testing\n");
-	BIO_printf(bio_err," -state        - print the 'ssl' states\n");
-#ifdef FIONBIO
-	BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
-#endif
-	BIO_printf(bio_err," -quiet        - no s_client output\n");
-	BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
-	BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
-	BIO_printf(bio_err," -tls1         - just use TLSv1\n");
-	BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
-	BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
-	BIO_printf(bio_err," -cipher       - prefered cipher to use, use the 'openssl ciphers'\n");
-	BIO_printf(bio_err,"                 command to see what is available\n");
-
-	}
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	int off=0;
-	SSL *con=NULL,*con2=NULL;
-	int s,k,width,state=0;
-	char *cbuf=NULL,*sbuf=NULL;
-	int cbuf_len,cbuf_off;
-	int sbuf_len,sbuf_off;
-	fd_set readfds,writefds;
-	short port=PORT;
-	int full_log=1;
-	char *host=SSL_HOST_NAME;
-	char *cert_file=NULL,*key_file=NULL;
-	char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
-	int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
-	int write_tty,read_tty,write_ssl,read_ssl,tty_on;
-	SSL_CTX *ctx=NULL;
-	int ret=1,in_init=1,i,nbio_test=0;
-	SSL_METHOD *meth=NULL;
-	BIO *sbio;
-	/*static struct timeval timeout={10,0};*/
-
-#if !defined(NO_SSL2) && !defined(NO_SSL3)
-	meth=SSLv23_client_method();
-#elif !defined(NO_SSL3)
-	meth=SSLv3_client_method();
-#elif !defined(NO_SSL2)
-	meth=SSLv2_client_method();
-#endif
-
-	apps_startup();
-	c_Pause=0;
-	c_quiet=0;
-	c_debug=0;
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	if (	((cbuf=Malloc(BUFSIZZ)) == NULL) ||
-		((sbuf=Malloc(BUFSIZZ)) == NULL))
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		goto end;
-		}
-
-	verify_depth=0;
-	verify_error=X509_V_OK;
-#ifdef FIONBIO
-	c_nbio=0;
-#endif
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-host") == 0)
-			{
-			if (--argc < 1) goto bad;
-			host= *(++argv);
-			}
-		else if	(strcmp(*argv,"-port") == 0)
-			{
-			if (--argc < 1) goto bad;
-			port=atoi(*(++argv));
-			if (port == 0) goto bad;
-			}
-		else if (strcmp(*argv,"-connect") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!extract_host_port(*(++argv),&host,NULL,&port))
-				goto bad;
-			}
-		else if	(strcmp(*argv,"-verify") == 0)
-			{
-			verify=SSL_VERIFY_PEER;
-			if (--argc < 1) goto bad;
-			verify_depth=atoi(*(++argv));
-			BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
-			}
-		else if	(strcmp(*argv,"-cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cert_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-quiet") == 0)
-			c_quiet=1;
-		else if	(strcmp(*argv,"-pause") == 0)
-			c_Pause=1;
-		else if	(strcmp(*argv,"-debug") == 0)
-			c_debug=1;
-		else if	(strcmp(*argv,"-nbio_test") == 0)
-			nbio_test=1;
-		else if	(strcmp(*argv,"-state") == 0)
-			state=1;
-#ifndef NO_SSL2
-		else if	(strcmp(*argv,"-ssl2") == 0)
-			meth=SSLv2_client_method();
-#endif
-#ifndef NO_SSL3
-		else if	(strcmp(*argv,"-ssl3") == 0)
-			meth=SSLv3_client_method();
-#endif
-#ifndef NO_TLS1
-		else if	(strcmp(*argv,"-tls1") == 0)
-			meth=TLSv1_client_method();
-#endif
-		else if (strcmp(*argv,"-bugs") == 0)
-			bugs=1;
-		else if	(strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			key_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-reconnect") == 0)
-			{
-			reconnect=5;
-			}
-		else if	(strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CApath= *(++argv);
-			}
-		else if	(strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-no_tls1") == 0)
-			off|=SSL_OP_NO_TLSv1;
-		else if (strcmp(*argv,"-no_ssl3") == 0)
-			off|=SSL_OP_NO_SSLv3;
-		else if (strcmp(*argv,"-no_ssl2") == 0)
-			off|=SSL_OP_NO_SSLv2;
-		else if	(strcmp(*argv,"-cipher") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cipher= *(++argv);
-			}
-#ifdef FIONBIO
-		else if (strcmp(*argv,"-nbio") == 0)
-			{ c_nbio=1; }
-#endif
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badop=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-	if (badop)
-		{
-bad:
-		sc_usage();
-		goto end;
-		}
-
-	if (bio_c_out == NULL)
-		{
-		if (c_quiet)
-			{
-			bio_c_out=BIO_new(BIO_s_null());
-			}
-		else
-			{
-			if (bio_c_out == NULL)
-				bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE);
-			}
-		}
-
-	SSLeay_add_ssl_algorithms();
-	ctx=SSL_CTX_new(meth);
-	if (ctx == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (bugs)
-		SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
-	else
-		SSL_CTX_set_options(ctx,off);
-
-	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
-	if (cipher != NULL)
-		SSL_CTX_set_cipher_list(ctx,cipher);
-#if 0
-	else
-		SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER"));
-#endif
-
-	SSL_CTX_set_verify(ctx,verify,verify_callback);
-	if (!set_cert_stuff(ctx,cert_file,key_file))
-		goto end;
-
-	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(ctx)))
-		{
-		/* BIO_printf(bio_err,"error seting default verify locations\n"); */
-		ERR_print_errors(bio_err);
-		/* goto end; */
-		}
-
-	SSL_load_error_strings();
-
-	con=(SSL *)SSL_new(ctx);
-/*	SSL_set_cipher_list(con,"RC4-MD5"); */
-
-re_start:
-
-	if (init_client(&s,host,port) == 0)
-		{
-		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
-		SHUTDOWN(s);
-		goto end;
-		}
-	BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s);
-
-#ifdef FIONBIO
-	if (c_nbio)
-		{
-		unsigned long l=1;
-		BIO_printf(bio_c_out,"turning on non blocking io\n");
-		if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-#endif                                              
-	if (c_Pause & 0x01) con->debug=1;
-	sbio=BIO_new_socket(s,BIO_NOCLOSE);
-
-	if (nbio_test)
-		{
-		BIO *test;
-
-		test=BIO_new(BIO_f_nbio_test());
-		sbio=BIO_push(test,sbio);
-		}
-
-	if (c_debug)
-		{
-		con->debug=1;
-		BIO_set_callback(sbio,bio_dump_cb);
-		BIO_set_callback_arg(sbio,bio_c_out);
-		}
-
-	SSL_set_bio(con,sbio,sbio);
-	SSL_set_connect_state(con);
-
-	/* ok, lets connect */
-	width=SSL_get_fd(con)+1;
-
-	read_tty=1;
-	write_tty=0;
-	tty_on=0;
-	read_ssl=1;
-	write_ssl=1;
-	
-	cbuf_len=0;
-	cbuf_off=0;
-	sbuf_len=0;
-	sbuf_off=0;
-
-	for (;;)
-		{
-		FD_ZERO(&readfds);
-		FD_ZERO(&writefds);
-
-		if (SSL_in_init(con) && !SSL_total_renegotiations(con))
-			{
-			in_init=1;
-			tty_on=0;
-			}
-		else
-			{
-			tty_on=1;
-			if (in_init)
-				{
-				in_init=0;
-				print_stuff(bio_c_out,con,full_log);
-				if (full_log > 0) full_log--;
-
-				if (reconnect)
-					{
-					reconnect--;
-					BIO_printf(bio_c_out,"drop connection and then reconnect\n");
-					SSL_shutdown(con);
-					SSL_set_connect_state(con);
-					SHUTDOWN(SSL_get_fd(con));
-					goto re_start;
-					}
-				}
-			}
-
-#ifndef WINDOWS
-		if (tty_on)
-			{
-			if (read_tty)  FD_SET(fileno(stdin),&readfds);
-			if (write_tty) FD_SET(fileno(stdout),&writefds);
-			}
-#endif
-		if (read_ssl)
-			FD_SET(SSL_get_fd(con),&readfds);
-		if (write_ssl)
-			FD_SET(SSL_get_fd(con),&writefds);
-
-/*		printf("mode tty(%d %d%d) ssl(%d%d)\n",
-			tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
-
-		i=select(width,&readfds,&writefds,NULL,NULL);
-		if ( i < 0)
-			{
-			BIO_printf(bio_err,"bad select %d\n",
-				get_last_socket_error());
-			goto shut;
-			/* goto end; */
-			}
-
-		if (FD_ISSET(SSL_get_fd(con),&writefds))
-			{
-			k=SSL_write(con,&(cbuf[cbuf_off]),
-				(unsigned int)cbuf_len);
-			switch (SSL_get_error(con,k))
-				{
-			case SSL_ERROR_NONE:
-				cbuf_off+=k;
-				cbuf_len-=k;
-				if (k <= 0) goto end;
-				/* we have done a  write(con,NULL,0); */
-				if (cbuf_len <= 0)
-					{
-					read_tty=1;
-					write_ssl=0;
-					}
-				else /* if (cbuf_len > 0) */
-					{
-					read_tty=0;
-					write_ssl=1;
-					}
-				break;
-			case SSL_ERROR_WANT_WRITE:
-				BIO_printf(bio_c_out,"write W BLOCK\n");
-				write_ssl=1;
-				read_tty=0;
-				break;
-			case SSL_ERROR_WANT_READ:
-				BIO_printf(bio_c_out,"write R BLOCK\n");
-				write_tty=0;
-				read_ssl=1;
-				write_ssl=0;
-				break;
-			case SSL_ERROR_WANT_X509_LOOKUP:
-				BIO_printf(bio_c_out,"write X BLOCK\n");
-				break;
-			case SSL_ERROR_ZERO_RETURN:
-				if (cbuf_len != 0)
-					{
-					BIO_printf(bio_c_out,"shutdown\n");
-					goto shut;
-					}
-				else
-					{
-					read_tty=1;
-					write_ssl=0;
-					break;
-					}
-				
-			case SSL_ERROR_SYSCALL:
-				if ((k != 0) || (cbuf_len != 0))
-					{
-					BIO_printf(bio_err,"write:errno=%d\n",
-						get_last_socket_error());
-					goto shut;
-					}
-				else
-					{
-					read_tty=1;
-					write_ssl=0;
-					}
-				break;
-			case SSL_ERROR_SSL:
-				ERR_print_errors(bio_err);
-				goto shut;
-				}
-			}
-#ifndef WINDOWS
-		else if (FD_ISSET(fileno(stdout),&writefds))
-			{
-			i=write(fileno(stdout),&(sbuf[sbuf_off]),sbuf_len);
-
-			if (i <= 0)
-				{
-				BIO_printf(bio_c_out,"DONE\n");
-				goto shut;
-				/* goto end; */
-				}
-
-			sbuf_len-=i;;
-			sbuf_off+=i;
-			if (sbuf_len <= 0)
-				{
-				read_ssl=1;
-				write_tty=0;
-				}
-			}
-#endif
-		else if (FD_ISSET(SSL_get_fd(con),&readfds))
-			{
-#ifdef RENEG
-{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
-#endif
-#if 1
-			k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
-#else
-/* Demo for pending and peek :-) */
-			k=SSL_read(con,sbuf,16);
-{ char zbuf[10240]; 
-printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240));
-}
-#endif
-
-			switch (SSL_get_error(con,k))
-				{
-			case SSL_ERROR_NONE:
-				if (k <= 0)
-					goto end;
-				sbuf_off=0;
-				sbuf_len=k;
-
-				read_ssl=0;
-				write_tty=1;
-				break;
-			case SSL_ERROR_WANT_WRITE:
-				BIO_printf(bio_c_out,"read W BLOCK\n");
-				write_ssl=1;
-				read_tty=0;
-				break;
-			case SSL_ERROR_WANT_READ:
-				BIO_printf(bio_c_out,"read R BLOCK\n");
-				write_tty=0;
-				read_ssl=1;
-				if ((read_tty == 0) && (write_ssl == 0))
-					write_ssl=1;
-				break;
-			case SSL_ERROR_WANT_X509_LOOKUP:
-				BIO_printf(bio_c_out,"read X BLOCK\n");
-				break;
-			case SSL_ERROR_SYSCALL:
-				BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
-				goto shut;
-			case SSL_ERROR_ZERO_RETURN:
-				BIO_printf(bio_c_out,"closed\n");
-				goto shut;
-			case SSL_ERROR_SSL:
-				ERR_print_errors(bio_err);
-				goto shut;
-				/* break; */
-				}
-			}
-
-#ifndef WINDOWS
-		else if (FD_ISSET(fileno(stdin),&readfds))
-			{
-			i=read(fileno(stdin),cbuf,BUFSIZZ);
-
-			if ((!c_quiet) && ((i <= 0) || (cbuf[0] == 'Q')))
-				{
-				BIO_printf(bio_err,"DONE\n");
-				goto shut;
-				}
-
-			if ((!c_quiet) && (cbuf[0] == 'R'))
-				{
-				SSL_renegotiate(con);
-				read_tty=0;
-				write_ssl=1;
-				}
-			else
-				{
-				cbuf_len=i;
-				cbuf_off=0;
-				}
-
-			read_tty=0;
-			write_ssl=1;
-			}
-#endif
-		}
-shut:
-	SSL_shutdown(con);
-	SHUTDOWN(SSL_get_fd(con));
-	ret=0;
-end:
-	if (con != NULL) SSL_free(con);
-	if (con2 != NULL) SSL_free(con2);
-	if (ctx != NULL) SSL_CTX_free(ctx);
-	if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); Free(cbuf); }
-	if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); Free(sbuf); }
-	if (bio_c_out != NULL)
-		{
-		BIO_free(bio_c_out);
-		bio_c_out=NULL;
-		}
-	EXIT(ret);
-	}
-
-
-static void print_stuff(bio,s,full)
-BIO *bio;
-SSL *s;
-int full;
-	{
-	X509 *peer=NULL;
-	char *p;
-	static char *space="                ";
-	char buf[BUFSIZ];
-	STACK *sk;
-	SSL_CIPHER *c;
-	X509_NAME *xn;
-	int j,i;
-
-	if (full)
-		{
-		sk=SSL_get_peer_cert_chain(s);
-		if (sk != NULL)
-			{
-			BIO_printf(bio,"---\nCertificate chain\n");
-			for (i=0; i<sk_num(sk); i++)
-				{
-				X509_NAME_oneline(X509_get_subject_name((X509 *)
-					sk_value(sk,i)),buf,BUFSIZ);
-				BIO_printf(bio,"%2d s:%s\n",i,buf);
-				X509_NAME_oneline(X509_get_issuer_name((X509 *)
-					sk_value(sk,i)),buf,BUFSIZ);
-				BIO_printf(bio,"   i:%s\n",buf);
-				}
-			}
-
-		BIO_printf(bio,"---\n");
-		peer=SSL_get_peer_certificate(s);
-		if (peer != NULL)
-			{
-			BIO_printf(bio,"Server certificate\n");
-			PEM_write_bio_X509(bio,peer);
-			X509_NAME_oneline(X509_get_subject_name(peer),
-				buf,BUFSIZ);
-			BIO_printf(bio,"subject=%s\n",buf);
-			X509_NAME_oneline(X509_get_issuer_name(peer),
-				buf,BUFSIZ);
-			BIO_printf(bio,"issuer=%s\n",buf);
-			}
-		else
-			BIO_printf(bio,"no peer certificate available\n");
-
-		sk=SSL_get_client_CA_list(s);
-		if ((sk != NULL) && (sk_num(sk) > 0))
-			{
-			BIO_printf(bio,"---\nAcceptable client certificate CA names\n");
-			for (i=0; i<sk_num(sk); i++)
-				{
-				xn=(X509_NAME *)sk_value(sk,i);
-				X509_NAME_oneline(xn,buf,sizeof(buf));
-				BIO_write(bio,buf,strlen(buf));
-				BIO_write(bio,"\n",1);
-				}
-			}
-		else
-			{
-			BIO_printf(bio,"---\nNo client certificate CA names sent\n");
-			}
-		p=SSL_get_shared_ciphers(s,buf,BUFSIZ);
-		if (p != NULL)
-			{
-			BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
-			j=i=0;
-			while (*p)
-				{
-				if (*p == ':')
-					{
-					BIO_write(bio,space,15-j%25);
-					i++;
-					j=0;
-					BIO_write(bio,((i%3)?" ":"\n"),1);
-					}
-				else
-					{
-					BIO_write(bio,p,1);
-					j++;
-					}
-				p++;
-				}
-			BIO_write(bio,"\n",1);
-			}
-
-		BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n",
-			BIO_number_read(SSL_get_rbio(s)),
-			BIO_number_written(SSL_get_wbio(s)));
-		}
-	BIO_printf(bio,((s->hit)?"---\nReused, ":"---\nNew, "));
-	c=SSL_get_current_cipher(s);
-	BIO_printf(bio,"%s, Cipher is %s\n",
-		SSL_CIPHER_get_version(c),
-		SSL_CIPHER_get_name(c));
-	if (peer != NULL) {
-		EVP_PKEY *pktmp;
-		pktmp = X509_get_pubkey(peer);
-		BIO_printf(bio,"Server public key is %d bit\n",
-							 EVP_PKEY_bits(pktmp));
-		EVP_PKEY_free(pktmp);
-	}
-	SSL_SESSION_print(bio,SSL_get_session(s));
-	BIO_printf(bio,"---\n");
-	if (peer != NULL)
-		X509_free(peer);
-	}
-

apps/s_socket.c

@@ -1,675 +0,0 @@
-/* apps/s_socket.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <signal.h>
-#define USE_SOCKETS
-#define NON_MAIN
-#include "apps.h"
-#undef USE_SOCKETS
-#undef NON_MAIN
-#include "s_apps.h"
-#include "ssl.h"
-
-#ifndef NOPROTO
-static struct hostent *GetHostByName(char *name);
-int sock_init(void );
-#else
-static struct hostent *GetHostByName();
-int sock_init();
-#endif
-
-#ifdef WIN16
-#define SOCKET_PROTOCOL	0 /* more microsoft stupidity */
-#else
-#define SOCKET_PROTOCOL	IPPROTO_TCP
-#endif
-
-#ifdef WINDOWS
-static struct WSAData wsa_state;
-static int wsa_init_done=0;
-
-#ifdef WIN16
-static HWND topWnd=0;
-static FARPROC lpTopWndProc=NULL;
-static FARPROC lpTopHookProc=NULL;
-extern HINSTANCE _hInstance;  /* nice global CRT provides */
-
-static LONG FAR PASCAL topHookProc(hwnd,message,wParam,lParam)
-HWND hwnd;
-UINT message;
-WPARAM wParam;
-LPARAM lParam;
-	{
-	if (hwnd == topWnd)
-		{
-		switch(message)
-			{
-		case WM_DESTROY:
-		case WM_CLOSE:
-			SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc);
-			sock_cleanup();
-			break;
-			}
-		}
-	return CallWindowProc(lpTopWndProc,hwnd,message,wParam,lParam);
-	}
-
-static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
-	{
-	topWnd=hwnd;
-	return(FALSE);
-	}
-
-#endif /* WIN32 */
-#endif /* WINDOWS */
-
-void sock_cleanup()
-	{
-#ifdef WINDOWS
-	if (wsa_init_done)
-		{
-		wsa_init_done=0;
-		WSACancelBlockingCall();
-		WSACleanup();
-		}
-#endif
-	}
-
-int sock_init()
-	{
-#ifdef WINDOWS
-	if (!wsa_init_done)
-		{
-		int err;
-	  
-#ifdef SIGINT
-		signal(SIGINT,(void (*)(int))sock_cleanup);
-#endif
-		wsa_init_done=1;
-		memset(&wsa_state,0,sizeof(wsa_state));
-		if (WSAStartup(0x0101,&wsa_state)!=0)
-			{
-			err=WSAGetLastError();
-			BIO_printf(bio_err,"unable to start WINSOCK, error code=%d\n",err);
-			return(0);
-			}
-
-#ifdef WIN16
-		EnumTaskWindows(GetCurrentTask(),enumproc,0L);
-		lpTopWndProc=(FARPROC)GetWindowLong(topWnd,GWL_WNDPROC);
-		lpTopHookProc=MakeProcInstance((FARPROC)topHookProc,_hInstance);
-
-		SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc);
-#endif /* WIN16 */
-		}
-#endif /* WINDOWS */
-	return(1);
-	}
-
-int init_client(sock, host, port)
-int *sock;
-char *host;
-int port;
-	{
-	unsigned char ip[4];
-	short p=0;
-
-	if (!host_ip(host,&(ip[0])))
-		{
-		return(0);
-		}
-	if (p != 0) port=p;
-	return(init_client_ip(sock,ip,port));
-	}
-
-int init_client_ip(sock, ip, port)
-int *sock;
-unsigned char ip[4];
-int port;
-	{
-	unsigned long addr;
-	struct sockaddr_in them;
-	int s,i;
-
-	if (!sock_init()) return(0);
-
-	memset((char *)&them,0,sizeof(them));
-	them.sin_family=AF_INET;
-	them.sin_port=htons((unsigned short)port);
-	addr=(unsigned long)
-		((unsigned long)ip[0]<<24L)|
-		((unsigned long)ip[1]<<16L)|
-		((unsigned long)ip[2]<< 8L)|
-		((unsigned long)ip[3]);
-	them.sin_addr.s_addr=htonl(addr);
-
-	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-	if (s == INVALID_SOCKET) { perror("socket"); return(0); }
-
-	i=0;
-	i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-	if (i < 0) { perror("keepalive"); return(0); }
-
-	if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
-		{ close(s); perror("connect"); return(0); }
-	*sock=s;
-	return(1);
-	}
-
-int nbio_sock_error(sock)
-int sock;
-	{
-	int j,i,size;
-
-	size=sizeof(int);
-	i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,&size);
-	if (i < 0)
-		return(1);
-	else
-		return(j);
-	}
-
-int nbio_init_client_ip(sock, ip, port)
-int *sock;
-unsigned char ip[4];
-int port;
-	{
-	unsigned long addr;
-	struct sockaddr_in them;
-	int s,i;
-
-	if (!sock_init()) return(0);
-
-	memset((char *)&them,0,sizeof(them));
-	them.sin_family=AF_INET;
-	them.sin_port=htons((unsigned short)port);
-	addr=	(unsigned long)
-		((unsigned long)ip[0]<<24L)|
-		((unsigned long)ip[1]<<16L)|
-		((unsigned long)ip[2]<< 8L)|
-		((unsigned long)ip[3]);
-	them.sin_addr.s_addr=htonl(addr);
-
-	if (*sock <= 0)
-		{
-		unsigned long l=1;
-
-		s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-		if (s == INVALID_SOCKET) { perror("socket"); return(0); }
-
-		i=0;
-		i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-		if (i < 0) { perror("keepalive"); return(0); }
-		*sock=s;
-
-#ifdef FIONBIO
-		BIO_socket_ioctl(s,FIONBIO,&l);
-#endif
-		}
-	else
-		s= *sock;
-
-	i=connect(s,(struct sockaddr *)&them,sizeof(them));
-	if (i == INVALID_SOCKET)
-		{
-		if (BIO_sock_should_retry(i))
-			return(-1);
-		else
-			return(0);
-		}
-	else
-		return(1);
-	}
-
-int do_server(port, ret, cb, context)
-int port;
-int *ret;
-int (*cb)();
-char *context;
-	{
-	int sock;
-	char *name;
-	int accept_socket;
-	int i;
-
-	if (!init_server(&accept_socket,port)) return(0);
-
-	if (ret != NULL)
-		{
-		*ret=accept_socket;
-		/* return(1);*/
-		}
-	for (;;)
-		{
-		if (do_accept(accept_socket,&sock,&name) == 0)
-			{
-			SHUTDOWN(accept_socket);
-			return(0);
-			}
-		i=(*cb)(name,sock, context);
-		if (name != NULL) Free(name);
-		SHUTDOWN2(sock);
-		if (i < 0)
-			{
-			SHUTDOWN2(accept_socket);
-			return(i);
-			}
-		}
-	}
-
-int init_server_long(sock, port, ip)
-int *sock;
-int port;
-char *ip;
-	{
-	int ret=0;
-	struct sockaddr_in server;
-	int s= -1,i;
-
-	if (!sock_init()) return(0);
-
-	memset((char *)&server,0,sizeof(server));
-	server.sin_family=AF_INET;
-	server.sin_port=htons((unsigned short)port);
-	if (ip == NULL)
-		server.sin_addr.s_addr=INADDR_ANY;
-	else
-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
-#ifndef BIT_FIELD_LIMITS
-		memcpy(&server.sin_addr.s_addr,ip,4);
-#else
-		memcpy(&server.sin_addr,ip,4);
-#endif
-	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-
-	if (s == INVALID_SOCKET) goto err;
-	if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
-		{
-#ifndef WINDOWS
-		perror("bind");
-#endif
-		goto err;
-		}
-	/* Make it 128 for linux */
-	if (listen(s,128) == -1) goto err;
-	i=0;
-	*sock=s;
-	ret=1;
-err:
-	if ((ret == 0) && (s != -1))
-		{
-		SHUTDOWN(s);
-		}
-	return(ret);
-	}
-
-int init_server(sock,port)
-int *sock;
-int port;
-	{
-	return(init_server_long(sock, port, NULL));
-	}
-
-int do_accept(acc_sock, sock, host)
-int acc_sock;
-int *sock;
-char **host;
-	{
-	int ret,i;
-	struct hostent *h1,*h2;
-	static struct sockaddr_in from;
-	int len;
-/*	struct linger ling; */
-
-	if (!sock_init()) return(0);
-
-#ifndef WINDOWS
-redoit:
-#endif
-
-	memset((char *)&from,0,sizeof(from));
-	len=sizeof(from);
-	ret=accept(acc_sock,(struct sockaddr *)&from,&len);
-	if (ret == INVALID_SOCKET)
-		{
-#ifdef WINDOWS
-		i=WSAGetLastError();
-		BIO_printf(bio_err,"accept error %d\n",i);
-#else
-		if (errno == EINTR)
-			{
-			/*check_timeout(); */
-			goto redoit;
-			}
-		fprintf(stderr,"errno=%d ",errno);
-		perror("accept");
-#endif
-		return(0);
-		}
-
-/*
-	ling.l_onoff=1;
-	ling.l_linger=0;
-	i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
-	if (i < 0) { perror("linger"); return(0); }
-	i=0;
-	i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-	if (i < 0) { perror("keepalive"); return(0); }
-*/
-
-	if (host == NULL) goto end;
-#ifndef BIT_FIELD_LIMITS
-	/* I should use WSAAsyncGetHostByName() under windows */
-	h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
-		sizeof(from.sin_addr.s_addr),AF_INET);
-#else
-	h1=gethostbyaddr((char *)&from.sin_addr,
-		sizeof(struct in_addr),AF_INET);
-#endif
-	if (h1 == NULL)
-		{
-		BIO_printf(bio_err,"bad gethostbyaddr\n");
-		*host=NULL;
-		/* return(0); */
-		}
-	else
-		{
-		if ((*host=(char *)Malloc(strlen(h1->h_name)+1)) == NULL)
-			{
-			perror("Malloc");
-			return(0);
-			}
-		strcpy(*host,h1->h_name);
-
-		h2=GetHostByName(*host);
-		if (h2 == NULL)
-			{
-			BIO_printf(bio_err,"gethostbyname failure\n");
-			return(0);
-			}
-		i=0;
-		if (h2->h_addrtype != AF_INET)
-			{
-			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
-			return(0);
-			}
-		}
-end:
-	*sock=ret;
-	return(1);
-	}
-
-int extract_host_port(str,host_ptr,ip,port_ptr)
-char *str;
-char **host_ptr;
-unsigned char *ip;
-short *port_ptr;
-	{
-	char *h,*p;
-
-	h=str;
-	p=strchr(str,':');
-	if (p == NULL)
-		{
-		BIO_printf(bio_err,"no port defined\n");
-		return(0);
-		}
-	*(p++)='\0';
-
-	if ((ip != NULL) && !host_ip(str,ip))
-		goto err;
-	if (host_ptr != NULL) *host_ptr=h;
-
-	if (!extract_port(p,port_ptr))
-		goto err;
-	return(1);
-err:
-	return(0);
-	}
-
-int host_ip(str,ip)
-char *str;
-unsigned char ip[4];
-	{
-	unsigned int in[4]; 
-	int i;
-
-	if (sscanf(str,"%d.%d.%d.%d",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
-		{
-		for (i=0; i<4; i++)
-			if (in[i] > 255)
-				{
-				BIO_printf(bio_err,"invalid IP address\n");
-				goto err;
-				}
-		ip[0]=in[0];
-		ip[1]=in[1];
-		ip[2]=in[2];
-		ip[3]=in[3];
-		}
-	else
-		{ /* do a gethostbyname */
-		struct hostent *he;
-
-		if (!sock_init()) return(0);
-
-		he=GetHostByName(str);
-		if (he == NULL)
-			{
-			BIO_printf(bio_err,"gethostbyname failure\n");
-			goto err;
-			}
-		/* cast to short because of win16 winsock definition */
-		if ((short)he->h_addrtype != AF_INET)
-			{
-			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
-			return(0);
-			}
-		ip[0]=he->h_addr_list[0][0];
-		ip[1]=he->h_addr_list[0][1];
-		ip[2]=he->h_addr_list[0][2];
-		ip[3]=he->h_addr_list[0][3];
-		}
-	return(1);
-err:
-	return(0);
-	}
-
-int extract_port(str,port_ptr)
-char *str;
-short *port_ptr;
-	{
-	int i;
-	struct servent *s;
-
-	i=atoi(str);
-	if (i != 0)
-		*port_ptr=(unsigned short)i;
-	else
-		{
-		s=getservbyname(str,"tcp");
-		if (s == NULL)
-			{
-			BIO_printf(bio_err,"getservbyname failure for %s\n",str);
-			return(0);
-			}
-		*port_ptr=ntohs((unsigned short)s->s_port);
-		}
-	return(1);
-	}
-
-#define GHBN_NUM	4
-static struct ghbn_cache_st
-	{
-	char name[128];
-	struct hostent ent;
-	unsigned long order;
-	} ghbn_cache[GHBN_NUM];
-
-static unsigned long ghbn_hits=0L;
-static unsigned long ghbn_miss=0L;
-
-static struct hostent *GetHostByName(name)
-char *name;
-	{
-	struct hostent *ret;
-	int i,lowi=0;
-	unsigned long low= (unsigned long)-1;
-
-	for (i=0; i<GHBN_NUM; i++)
-		{
-		if (low > ghbn_cache[i].order)
-			{
-			low=ghbn_cache[i].order;
-			lowi=i;
-			}
-		if (ghbn_cache[i].order > 0)
-			{
-			if (strncmp(name,ghbn_cache[i].name,128) == 0)
-				break;
-			}
-		}
-	if (i == GHBN_NUM) /* no hit*/
-		{
-		ghbn_miss++;
-		ret=gethostbyname(name);
-		if (ret == NULL) return(NULL);
-		/* else add to cache */
-		strncpy(ghbn_cache[lowi].name,name,128);
-		memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
-		ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
-		return(ret);
-		}
-	else
-		{
-		ghbn_hits++;
-		ret= &(ghbn_cache[i].ent);
-		ghbn_cache[i].order=ghbn_miss+ghbn_hits;
-		return(ret);
-		}
-	}
-
-#ifndef MSDOS
-int spawn(argc, argv, in, out)
-int argc;
-char **argv;
-int *in;
-int *out;
-	{
-	int pid;
-#define CHILD_READ	p1[0]
-#define CHILD_WRITE	p2[1]
-#define PARENT_READ	p2[0]
-#define PARENT_WRITE	p1[1]
-	int p1[2],p2[2];
-
-	if ((pipe(p1) < 0) || (pipe(p2) < 0)) return(-1);
-
-	if ((pid=fork()) == 0)
-		{ /* child */
-		if (dup2(CHILD_WRITE,fileno(stdout)) < 0)
-			perror("dup2");
-		if (dup2(CHILD_WRITE,fileno(stderr)) < 0)
-			perror("dup2");
-		if (dup2(CHILD_READ,fileno(stdin)) < 0)
-			perror("dup2");
-		close(CHILD_READ); 
-		close(CHILD_WRITE);
-
-		close(PARENT_READ);
-		close(PARENT_WRITE);
-		execvp(argv[0],argv);
-		perror("child");
-		exit(1);
-		}
-
-	/* parent */
-	*in= PARENT_READ;
-	*out=PARENT_WRITE;
-	close(CHILD_READ);
-	close(CHILD_WRITE);
-	return(pid);
-	}
-#endif /* MSDOS */
-
-
-#ifdef undef
-	/* Turn on synchronous sockets so that we can do a WaitForMultipleObjects
-	 * on sockets */
-	{
-	SOCKET s;
-	int optionValue = SO_SYNCHRONOUS_NONALERT;
-	int err;
-
-	err = setsockopt( 
-	    INVALID_SOCKET, 
-	    SOL_SOCKET, 
-	    SO_OPENTYPE, 
-	    (char *)&optionValue, 
-	    sizeof(optionValue));
-	if (err != NO_ERROR) {
-	/* failed for some reason... */
-		BIO_printf(bio_err, "failed to setsockopt(SO_OPENTYPE, SO_SYNCHRONOUS_ALERT) - %d\n",
-			WSAGetLastError());
-		}
-	}
-#endif

apps/s_time.c

@@ -1,704 +0,0 @@
-/* apps/s_time.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define NO_SHUTDOWN
-
-/*-----------------------------------------
-   s_time - SSL client connection timer program
-   Written and donated by Larry Streepy <streepy@healthcare.com>
-  -----------------------------------------*/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef NO_STDIO
-#define APPS_WIN16
-#endif
-#include "x509.h"
-#include "ssl.h"
-#include "pem.h"
-#define USE_SOCKETS
-#include "apps.h"
-#include "s_apps.h"
-#include "err.h"
-#ifdef WIN32_STUFF
-#include "winmain.h"
-#include "wintext.h"
-#endif
-
-#ifndef MSDOS
-#define TIMES
-#endif
-
-#ifndef VMS
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-#else /* VMS */
-#include <types.h>
-struct tms {
-	time_t tms_utime;
-	time_t tms_stime;
-	time_t tms_uchild;	/* I dunno...  */
-	time_t tms_uchildsys;	/* so these names are a guess :-) */
-	}
-#endif
-#ifndef TIMES
-#include <sys/timeb.h>
-#endif
-
-#ifdef _AIX
-#include <sys/select.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-/* The following if from times(3) man page.  It may need to be changed
-*/
-#ifndef HZ
-#ifndef CLK_TCK
-#ifndef VMS
-#define HZ      100.0
-#else /* VMS */
-#define HZ      100.0
-#endif
-#else /* CLK_TCK */
-#define HZ ((double)CLK_TCK)
-#endif
-#endif
-
-#undef PROG
-#define PROG s_time_main
-
-#define ioctl ioctlsocket
-
-#define SSL_CONNECT_NAME	"localhost:4433"
-
-/*#define TEST_CERT "client.pem" */ /* no default cert. */
-
-#undef BUFSIZZ
-#define BUFSIZZ 1024*10
-
-#define min(a,b) (((a) < (b)) ? (a) : (b))
-#define max(a,b) (((a) > (b)) ? (a) : (b))
-
-#undef SECONDS
-#define SECONDS	30
-extern int verify_depth;
-extern int verify_error;
-
-#ifndef NOPROTO
-static void s_time_usage(void);
-static int parseArgs( int argc, char **argv );
-static SSL *doConnection( SSL *scon );
-static void s_time_init(void);
-#else
-static void s_time_usage();
-static int parseArgs();
-static SSL *doConnection();
-static void s_time_init();
-#endif
-
-
-/***********************************************************************
- * Static data declarations
- */
-
-/* static char *port=PORT_STR;*/
-static char *host=SSL_CONNECT_NAME;
-static char *t_cert_file=NULL;
-static char *t_key_file=NULL;
-static char *CApath=NULL;
-static char *CAfile=NULL;
-static char *tm_cipher=NULL;
-static int tm_verify = SSL_VERIFY_NONE;
-static int maxTime = SECONDS;
-static SSL_CTX *tm_ctx=NULL;
-static SSL_METHOD *s_time_meth=NULL;
-static char *s_www_path=NULL;
-static long bytes_read=0; 
-static int st_bugs=0;
-static int perform=0;
-#ifdef FIONBIO
-static int t_nbio=0;
-#endif
-#ifdef WIN32
-static int exitNow = 0;		/* Set when it's time to exit main */
-#endif
-
-static void s_time_init()
-	{
-	host=SSL_CONNECT_NAME;
-	t_cert_file=NULL;
-	t_key_file=NULL;
-	CApath=NULL;
-	CAfile=NULL;
-	tm_cipher=NULL;
-	tm_verify = SSL_VERIFY_NONE;
-	maxTime = SECONDS;
-	tm_ctx=NULL;
-	s_time_meth=NULL;
-	s_www_path=NULL;
-	bytes_read=0; 
-	st_bugs=0;
-	perform=0;
-
-#ifdef FIONBIO
-	t_nbio=0;
-#endif
-#ifdef WIN32
-	exitNow = 0;		/* Set when it's time to exit main */
-#endif
-	}
-
-/***********************************************************************
- * usage - display usage message
- */
-static void s_time_usage()
-{
-	static char umsg[] = "\
--time arg     - max number of seconds to collect data, default %d\n\
--verify arg   - turn on peer certificate verification, arg == depth\n\
--cert arg     - certificate file to use, PEM format assumed\n\
--key arg      - RSA file to use, PEM format assumed, key is in cert file\n\
-                file if not specified by this option\n\
--CApath arg   - PEM format directory of CA's\n\
--CAfile arg   - PEM format file of CA's\n\
--cipher       - prefered cipher to use, play with 'openssl ciphers'\n\n";
-
-	printf( "usage: s_time <args>\n\n" );
-
-	printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME);
-#ifdef FIONBIO
-	printf("-nbio         - Run with non-blocking IO\n");
-	printf("-ssl2         - Just use SSLv2\n");
-	printf("-ssl3         - Just use SSLv3\n");
-	printf("-bugs         - Turn on SSL bug compatability\n");
-	printf("-new          - Just time new connections\n");
-	printf("-reuse        - Just time connection reuse\n");
-	printf("-www page     - Retrieve 'page' from the site\n");
-#endif
-	printf( umsg,SECONDS );
-}
-
-/***********************************************************************
- * parseArgs - Parse command line arguments and initialize data
- *
- * Returns 0 if ok, -1 on bad args
- */
-static int parseArgs(argc,argv)
-int argc;
-char **argv;
-{
-    int badop = 0;
-
-    verify_depth=0;
-    verify_error=X509_V_OK;
-#ifdef FIONBIO
-    t_nbio=0;
-#endif
-
-	apps_startup();
-	s_time_init();
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-    argc--;
-    argv++;
-
-    while (argc >= 1) {
-	if (strcmp(*argv,"-connect") == 0)
-		{
-		if (--argc < 1) goto bad;
-		host= *(++argv);
-		}
-#if 0
-	else if( strcmp(*argv,"-host") == 0)
-		{
-		if (--argc < 1) goto bad;
-		host= *(++argv);
-		}
-	else if( strcmp(*argv,"-port") == 0)
-		{
-		if (--argc < 1) goto bad;
-		port= *(++argv);
-		}
-#endif
-	else if (strcmp(*argv,"-reuse") == 0)
-		perform=2;
-	else if (strcmp(*argv,"-new") == 0)
-		perform=1;
-	else if( strcmp(*argv,"-verify") == 0) {
-
-	    tm_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
-	    if (--argc < 1) goto bad;
-	    verify_depth=atoi(*(++argv));
-	    BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
-
-	} else if( strcmp(*argv,"-cert") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    t_cert_file= *(++argv);
-
-	} else if( strcmp(*argv,"-key") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    t_key_file= *(++argv);
-
-	} else if( strcmp(*argv,"-CApath") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    CApath= *(++argv);
-
-	} else if( strcmp(*argv,"-CAfile") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    CAfile= *(++argv);
-
-	} else if( strcmp(*argv,"-cipher") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    tm_cipher= *(++argv);
-	}
-#ifdef FIONBIO
-	else if(strcmp(*argv,"-nbio") == 0) {
-	    t_nbio=1;
-	}
-#endif
-	else if(strcmp(*argv,"-www") == 0)
-		{
-		if (--argc < 1) goto bad;
-		s_www_path= *(++argv);
-		}
-	else if(strcmp(*argv,"-bugs") == 0)
-	    st_bugs=1;
-#ifndef NO_SSL2
-	else if(strcmp(*argv,"-ssl2") == 0)
-	    s_time_meth=SSLv2_client_method();
-#endif
-#ifndef NO_SSL3
-	else if(strcmp(*argv,"-ssl3") == 0)
-	    s_time_meth=SSLv3_client_method();
-#endif
-	else if( strcmp(*argv,"-time") == 0) {
-
-	    if (--argc < 1) goto bad;
-	    maxTime= atoi(*(++argv));
-	}
-	else {
-	    BIO_printf(bio_err,"unknown option %s\n",*argv);
-	    badop=1;
-	    break;
-	}
-
-	argc--;
-	argv++;
-    }
-
-    if (perform == 0) perform=3;
-
-    if(badop) {
-bad:
-		s_time_usage();
-		return -1;
-    }
-
-	return 0;			/* Valid args */
-}
-
-/***********************************************************************
- * TIME - time functions
- */
-#define START	0
-#define STOP	1
-
-static double tm_Time_F(s)
-int s;
-	{
-	static double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if(s == START) {
-		times(&tstart);
-		return(0);
-	} else {
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
-	}
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if(s == START) {
-		ftime(&tstart);
-		return(0);
-	} else {
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-		return((ret == 0.0)?1e-6:ret);
-	}
-#endif
-}
-
-/***********************************************************************
- * MAIN - main processing area for client
- *			real name depends on MONOLITH
- */
-int
-MAIN(argc,argv)
-int argc;
-char **argv;
-	{
-	double totalTime = 0.0;
-	int nConn = 0;
-	SSL *scon=NULL;
-	long finishtime=0;
-	int ret=1,i;
-	MS_STATIC char buf[1024*8];
-	int ver;
-
-#if !defined(NO_SSL2) && !defined(NO_SSL3)
-	s_time_meth=SSLv23_client_method();
-#elif !defined(NO_SSL3)
-	s_time_meth=SSLv3_client_method();
-#elif !defined(NO_SSL2)
-	s_time_meth=SSLv2_client_method();
-#endif
-
-	/* parse the command line arguments */
-	if( parseArgs( argc, argv ) < 0 )
-		goto end;
-
-	SSLeay_add_ssl_algorithms();
-	if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1);
-
-	SSL_CTX_set_quiet_shutdown(tm_ctx,1);
-
-	if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL);
-	SSL_CTX_set_cipher_list(tm_ctx,tm_cipher);
-	if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file)) 
-		goto end;
-
-	SSL_load_error_strings();
-
-	if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(tm_ctx)))
-		{
-		/* BIO_printf(bio_err,"error seting default verify locations\n"); */
-		ERR_print_errors(bio_err);
-		/* goto end; */
-		}
-
-	if (tm_cipher == NULL)
-		tm_cipher = getenv("SSL_CIPHER");
-
-	if (tm_cipher == NULL ) {
-		fprintf( stderr, "No CIPHER specified\n" );
-/*		EXIT(1); */
-	}
-
-	if (!(perform & 1)) goto next;
-	printf( "Collecting connection statistics for %d seconds\n", maxTime );
-
-	/* Loop and time how long it takes to make connections */
-
-	bytes_read=0;
-	finishtime=(long)time(NULL)+maxTime;
-	tm_Time_F(START);
-	for (;;)
-		{
-		if (finishtime < time(NULL)) break;
-#ifdef WIN32_STUFF
-
-		if( flushWinMsgs(0) == -1 )
-			goto end;
-
-		if( waitingToDie || exitNow )		/* we're dead */
-			goto end;
-#endif
-
-		if( (scon = doConnection( NULL )) == NULL )
-			goto end;
-
-		if (s_www_path != NULL)
-			{
-			sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-			SSL_write(scon,buf,strlen(buf));
-			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
-				bytes_read+=i;
-			}
-
-#ifdef NO_SHUTDOWN
-		SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-		SSL_shutdown(scon);
-#endif
-		SHUTDOWN2(SSL_get_fd(scon));
-
-		nConn += 1;
-		if (SSL_session_reused(scon))
-			ver='r';
-		else
-			{
-			ver=SSL_version(scon);
-			if (ver == TLS1_VERSION)
-				ver='t';
-			else if (ver == SSL3_VERSION)
-				ver='3';
-			else if (ver == SSL2_VERSION)
-				ver='2';
-			else
-				ver='*';
-			}
-		fputc(ver,stdout);
-		fflush(stdout);
-
-		SSL_free( scon );
-		scon=NULL;
-		}
-	totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
-
-	i=(int)(time(NULL)-finishtime+maxTime);
-	printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
-	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn);
-
-	/* Now loop and time connections using the same session id over and over */
-
-next:
-	if (!(perform & 2)) goto end;
-	printf( "\n\nNow timing with session id reuse.\n" );
-
-	/* Get an SSL object so we can reuse the session id */
-	if( (scon = doConnection( NULL )) == NULL )
-		{
-		fprintf( stderr, "Unable to get connection\n" );
-		goto end;
-		}
-
-	if (s_www_path != NULL)
-		{
-		sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-		SSL_write(scon,buf,strlen(buf));
-		while (SSL_read(scon,buf,sizeof(buf)) > 0)
-			;
-		}
-#ifdef NO_SHUTDOWN
-	SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-	SSL_shutdown(scon);
-#endif
-	SHUTDOWN2(SSL_get_fd(scon));
-
-	nConn = 0;
-	totalTime = 0.0;
-
-	finishtime=time(NULL)+maxTime;
-
-	printf( "starting\n" );
-	bytes_read=0;
-	tm_Time_F(START);
-		
-	for (;;)
-		{
-		if (finishtime < time(NULL)) break;
-
-#ifdef WIN32_STUFF
-		if( flushWinMsgs(0) == -1 )
-			goto end;
-
-		if( waitingToDie || exitNow )	/* we're dead */
-			goto end;
-#endif
-
-	 	if( (doConnection( scon )) == NULL )
-			goto end;
-
-		if (s_www_path)
-			{
-			sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-			SSL_write(scon,buf,strlen(buf));
-			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
-				bytes_read+=i;
-			}
-
-#ifdef NO_SHUTDOWN
-		SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-#else
-		SSL_shutdown(scon);
-#endif
-		SHUTDOWN2(SSL_get_fd(scon));
-	
-		nConn += 1;
-		if (SSL_session_reused(scon))
-			ver='r';
-		else
-			{
-			ver=SSL_version(scon);
-			if (ver == TLS1_VERSION)
-				ver='t';
-			else if (ver == SSL3_VERSION)
-				ver='3';
-			else if (ver == SSL2_VERSION)
-				ver='2';
-			else
-				ver='*';
-			}
-		fputc(ver,stdout);
-		fflush(stdout);
-		}
-	totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/
-
-
-	printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
-	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn);
-
-	ret=0;
-end:
-	if (scon != NULL) SSL_free(scon);
-
-	if (tm_ctx != NULL)
-		{
-		SSL_CTX_free(tm_ctx);
-		tm_ctx=NULL;
-		}
-	EXIT(ret);
-	}
-
-/***********************************************************************
- * doConnection - make a connection
- * Args:
- *		scon	= earlier ssl connection for session id, or NULL
- * Returns:
- *		SSL *	= the connection pointer.
- */
-static SSL *
-doConnection(scon)
-SSL *scon;
-	{
-	BIO *conn;
-	SSL *serverCon;
-	int width, i;
-	fd_set readfds;
-
-	if ((conn=BIO_new(BIO_s_connect())) == NULL)
-		return(NULL);
-
-/*	BIO_set_conn_port(conn,port);*/
-	BIO_set_conn_hostname(conn,host);
-
-	if (scon == NULL)
-		serverCon=(SSL *)SSL_new(tm_ctx);
-	else
-		{
-		serverCon=scon;
-		SSL_set_connect_state(serverCon);
-		}
-
-	SSL_set_bio(serverCon,conn,conn);
-
-#if 0
-	if( scon != NULL )
-		SSL_set_session(serverCon,SSL_get_session(scon));
-#endif
-
-	/* ok, lets connect */
-	for(;;) {
-		i=SSL_connect(serverCon);
-		if (BIO_sock_should_retry(i))
-			{
-			BIO_printf(bio_err,"DELAY\n");
-
-			i=SSL_get_fd(serverCon);
-			width=i+1;
-			FD_ZERO(&readfds);
-			FD_SET(i,&readfds);
-			select(width,&readfds,NULL,NULL,NULL);
-			continue;
-			}
-		break;
-		}
-	if(i <= 0)
-		{
-		BIO_printf(bio_err,"ERROR\n");
-		if (verify_error != X509_V_OK)
-			BIO_printf(bio_err,"verify error:%s\n",
-				X509_verify_cert_error_string(verify_error));
-		else
-			ERR_print_errors(bio_err);
-		if (scon == NULL)
-			SSL_free(serverCon);
-		return NULL;
-		}
-
-	return serverCon;
-	}
-
-

apps/sc.c

@@ -1,784 +0,0 @@
-/* apps/s_client.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#define USE_SOCKETS
-#ifdef NO_STDIO
-#define APPS_WIN16
-#endif
-#include "apps.h"
-#include "x509.h"
-#include "ssl.h"
-#include "err.h"
-#include "pem.h"
-#include "s_apps.h"
-
-#ifdef WINDOWS
-/* Most of the #if(n)def WINDOWS put in by Gerrit van Niekerk 
-   <gerritvn@osi.co.za> to support the keyboard under Windows.
-   Tested using Win95, *should* work with NT and Win3.x
-*/
-#include <conio.h>
-#endif
-
-#undef PROG
-#define PROG	s_client_main
-
-/*#define SSL_HOST_NAME	"www.netscape.com" */
-/*#define SSL_HOST_NAME	"193.118.187.102" */
-#define SSL_HOST_NAME	"localhost"
-
-/*#define TEST_CERT "client.pem" */ /* no default cert. */
-
-#undef BUFSIZZ
-#define BUFSIZZ 1024*8
-
-extern int verify_depth;
-extern int verify_error;
-
-#ifdef FIONBIO
-static int c_nbio=0;
-#endif
-static int c_Pause=0;
-static int c_debug=0;
-
-#ifndef NOPROTO
-static void sc_usage(void);
-static void print_stuff(BIO *berr,SSL *con,int full);
-#else
-static void sc_usage();
-static void print_stuff();
-#endif
-
-static BIO *bio_c_out=NULL;
-static int c_quiet=0;
-
-static void sc_usage()
-	{
-	BIO_printf(bio_err,"usage: client args\n");
-	BIO_printf(bio_err,"\n");
-	BIO_printf(bio_err," -host host     - use -connect instead\n");
-	BIO_printf(bio_err," -port port     - use -connect instead\n");
-	BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
-
-	BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
-	BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");
-	BIO_printf(bio_err," -key arg      - Private key file to use, PEM format assumed, in cert file if\n");
-	BIO_printf(bio_err,"                 not specified but cert file is.\n");
-	BIO_printf(bio_err," -CApath arg   - PEM format directory of CA's\n");
-	BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
-	BIO_printf(bio_err," -reconnect    - Drop and re-make the connection with the same Session-ID\n");
-	BIO_printf(bio_err," -pause        - sleep(1) after each read(2) and write(2) system call\n");
-	BIO_printf(bio_err," -debug        - extra output\n");
-	BIO_printf(bio_err," -nbio_test    - more ssl protocol testing\n");
-	BIO_printf(bio_err," -state        - print the 'ssl' states\n");
-#ifdef FIONBIO
-	BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
-#endif
-	BIO_printf(bio_err," -quiet        - no s_client output\n");
-	BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
-	BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
-	BIO_printf(bio_err," -tls1         - just use TLSv1\n");
-	BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
-	BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
-	BIO_printf(bio_err," -cipher       - prefered cipher to use, use the 'openssl ciphers'\n");
-	BIO_printf(bio_err,"                 command to see what is available\n");
-
-	}
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	int off=0;
-	SSL *con=NULL,*con2=NULL;
-	int s,k,width,state=0;
-	char *cbuf=NULL,*sbuf=NULL;
-	int cbuf_len,cbuf_off;
-	int sbuf_len,sbuf_off;
-	fd_set readfds,writefds;
-	short port=PORT;
-	int full_log=1;
-	char *host=SSL_HOST_NAME;
-	char *cert_file=NULL,*key_file=NULL;
-	char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
-	int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
-	int write_tty,read_tty,write_ssl,read_ssl,tty_on;
-	SSL_CTX *ctx=NULL;
-	int ret=1,in_init=1,i,nbio_test=0;
-	SSL_METHOD *meth=NULL;
-	BIO *sbio;
-	/*static struct timeval timeout={10,0};*/
-
-#if !defined(NO_SSL2) && !defined(NO_SSL3)
-	meth=SSLv23_client_method();
-#elif !defined(NO_SSL3)
-	meth=SSLv3_client_method();
-#elif !defined(NO_SSL2)
-	meth=SSLv2_client_method();
-#endif
-
-	apps_startup();
-	c_Pause=0;
-	c_quiet=0;
-	c_debug=0;
-
-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-
-	if (	((cbuf=Malloc(BUFSIZZ)) == NULL) ||
-		((sbuf=Malloc(BUFSIZZ)) == NULL))
-		{
-		BIO_printf(bio_err,"out of memory\n");
-		goto end;
-		}
-
-	verify_depth=0;
-	verify_error=X509_V_OK;
-#ifdef FIONBIO
-	c_nbio=0;
-#endif
-#ifdef WINDOWS
-	c_nbio = 1;
-#endif
-
-	argc--;
-	argv++;
-	while (argc >= 1)
-		{
-		if	(strcmp(*argv,"-host") == 0)
-			{
-			if (--argc < 1) goto bad;
-			host= *(++argv);
-			}
-		else if	(strcmp(*argv,"-port") == 0)
-			{
-			if (--argc < 1) goto bad;
-			port=atoi(*(++argv));
-			if (port == 0) goto bad;
-			}
-		else if (strcmp(*argv,"-connect") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!extract_host_port(*(++argv),&host,NULL,&port))
-				goto bad;
-			}
-		else if	(strcmp(*argv,"-verify") == 0)
-			{
-			verify=SSL_VERIFY_PEER;
-			if (--argc < 1) goto bad;
-			verify_depth=atoi(*(++argv));
-			BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
-			}
-		else if	(strcmp(*argv,"-cert") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cert_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-quiet") == 0)
-			c_quiet=1;
-		else if	(strcmp(*argv,"-pause") == 0)
-			c_Pause=1;
-		else if	(strcmp(*argv,"-debug") == 0)
-			c_debug=1;
-		else if	(strcmp(*argv,"-nbio_test") == 0)
-			nbio_test=1;
-		else if	(strcmp(*argv,"-state") == 0)
-			state=1;
-#ifndef NO_SSL2
-		else if	(strcmp(*argv,"-ssl2") == 0)
-			meth=SSLv2_client_method();
-#endif
-#ifndef NO_SSL3
-		else if	(strcmp(*argv,"-ssl3") == 0)
-			meth=SSLv3_client_method();
-#endif
-#ifndef NO_TLS1
-		else if	(strcmp(*argv,"-tls1") == 0)
-			meth=TLSv1_client_method();
-#endif
-		else if (strcmp(*argv,"-bugs") == 0)
-			bugs=1;
-		else if	(strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			key_file= *(++argv);
-			}
-		else if	(strcmp(*argv,"-reconnect") == 0)
-			{
-			reconnect=5;
-			}
-		else if	(strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CApath= *(++argv);
-			}
-		else if	(strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			CAfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-no_tls1") == 0)
-			off|=SSL_OP_NO_TLSv1;
-		else if (strcmp(*argv,"-no_ssl3") == 0)
-			off|=SSL_OP_NO_SSLv3;
-		else if (strcmp(*argv,"-no_ssl2") == 0)
-			off|=SSL_OP_NO_SSLv2;
-		else if	(strcmp(*argv,"-cipher") == 0)
-			{
-			if (--argc < 1) goto bad;
-			cipher= *(++argv);
-			}
-#ifdef FIONBIO
-		else if (strcmp(*argv,"-nbio") == 0)
-			{ c_nbio=1; }
-#endif
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badop=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-	if (badop)
-		{
-bad:
-		sc_usage();
-		goto end;
-		}
-
-	if (bio_c_out == NULL)
-		{
-		if (c_quiet)
-			{
-			bio_c_out=BIO_new(BIO_s_null());
-			}
-		else
-			{
-			if (bio_c_out == NULL)
-				bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE);
-			}
-		}
-
-	SSLeay_add_ssl_algorithms();
-	ctx=SSL_CTX_new(meth);
-	if (ctx == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (bugs)
-		SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
-	else
-		SSL_CTX_set_options(ctx,off);
-
-	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
-	if (cipher != NULL)
-		SSL_CTX_set_cipher_list(ctx,cipher);
-#if 0
-	else
-		SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER"));
-#endif
-
-	SSL_CTX_set_verify(ctx,verify,verify_callback);
-	if (!set_cert_stuff(ctx,cert_file,key_file))
-		goto end;
-
-	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(ctx)))
-		{
-		/* BIO_printf(bio_err,"error seting default verify locations\n"); */
-		ERR_print_errors(bio_err);
-		/* goto end; */
-		}
-
-	SSL_load_error_strings();
-
-	con=(SSL *)SSL_new(ctx);
-/*	SSL_set_cipher_list(con,"RC4-MD5"); */
-
-re_start:
-
-	if (init_client(&s,host,port) == 0)
-		{
-		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
-		SHUTDOWN(s);
-		goto end;
-		}
-	BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s);
-
-#ifdef FIONBIO
-	if (c_nbio)
-		{
-		unsigned long l=1;
-		BIO_printf(bio_c_out,"turning on non blocking io\n");
-		if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-#endif                                              
-	if (c_Pause & 0x01) con->debug=1;
-	sbio=BIO_new_socket(s,BIO_NOCLOSE);
-
-	if (nbio_test)
-		{
-		BIO *test;
-
-		test=BIO_new(BIO_f_nbio_test());
-		sbio=BIO_push(test,sbio);
-		}
-
-	if (c_debug)
-		{
-		con->debug=1;
-		BIO_set_callback(sbio,bio_dump_cb);
-		BIO_set_callback_arg(sbio,bio_c_out);
-		}
-
-	SSL_set_bio(con,sbio,sbio);
-	SSL_set_connect_state(con);
-
-	/* ok, lets connect */
-	width=SSL_get_fd(con)+1;
-
-	read_tty=1;
-	write_tty=0;
-	tty_on=0;
-	read_ssl=1;
-	write_ssl=1;
-	
-	cbuf_len=0;
-	cbuf_off=0;
-	sbuf_len=0;
-	sbuf_off=0;
-
-	for (;;)
-		{
-		FD_ZERO(&readfds);
-		FD_ZERO(&writefds);
-
-		if (SSL_in_init(con) && !SSL_total_renegotiations(con))
-			{
-			in_init=1;
-			tty_on=0;
-			}
-		else
-			{
-			tty_on=1;
-			if (in_init)
-				{
-				in_init=0;
-				print_stuff(bio_c_out,con,full_log);
-				if (full_log > 0) full_log--;
-
-				if (reconnect)
-					{
-					reconnect--;
-					BIO_printf(bio_c_out,"drop connection and then reconnect\n");
-					SSL_shutdown(con);
-					SSL_set_connect_state(con);
-					SHUTDOWN(SSL_get_fd(con));
-					goto re_start;
-					}
-				}
-			}
-
-#ifndef WINDOWS
-		if (tty_on)
-			{
-			if (read_tty)  FD_SET(fileno(stdin),&readfds);
-			if (write_tty) FD_SET(fileno(stdout),&writefds);
-			}
-#endif
-		if (read_ssl)
-			FD_SET(SSL_get_fd(con),&readfds);
-		if (write_ssl)
-			FD_SET(SSL_get_fd(con),&writefds);
-
-/*		printf("mode tty(%d %d%d) ssl(%d%d)\n",
-			tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
-
-#ifndef WINDOWS
-		i=select(width,&readfds,&writefds,NULL,NULL);
-		if ( i < 0)
-			{
-			BIO_printf(bio_err,"bad select %d\n",
-				get_last_socket_error());
-			goto shut;
-			/* goto end; */
-			}
-
-		if (FD_ISSET(SSL_get_fd(con),&writefds))
-#else
-		if (write_ssl)
-#endif
-			{
-			k=SSL_write(con,&(cbuf[cbuf_off]),
-				(unsigned int)cbuf_len);
-			switch (SSL_get_error(con,k))
-				{
-			case SSL_ERROR_NONE:
-				cbuf_off+=k;
-				cbuf_len-=k;
-				if (k <= 0) goto end;
-				/* we have done a  write(con,NULL,0); */
-				if (cbuf_len <= 0)
-					{
-					read_tty=1;
-					write_ssl=0;
-					}
-				else /* if (cbuf_len > 0) */
-					{
-					read_tty=0;
-					write_ssl=1;
-					}
-				break;
-			case SSL_ERROR_WANT_WRITE:
-#ifndef WINDOWS
-				BIO_printf(bio_c_out,"write W BLOCK\n");
-#endif
-				write_ssl=1;
-				read_tty=0;
-				break;
-			case SSL_ERROR_WANT_READ:
-#ifndef WINDOWS
-				BIO_printf(bio_c_out,"write R BLOCK\n");
-#endif
-				write_tty=0;
-				read_ssl=1;
-				write_ssl=0;
-				break;
-			case SSL_ERROR_WANT_X509_LOOKUP:
-				BIO_printf(bio_c_out,"write X BLOCK\n");
-				break;
-			case SSL_ERROR_ZERO_RETURN:
-				if (cbuf_len != 0)
-					{
-					BIO_printf(bio_c_out,"shutdown\n");
-					goto shut;
-					}
-				else
-					{
-					read_tty=1;
-					write_ssl=0;
-					break;
-					}
-				
-			case SSL_ERROR_SYSCALL:
-				if ((k != 0) || (cbuf_len != 0))
-					{
-					BIO_printf(bio_err,"write:errno=%d\n",
-						get_last_socket_error());
-					goto shut;
-					}
-				else
-					{
-					read_tty=1;
-					write_ssl=0;
-					}
-				break;
-			case SSL_ERROR_SSL:
-				ERR_print_errors(bio_err);
-				goto shut;
-				}
-			}
-#ifndef WINDOWS
-		else if (FD_ISSET(fileno(stdout),&writefds))
-#else
-		else if (tty_on && write_tty)
-#endif
-			{
-			i=write(fileno(stdout),&(sbuf[sbuf_off]),sbuf_len);
-
-			if (i <= 0)
-				{
-				BIO_printf(bio_c_out,"DONE\n");
-				goto shut;
-				/* goto end; */
-				}
-
-			sbuf_len-=i;;
-			sbuf_off+=i;
-			if (sbuf_len <= 0)
-				{
-				read_ssl=1;
-				write_tty=0;
-				}
-			}
-#ifndef WINDOWS
-		else if (FD_ISSET(SSL_get_fd(con),&readfds))
-#else
-		if (read_ssl)
-#endif
-			{
-#ifdef RENEG
-{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
-#endif
-			k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
-
-			switch (SSL_get_error(con,k))
-				{
-			case SSL_ERROR_NONE:
-				if (k <= 0)
-					goto end;
-				sbuf_off=0;
-				sbuf_len=k;
-
-				read_ssl=0;
-				write_tty=1;
-				break;
-			case SSL_ERROR_WANT_WRITE:
-#ifndef WINDOWS
-				BIO_printf(bio_c_out,"read W BLOCK\n");
-#endif
-				write_ssl=1;
-				read_tty=0;
-				break;
-			case SSL_ERROR_WANT_READ:
-#ifndef WINDOWS
-				BIO_printf(bio_c_out,"read R BLOCK\n");
-#endif
-				write_tty=0;
-				read_ssl=1;
-				if ((read_tty == 0) && (write_ssl == 0))
-					write_ssl=1;
-				break;
-			case SSL_ERROR_WANT_X509_LOOKUP:
-				BIO_printf(bio_c_out,"read X BLOCK\n");
-				break;
-			case SSL_ERROR_SYSCALL:
-				BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
-				goto shut;
-			case SSL_ERROR_ZERO_RETURN:
-				BIO_printf(bio_c_out,"closed\n");
-				goto shut;
-			case SSL_ERROR_SSL:
-				ERR_print_errors(bio_err);
-				goto shut;
-				break;
-				}
-			}
-
-#ifndef WINDOWS
-		else if (FD_ISSET(fileno(stdin),&readfds))
-			{
-			i=read(fileno(stdin),cbuf,BUFSIZZ);
-#else
-		if (tty_on && read_tty && _kbhit())
-			{
-			i = 1;
-			cbuf[0] = _getch();
-#endif
-
-			if ((!c_quiet) && ((i <= 0) || (cbuf[0] == 'Q')))
-				{
-				BIO_printf(bio_err,"DONE\n");
-				goto shut;
-				}
-
-			if ((!c_quiet) && (cbuf[0] == 'R'))
-				{
-				SSL_renegotiate(con);
-				read_tty=0;
-				write_ssl=1;
-				}
-			else
-				{
-				cbuf_len=i;
-				cbuf_off=0;
-				}
-
-			read_tty=0;
-			write_ssl=1;
-			}
-		}
-shut:
-	SSL_shutdown(con);
-	SHUTDOWN(SSL_get_fd(con));
-	ret=0;
-end:
-	if (con != NULL) SSL_free(con);
-	if (con2 != NULL) SSL_free(con2);
-	if (ctx != NULL) SSL_CTX_free(ctx);
-	if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); Free(cbuf); }
-	if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); Free(sbuf); }
-	if (bio_c_out != NULL)
-		{
-		BIO_free(bio_c_out);
-		bio_c_out=NULL;
-		}
-	EXIT(ret);
-	}
-
-
-static void print_stuff(bio,s,full)
-BIO *bio;
-SSL *s;
-int full;
-	{
-	X509 *peer=NULL;
-	char *p;
-	static char *space="                ";
-	char buf[BUFSIZ];
-	STACK *sk;
-	SSL_CIPHER *c;
-	X509_NAME *xn;
-	int j,i;
-
-	if (full)
-		{
-		sk=SSL_get_peer_cert_chain(s);
-		if (sk != NULL)
-			{
-			BIO_printf(bio,"---\nCertificate chain\n");
-			for (i=0; i<sk_num(sk); i++)
-				{
-				X509_NAME_oneline(X509_get_subject_name((X509 *)
-					sk_value(sk,i)),buf,BUFSIZ);
-				BIO_printf(bio,"%2d s:%s\n",i,buf);
-				X509_NAME_oneline(X509_get_issuer_name((X509 *)
-					sk_value(sk,i)),buf,BUFSIZ);
-				BIO_printf(bio,"   i:%s\n",buf);
-				}
-			}
-
-		BIO_printf(bio,"---\n");
-		peer=SSL_get_peer_certificate(s);
-		if (peer != NULL)
-			{
-			BIO_printf(bio,"Server certificate\n");
-			PEM_write_bio_X509(bio,peer);
-			X509_NAME_oneline(X509_get_subject_name(peer),
-				buf,BUFSIZ);
-			BIO_printf(bio,"subject=%s\n",buf);
-			X509_NAME_oneline(X509_get_issuer_name(peer),
-				buf,BUFSIZ);
-			BIO_printf(bio,"issuer=%s\n",buf);
-			}
-		else
-			BIO_printf(bio,"no peer certificate available\n");
-
-		sk=SSL_get_client_CA_list(s);
-		if ((sk != NULL) && (sk_num(sk) > 0))
-			{
-			BIO_printf(bio,"---\nAcceptable client certificate CA names\n");
-			for (i=0; i<sk_num(sk); i++)
-				{
-				xn=(X509_NAME *)sk_value(sk,i);
-				X509_NAME_oneline(xn,buf,sizeof(buf));
-				BIO_write(bio,buf,strlen(buf));
-				BIO_write(bio,"\n",1);
-				}
-			}
-		else
-			{
-			BIO_printf(bio,"---\nNo client certificate CA names sent\n");
-			}
-		p=SSL_get_shared_ciphers(s,buf,BUFSIZ);
-		if (p != NULL)
-			{
-			BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
-			j=i=0;
-			while (*p)
-				{
-				if (*p == ':')
-					{
-					BIO_write(bio,space,15-j%25);
-					i++;
-					j=0;
-					BIO_write(bio,((i%3)?" ":"\n"),1);
-					}
-				else
-					{
-					BIO_write(bio,p,1);
-					j++;
-					}
-				p++;
-				}
-			BIO_write(bio,"\n",1);
-			}
-
-		BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n",
-			BIO_number_read(SSL_get_rbio(s)),
-			BIO_number_written(SSL_get_wbio(s)));
-		}
-	BIO_printf(bio,((s->hit)?"---\nReused, ":"---\nNew, "));
-	c=SSL_get_current_cipher(s);
-	BIO_printf(bio,"%s, Cipher is %s\n",
-		SSL_CIPHER_get_version(c),
-		SSL_CIPHER_get_name(c));
-	if (peer != NULL)
-	{
-		EVP_PKEY *pktmp;
-		BIO_printf(bio,"Server public key is %d bit\n",
-							EVP_PKEY_bits(pktmp));
-		EVP_PKEY_free(pktmp);
-	}
-	SSL_SESSION_print(bio,SSL_get_session(s));
-	BIO_printf(bio,"---\n");
-	if (peer != NULL)
-		X509_free(peer);
-	}
-

apps/server.pem

@@ -1,369 +0,0 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
------BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQQwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTgwNjI5MjM1MjQwWhcNMDAwNjI4
-MjM1MjQwWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
-cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
-Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
-Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCVvvfkGSe2GHgDFfmOua4Isjb9
-JVhImWMASiOClkZlMESDJjsszg/6+d/W+8TrbObhazpl95FivXBVucbj9dudh7AO
-IZu1h1MAPlyknc9Ud816vz3FejB4qqUoaXjnlkrIgEbr/un7jSS86WOe0hRhwHkJ
-FUGcPZf9ND22Etc+AQ==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
-TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
-OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
-gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
-rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
-PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
-vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
------END RSA PRIVATE KEY-----
-subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-notBefore=950413210656Z
-notAfter =970412210656Z
------BEGIN X509 CERTIFICATE-----
-
-MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
-BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
-ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
-BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
-VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
-MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
-3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
-YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
-hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
-dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
-zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
------END X509 CERTIFICATE-----
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
-OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
-IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
-DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
-1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
-mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
-hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
-YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
-q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
------BEGIN X509 CERTIFICATE-----
-MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
-LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
-MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
-b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
-EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
-bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
-ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
-hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
-ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
-bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
-fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
-R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
-Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
------END X509 CERTIFICATE-----
------BEGIN X509 CERTIFICATE-----
-
-MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
-bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
-BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
-BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
-ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
-ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
-H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
-WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
-MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
-LC7obsrHD8XAHG+ZRG==
------END X509 CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
-MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
-DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
-CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
-amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
-iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
-U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
-zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
-BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
-/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
-lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
-S7ELuYGtmYgYm9NZOIr7yU0=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
-A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
-aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
-LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
-gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
-dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
-SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
-bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
-OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
-GJNMJ4L0AJ/ac+SmHZc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
-BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
-HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
-IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
-MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
-aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
-GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
-ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
-zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
-YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
-hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
-cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
-YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
------END CERTIFICATE-----
-
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
-OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
-NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
-40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
-22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
-BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
-Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
-xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
-cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-notBefore=941104185834Z
-notAfter =991103185834Z
------BEGIN X509 CERTIFICATE-----
-
-MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
-Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
-OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
-ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
-975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
-touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
-7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
-9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
-0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
-MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
------END X509 CERTIFICATE-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=941109235417Z
-notAfter =991231235417Z
------BEGIN X509 CERTIFICATE-----
-
-MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
-Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
-roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
-aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
-HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
-iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
-suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
-cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
------END X509 CERTIFICATE-----
-subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
-issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
------BEGIN CERTIFICATE-----
-MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
-hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
-N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
-ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
-bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
-aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
-F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
-iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
-Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
-KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
-SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
-7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
-qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
-QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
-NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
-A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
-FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
-cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
-Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
-G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
-c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
-jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
-w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
-GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
-3VZdLbCVIhNoEsysrxCpxcI=
------END CERTIFICATE-----
-Tims test GCI CA
-
------BEGIN CERTIFICATE-----
-MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
-cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
-gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
-cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
-dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
-OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
-AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
-TfdbFZtAAD2Hx9jUtY3tfdrJOb8= 
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
-IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
-VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
-NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
-I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
-RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
-Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
-9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
-WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
-Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
-ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
-ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
-FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
-W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
-QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
-9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
-TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
-8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
------END CERTIFICATE-----
-
- subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
- issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
-
------BEGIN CERTIFICATE-----
-MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
-YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
-MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
-YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
-SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
-U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
-RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
-3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
-z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
-hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
-YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
-LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
-KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
-Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
-ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
-dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
-IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
-ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
-TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
-LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
-BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
-53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
-2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
-p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
------END CERTIFICATE-----
-
- subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
-nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
-AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
-IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
-Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
-NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
------END CERTIFICATE-----
- subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
-9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
-IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
-O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
-g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
-yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
------END CERTIFICATE-----

apps/server.srl

@@ -1 +0,0 @@
-01

apps/server2.pem

@@ -1,376 +0,0 @@
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (1024 bit)
------BEGIN CERTIFICATE-----
-MIICLjCCAZcCAQEwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU0WhcNOTgwNjA5
-MTM1NzU0WjBkMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxJDAiBgNVBAMTG1NlcnZlciB0ZXN0IGNl
-cnQgKDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsxH1PBPm
-RkxrR11eV4bzNi4N9n11CI8nV29+ARlT1+qDe/mjVUvXlmsr1v/vf71G9GgqopSa
-6RXrICLVdk/FYYYzhPvl1M+OrjaXDFO8BzBAF1Lnz6c7aRZvGRJNrRSr2nZEkqDf
-JW9dY7r2VZEpD5QeuaRYUnuECkqeieB65GMCAwEAATANBgkqhkiG9w0BAQQFAAOB
-gQCWsOta6C0wiVzXz8wPmJKyTrurMlgUss2iSuW9366iwofZddsNg7FXniMzkIf6
-dp7jnmWZwKZ9cXsNUS2o4OL07qOk2HOywC0YsNZQsOBu1CBTYYkIefDiKFL1zQHh
-8lwwNd4NP+OE3NzUNkCfh4DnFfg9WHkXUlD5UpxNRJ4gJA==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
-S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
-pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
-AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
-dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
-bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
-Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
-zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
-6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
-QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
-dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
-0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
-nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
------END RSA PRIVATE KEY-----
-subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
-notBefore=950413210656Z
-notAfter =970412210656Z
------BEGIN X509 CERTIFICATE-----
-
-MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
-BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
-ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
-BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
-VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
-MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
-3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
-YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
-hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
-dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
-zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
------END X509 CERTIFICATE-----
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
-OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
-IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
-DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
-1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
-mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
-hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
-YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
-q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
------BEGIN X509 CERTIFICATE-----
-MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
-LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
-MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
-b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
-EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
-bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
-ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
-hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
-ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
-bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
-fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
-R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
-Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
------END X509 CERTIFICATE-----
------BEGIN X509 CERTIFICATE-----
-
-MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
-bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
-BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
-BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
-ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
-ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
-H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
-WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
-MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
-LC7obsrHD8XAHG+ZRG==
------END X509 CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
-MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
-DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
-CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
-amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
-iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
-U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
-zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
-BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
-/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
-lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
-S7ELuYGtmYgYm9NZOIr7yU0=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
-A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
-aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
-LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
-gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
-dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
-SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
-bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
-OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
-GJNMJ4L0AJ/ac+SmHZc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
-BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
-HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
-IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
-MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
-aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
-GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
-ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
-zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
-YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
-hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
-cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
-YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
------END CERTIFICATE-----
-
-issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
------BEGIN CERTIFICATE-----
-MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
-VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
-OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
-NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
-40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
-22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
-BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
-Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
-xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
-cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-notBefore=941104185834Z
-notAfter =991103185834Z
------BEGIN X509 CERTIFICATE-----
-
-MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
-Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
-OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
-ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
-975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
-touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
-7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
-9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
-0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
-MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
------END X509 CERTIFICATE-----
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=941109235417Z
-notAfter =991231235417Z
------BEGIN X509 CERTIFICATE-----
-
-MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
-Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
-roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
-aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
-HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
-iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
-suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
-cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
------END X509 CERTIFICATE-----
-subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
-issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
-	/OU=Certification Services Division/CN=Thawte Server CA
-	/Email=server-certs@thawte.com
------BEGIN CERTIFICATE-----
-MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
-hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
-N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
-ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
-bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
-aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
-F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
-iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
-Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
-KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
-SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
-7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
-qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
-VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
-VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
-QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
-NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
-A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
-FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
-cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
-Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
-G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
-c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
-jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
-w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
-GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
-3VZdLbCVIhNoEsysrxCpxcI=
------END CERTIFICATE-----
-Tims test GCI CA
-
------BEGIN CERTIFICATE-----
-MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
-cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
-gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
-cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
-dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
-OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
-AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
-TfdbFZtAAD2Hx9jUtY3tfdrJOb8= 
------END CERTIFICATE-----
-
------BEGIN CERTIFICATE-----
-MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
-IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
-VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
-NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
-I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
-RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
-Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
-9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
-WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
-Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
-ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
-ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
-FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
-W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
-QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
-9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
-TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
-8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
------END CERTIFICATE-----
-
- subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
- issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
-
------BEGIN CERTIFICATE-----
-MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
-YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
-MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
-YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
-SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
-U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
-SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
-RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
-3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
-z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
-hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
-YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
-LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
-KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
-Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
-ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
-dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
-IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
-ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
-TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
-LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
-BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
-53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
-2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
-p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
------END CERTIFICATE-----
-
- subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
-nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
-AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
-IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
-Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
-NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
------END CERTIFICATE-----
- subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
- issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
------BEGIN CERTIFICATE-----
-MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
-FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
-UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
-Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
-biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
-9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
-IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
-O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
-AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
-g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
-yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
------END CERTIFICATE-----

apps/sess_id.c

@@ -1,317 +0,0 @@
-/* apps/sess_id.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include "bio.h"
-#include "err.h"
-#include "x509.h"
-#include "pem.h"
-#include "ssl.h"
-
-#undef PROG
-#define PROG	sess_id_main
-
-static char *sess_id_usage[]={
-"usage: sess_id args\n",
-"\n",
-" -inform arg     - input format - default PEM (one of DER, TXT or PEM)\n",
-" -outform arg    - output format - default PEM\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -text           - print ssl session id details\n",
-" -cert           - output certificate \n",
-" -noout          - no CRL output\n",
-" -context arg    - set the session ID context\n",
-NULL
-};
-
-#ifndef NOPROTO
-static SSL_SESSION *load_sess_id(char *file, int format);
-#else
-static SSL_SESSION *load_sess_id();
-#endif
-
-int MAIN(argc, argv)
-int argc;
-char **argv;
-	{
-	SSL_SESSION *x=NULL;
-	int ret=1,i,num,badops=0;
-	BIO *out=NULL;
-	int informat,outformat;
-	char *infile=NULL,*outfile=NULL,*context=NULL;
-	int cert=0,noout=0,text=0;
-	char **pp;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-
-	argc--;
-	argv++;
-	num=0;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-text") == 0)
-			text= ++num;
-		else if (strcmp(*argv,"-cert") == 0)
-			cert= ++num;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout= ++num;
-		else if (strcmp(*argv,"-context") == 0)
-		    {
-		    if(--argc < 1) goto bad;
-		    context=*++argv;
-		    }
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
-			break;
-			}
-		argc--;
-		argv++;
-		}
-
-	if (badops)
-		{
-bad:
-		for (pp=sess_id_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,*pp);
-		goto end;
-		}
-
-	ERR_load_crypto_strings();
-	x=load_sess_id(infile,informat);
-	if (x == NULL) { goto end; }
-
-	if(context)
-	    {
-	    x->sid_ctx_length=strlen(context);
-	    if(x->sid_ctx_length > SSL_MAX_SID_CTX_LENGTH)
-		{
-		BIO_printf(bio_err,"Context too long\n");
-		goto end;
-		}
-	    memcpy(x->sid_ctx,context,x->sid_ctx_length);
-	    }
-
-#ifdef undef
-	/* just testing for memory leaks :-) */
-	{
-	SSL_SESSION *s;
-	char buf[1024*10],*p;
-	int i;
-
-	s=SSL_SESSION_new();
-
-	p= &buf;
-	i=i2d_SSL_SESSION(x,&p);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
-	SSL_SESSION_free(s);
-	}
-#endif
-
-	if (!noout || text)
-		{
-		out=BIO_new(BIO_s_file());
-		if (out == NULL)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-
-		if (outfile == NULL)
-			BIO_set_fp(out,stdout,BIO_NOCLOSE);
-		else
-			{
-			if (BIO_write_filename(out,outfile) <= 0)
-				{
-				perror(outfile);
-				goto end;
-				}
-			}
-		}
-
-	if (text)
-		{
-		SSL_SESSION_print(out,x);
-
-		if (cert)
-			{
-			if (x->peer == NULL)
-				BIO_puts(out,"No certificate present\n");
-			else
-				X509_print(out,x->peer);
-			}
-		}
-
-	if (!noout && !cert)
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=(int)i2d_SSL_SESSION_bio(out,x);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_SSL_SESSION(out,x);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i) {
-			BIO_printf(bio_err,"unable to write SSL_SESSION\n");
-			goto end;
-			}
-		}
-	else if (!noout && (x->peer != NULL)) /* just print the certificate */
-		{
-		if 	(outformat == FORMAT_ASN1)
-			i=(int)i2d_X509_bio(out,x->peer);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_X509(out,x->peer);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		if (!i) {
-			BIO_printf(bio_err,"unable to write X509\n");
-			goto end;
-			}
-		}
-	ret=0;
-end:
-	if (out != NULL) BIO_free(out);
-	if (x != NULL) SSL_SESSION_free(x);
-	EXIT(ret);
-	}
-
-static SSL_SESSION *load_sess_id(infile, format)
-char *infile;
-int format;
-	{
-	SSL_SESSION *x=NULL;
-	BIO *in=NULL;
-
-	in=BIO_new(BIO_s_file());
-	if (in == NULL)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-	if 	(format == FORMAT_ASN1)
-		x=d2i_SSL_SESSION_bio(in,NULL);
-	else if (format == FORMAT_PEM)
-		x=PEM_read_bio_SSL_SESSION(in,NULL,NULL);
-	else	{
-		BIO_printf(bio_err,"bad input format specified for input crl\n");
-		goto end;
-		}
-	if (x == NULL)
-		{
-		BIO_printf(bio_err,"unable to load SSL_SESSION\n");
-		ERR_print_errors(bio_err);
-		goto end;
-		}
-	
-end:
-	if (in != NULL) BIO_free(in);
-	return(x);
-	}
-

apps/set/set-g-ca.pem

@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDeDCCAuGgAwIBAgIgYCYUeg8NJ9kO1q3z6vGCkAmPRfu5+Nur0FyGF79MADMw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
-MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
-MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtQ
-Q0ExMDIxMTgyODEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJyi5V7l1HohY6hN/2N9x6mvWeMy8rD1
-6lfXjgmiuGmhpaszWYaalesMcS2OGuG8Lq3PkaSzpVzqASKfIOjxLMsdpYyYJRub
-vRPDWi3xd8wlp9xUwWHKqn+ki8mPo0yN4eONwZZ4rcZr6K+tWd+5EJZSjuENJoQ/
-SRRmGRzdcS7XAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
-EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
-aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
-MTAyMjAxMjIwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
-SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwICBDB5
-BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
-Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
-ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBn19R2
-AgGvpJDmfXrHTDdCoYyMkaP2MPzw0hFRwh+wqnw0/pqUXa7MrLXMqtD3rUyOWaNR
-9fYpJZd0Bh/1OeIc2+U+VNfUovLLuZ8nNemdxyq2KMYnHtnh7UdO7atZ+PFLVu8x
-a+J2Mtj8MGy12CJNTJcjLSrJ/1f3AuVrwELjlQ==
------END CERTIFICATE-----

apps/set/set-m-ca.pem

@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDeDCCAuGgAwIBAgIgEGvcf5aUnufALdVMa/dmPdflq1CoORGeK5DUwbqhVYcw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
-MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
-MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtN
-Q0ExMDIxMTgyNzEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALuWwr63YrT1GIZpYKfIeiVFHESG/FZO
-7RAJKml/p12ZyZ7D5YPP4BBXVsa1H8e8arR1LKC4rdCArrtKKlBeBiMo9+NB+u35
-FnLnTmfzM4iZ2Syw35DXY8+Xn/LM7RJ1RG+vMNcTqpoUg7QPye7flq2Pt7vVROPn
-SZxPyVxmILe3AgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
-EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
-aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
-MTAyMjAxMjEwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
-SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIDCDB5
-BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
-Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
-ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQApaj0W
-GgyR47URZEZ7z83yivvnVErqtodub/nR1fMgJ4bDC0ofjA0SzXBP1/3eDq9VkPuS
-EKUw9BpM2XrSUKhJ6F1CbBjWpM0M7GC1nTSxMxmV+XL+Ab/Gn2SwozUApWtht29/
-x9VLB8qsi6wN2aOsVdQMl5iVCjGQYfEkyuoIgA==
------END CERTIFICATE-----

apps/set/set_b_ca.pem

@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID1zCCAr+gAwIBAgIgYClSzXgB3u31VMarY+lXwPKU9DtoBMzaaivuVzV9a9kw
-DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
-ODI5MB4XDTk2MTAxNzAwMDAwMFoXDTk2MTExNjIzNTk1OVowRTELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC0JDQTEwMTcxMTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlBy
-b2R1Y3QgVHlwZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApPewvR0BwV02
-9E12ic48pMY/aMB6SkMEWPDx2hURr0DKYGJ6qMvzZn2pSfaVH1BqDtK6oK4Ye5Mj
-ItywwQIdXXO9Ut8+TLnvtzq9ByCJ0YThjZJBc7ZcpJxSV7QAoBON/lzxZuAVq3+L
-3uc39MgRwmBpRllZEpWrkojxs6166X0CAwEAAaOCAVcwggFTMFQGA1UdIwRNMEuh
-J6QlMCMxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtSQ0ExMDExMTgyOYIgVqenwCYv
-mmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYwDgYDVR0PAQH/BAQDAgEGMC4GA1Ud
-EAEB/wQkMCKADzE5OTYxMDE3MTc1NzAwWoEPMTk5NjExMTYyMzU5NTlaMBsGA1Ud
-IAEB/wQRMA8wDQYLYIZIAYb4RQEHAQEwEgYDVR0TAQH/BAgwBgEB/wIBATAPBgSG
-jW8DAQH/BAQDAgABMHkGBIaNbwcBAf8EbjBsMCQCAQAwCQYFKw4DAhoFAAQUMmY3
-NGIxYWY0ZmNjMDYwZjc2NzYTD3RlcnNlIHN0YXRlbWVudIAXaHR0cDovL3d3dy52
-ZXJpc2lnbi5jb22BGmdldHNldC1jZW50ZXJAdmVyaXNpZ24uY29tMA0GCSqGSIb3
-DQEBBQUAA4IBAQAWoMS8Aj2sO0LDxRoMcnWTKY8nd8Jw2vl2Mgsm+0qCvcndICM5
-43N0y9uHlP8WeCZULbFz95gTL8mfP/QTu4EctMUkQgRHJnx80f0XSF3HE/X6zBbI
-9rit/bF6yP1mhkdss/vGanReDpki7q8pLx+VIIcxWst/366HP3dW1Fb7ECW/WmVV
-VMN93f/xqk9I4sXchVZcVKQT3W4tzv+qQvugrEi1dSEkbAy1CITEAEGiaFhGUyCe
-WPox3guRXaEHoINNeajGrISe6d//alsz5EEroBoLnM2ryqWfLAtRsf4rjNzTgklw
-lbiz0fw7bNkXKp5ZVr0wlnOjQnoSM6dTI0AV
------END CERTIFICATE-----

apps/set/set_c_ca.pem

@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDeDCCAuGgAwIBAgIgOnl8J6lAYNDdTWtIojWCGnloNf4ufHjOZ4Fkxwg5xOsw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
-MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
-MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtD
-Q0ExMDIxMTYxNjEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANA3a9+U8oXU3Dv1wJf8g0A7HjCRZAXc
-Y8E4OLOdye5aUssxifCE05qTPVqHMXo6cnCYcfroMdURhjQlswyTGtjQybgUnXjp
-pchw+V4D1DkN0ThErrMCh9ZFSykC0lUhQTRLESvbIb4Gal/HMAFAF5sj0GoOFi2H
-RRj7gpzBIU3xAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
-EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
-aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
-MTAyMjAxMTAwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
-SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIEEDB5
-BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
-Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
-ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBteLaZ
-u/TASC64UWPfhxYAUdys9DQ1pG/J1qPWNTkjOmpXFvW+7l/3nkxyRPgUoFNwx1e7
-XVVPr6zhy8LaaXppwfIZvVryzAUdbtijiUf/MO0hvV3w7e9NlCVProdU5H9EvCXr
-+IV8rH8fdEkirIVyw0JGHkuWhkmtS1HEwai9vg==
------END CERTIFICATE-----

apps/set/set_d_ct.pem

@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDdjCCAt+gAwIBAgIgRU5t24v72xVDpZ4iHpyoOAQaQmfio1yhTZAOkBfT2uUw
-DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0NDQTEwMjEx
-NjE2MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjQw
-MDAwMDBaFw05NjExMjMyMzU5NTlaMG4xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdC
-cmFuZElEMSYwJAYDVQQLEx1Jc3N1aW5nIEZpbmFuY2lhbCBJbnN0aXR1dGlvbjEl
-MCMGA1UEAxMcR2lYb0t0VjViN1V0MHZKa2hkSG5RYmNzc2JrPTBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDIUxgpNB1aoSW585WErtN8WInCRWCqDj3RGT2mJye0F4SM
-/iT5ywdWMasmw18vpEpDlMypfZnRkUAdfyHcRABVAgMBAAGjggFwMIIBbDB2BgNV
-HSMEbzBtoUmkRzBFMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLQkNBMTAxNzExMDQx
-IDAeBgNVBAMTF0JyYW5kIE5hbWU6UHJvZHVjdCBUeXBlgiA6eXwnqUBg0N1Na0ii
-NYIaeWg1/i58eM5ngWTHCDnE6zAOBgNVHQ8BAf8EBAMCB4AwLgYDVR0QAQH/BCQw
-IoAPMTk5NjEwMjQwMTA0MDBagQ8xOTk2MTEyMzIzNTk1OVowGAYDVR0gBBEwDzAN
-BgtghkgBhvhFAQcBATAMBgNVHRMBAf8EAjAAMA8GBIaNbwMBAf8EBAMCB4AweQYE
-ho1vBwEB/wRuMGwwJAIBADAJBgUrDgMCGgUABBQzOTgyMzk4NzIzNzg5MTM0OTc4
-MhMPdGVyc2Ugc3RhdGVtZW50gBdodHRwOi8vd3d3LnZlcmlzaWduLmNvbYEaZ2V0
-c2V0LWNlbnRlckB2ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEAVHCjhxeD
-mIFSkm3DpQAq7pGfcAFPWvSM9I9bK8qeFT1M5YQ+5fbPqaWlNcQlGKIe3cHd4+0P
-ndL5lb6UBhhA0kTzEYA38+HtBxPe/lokCv0bYfyWY9asUmvfbUrTYta0yjN7ixnV
-UqvxxHQHOAwhf6bcc7xNHapOxloWzGUU0RQ=
------END CERTIFICATE-----

apps/set/set_root.pem

@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDZzCCAk+gAwIBAgIgVqenwCYvmmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYw
-DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
-ODI5MB4XDTk2MTAxMjAwMDAwMFoXDTk2MTExMTIzNTk1OVowIzELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC1JDQTEwMTExODI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAukca0PVUGFIYX7EyrShi+dVi9GTNzG0V2Wtdw6DqFzKfedba/KpE
-zqnRDV/wRZlBn3oXPS6kNCFiBPRV9mEFXI7y2W+q8/vPurjRDIXMsqQ+dAhKwf4q
-rofJBTiET4NUN0YTtpx6aYuoVubjiOgKdbqnUArxAWWP2Dkco17ipEYyUtd4sTAe
-/xKR02AHpbYGYPSHjMDS/nzUJ7uX4d51phs0rt7If48ExJSnDV/KoHMfm42mdmH2
-g23005qdHKY3UXeh10tZmb3QtGTSvF6OqpRZ+e9/ALklu7ZcIjqbb944ci4QWemb
-ZNWiDFrWWUoO1k942BI/iZ8Fh8pETYSDBQIDAQABo4GGMIGDMA4GA1UdDwEB/wQE
-AwIBBjAuBgNVHRABAf8EJDAigA8xOTk2MTAxMjAxMzQwMFqBDzE5OTYxMTExMjM1
-OTU5WjAbBgNVHSABAf8EETAPMA0GC2CGSAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYB
-Af8CAQIwEAYEho1vAwEB/wQFAwMHAIAwDQYJKoZIhvcNAQEFBQADggEBAK4tntea
-y+ws7PdULwfqAS5osaoNvw73uBn5lROTpx91uhQbJyf0oZ3XG9GUuHZBpqG9qmr9
-vIL40RsvRpNMYgaNHKTxF716yx6rZmruAYZsrE3SpV63tQJCckKLPSge2E5uDhSQ
-O8UjusG+IRT9fKMXUHLv4OmZPOQVOSl1qTCN2XoJFqEPtC3Y9P4YR4xHL0P2jb1l
-DLdIbruuh+6omH+0XUZd5fKnQZTTi6gjl0iunj3wGnkcqGZtwr3j87ONiB/8tDwY
-vz8ceII4YYdX12PrNzn+fu3R5rChvPW4/ah/SaYQ2VQ0AupaIF4xrNJ/gLYYw0YO
-bxCrVJLd8tu9WgA=
------END CERTIFICATE-----

apps/stuff/pkcs7.ex1

@@ -1,25 +0,0 @@
------BEGIN xxx-----
-MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIB
-rTCCAUkCAgC2MA0GCSqGSIb3DQEBAgUAME0xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEcMBoGA1UECxMT
-UGVyc29uYSBDZXJ0aWZpY2F0ZTAeFw05NDA0MDkwMDUwMzdaFw05NDA4
-MDIxODM4NTdaMGcxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEcMBoGA1UECxMTUGVyc29uYSBDZXJ0aWZp
-Y2F0ZTEYMBYGA1UEAxMPU2V0ZWMgQXN0cm9ub215MFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAMy8QcW7RMrB4sTdQ8Nmb2DFmJmkWn+el+NdeamI
-DElX/qw9mIQu4xNj1FfepfJNxzPvA0OtMKhy6+bkrlyMEU8CAwEAATAN
-BgkqhkiG9w0BAQIFAANPAAYn7jDgirhiIL4wnP8nGzUisGSpsFsF4/7z
-2P2wqne6Qk8Cg/Dstu3RyaN78vAMGP8d82H5+Ndfhi2mRp4YHiGHz0Hl
-K6VbPfnyvS2wdjCCAccwggFRAgUCQAAAFDANBgkqhkiG9w0BAQIFADBf
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXUlNBIERhdGEgU2VjdXJpdHks
-IEluYy4xLjAsBgNVBAsTJUxvdyBBc3N1cmFuY2UgQ2VydGlmaWNhdGlv
-biBBdXRob3JpdHkwHhcNOTQwMTA3MDAwMDAwWhcNOTYwMTA3MjM1OTU5
-WjBNMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXUlNBIERhdGEgU2VjdXJp
-dHksIEluYy4xHDAaBgNVBAsTE1BlcnNvbmEgQ2VydGlmaWNhdGUwaTAN
-BgkqhkiG9w0BAQEFAANYADBVAk4GqghQDa9Xi/2zAdYEqJVIcYhlLN1F
-pI9tXQ1m6zZ39PYXK8Uhoj0Es7kWRv8hC04vqkOKwndWbzVtvoHQOmP8
-nOkkuBi+AQvgFoRcgOUCAwEAATANBgkqhkiG9w0BAQIFAANhAD/5Uo7x
-Ddp49oZm9GoNcPhZcW1e+nojLvHXWAU/CBkwfcR+FSf4hQ5eFu1AjYv6
-Wqf430Xe9Et5+jgnMTiq4LnwgTdA8xQX4elJz9QzQobkE3XVOjVAtCFc
-miin80RB8AAAMYAAAAAAAAAAAA==
------END xxx-----

apps/stuff/pkcs7.ex2

@@ -1,11 +0,0 @@
------BEGIN PRIVACY-ENHANCED MESSAGE-----
-MIAGCSqGSIb3DQEHBqCAMIACAQAwgAYJKoZIhvcNAQcBMBEGBSsOAwIHBAifqtdy
-x6uIMYCCARgvFzJtOZBn773DtmXlx037ck3giqnV0WC0QAx5f+fesAiGaxMqWcir
-r9XvT0nT0LgSQ/8tiLCDBEKdyCNgdcJAduy3D0r2sb5sNTT0TyL9uydG3w55vTnW
-aPbCPCWLudArI1UHDZbnoJICrVehxG/sYX069M8v6VO8PsJS7//hh1yM+0nekzQ5
-l1p0j7uWKu4W0csrlGqhLvEJanj6dQAGSTNCOoH3jzEXGQXntgesk8poFPfHdtj0
-5RH4MuJRajDmoEjlrNcnGl/BdHAd2JaCo6uZWGcnGAgVJ/TVfSVSwN5nlCK87tXl
-nL7DJwaPRYwxb3mnPKNq7ATiJPf5u162MbwxrddmiE7e3sST7naSN+GS0ateY5X7
-AAAAAAAAAAA=
------END PRIVACY-ENHANCED MESSAGE-----
-

apps/stuff/pkcs7.ex3

@@ -1,12 +0,0 @@
------BEGIN PRIVACY-ENHANCED MESSAGE-----
-MIAGCSqGSIb3DQEHA6CAMIACAQAxgDCBqQIBADBTME0xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEcMBoGA1UECxMTUGVyc29u
-YSBDZXJ0aWZpY2F0ZQICALYwDQYJKoZIhvcNAQEBBQAEQCU/R+YCJSUsV6XLilHG
-cNVzwqKcWzmT/rZ+duOv8Ggb7oO/d8H3xUVGQ2LsX4kYGq2szwj8Q6eWhsmhf4oz
-lvMAADCABgkqhkiG9w0BBwEwEQYFKw4DAgcECFif7BadXlw3oIAEgZBNcMexKe16
-+mNxx8YQPukBCL0bWqS86lvws/AgRkKPELmysBi5lco8MBCsWK/fCyrnxIRHs1oK
-BXBVlsAhKkkusk1kCf/GbXSAphdSgG+d6LxrNZwHbBFOX6A2hYS63Iczd5bOVDDW
-Op2gcgUtMJq6k2LFrs4L7HHqRPPlqNJ6j5mFP4xkzOCNIQynpD1rV6EECMIk/T7k
-1JLSAAAAAAAAAAAAAA==
------END PRIVACY-ENHANCED MESSAGE-----
-

apps/stuff/pkcs7.pem

@@ -1,46 +0,0 @@
------BEGIN PKCS7-----
-MIIIEgYJKoZIhvcNAQcCMIIIAwIBATEAMAsGCSqGSIb3DQEHAaCCBDUwggIhMIIB
-jgIFAnIAAGcwDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
-F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
-IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk1MDUxNzAwMDAwMFoXDTk1MTEx
-NjIzNTk1OVowdzELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5h
-MRIwEAYDVQQHEwlDaGFybG90dGUxIzAhBgNVBAoTGlZuZXQgSW50ZXJuZXQgQWNj
-ZXNzLCBJbmMuMRYwFAYDVQQDFA13d3cqLnZuZXQubmV0MHwwDQYJKoZIhvcNAQEB
-BQADawAwaAJhAOngW+io4W1lAp1b2k4+KqICaLHatp6AWkPLpa3Li2mwmggSGeRD
-AmTI4FQB0EFrDMfKLOteHgGoDJ0vifmV5cKvevRt5Gn+xPn54Halu7i145iUldyv
-oViUNpWmLJhKTQIDAQABMA0GCSqGSIb3DQEBAgUAA34AQkyfJje6H8fxtN68TvXV
-RibnPpQol2jMbh0VnK9cP9ePvsXy+7JoGuWxj6zlgjZGwia49xITggZ+0b+wP51l
-5e8xEEc2K7eC5QVD0qh/NSqdPcVP+UG6UK/LT25w/yLuZgqJ3g87kGbOo9myLhkZ
-3jr3kXnsriBmwmqcjgUwggIMMIIBlgIFAkAAAEUwDQYJKoZIhvcNAQECBQAwXzEL
-MAkGA1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4w
-LAYDVQQLEyVMb3cgQXNzdXJhbmNlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4X
-DTk0MTEwOTIzMTk0NFoXDTk5MTIzMTIzMTk0NFowXzELMAkGA1UEBhMCVVMxIDAe
-BgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUg
-U2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUA
-A4GJADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwji
-ioII0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJ
-VphIuR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJ
-KoZIhvcNAQECBQADYQAjOCnuhWTdRq+8PhUBSzKbOhmafQQPQ8Ltw+49U8N1zgq9
-1ROaW46znUQykAPUdaAIflEfV2e0ULuyOWCwDJ2ME7NUmWL86SLkk6QLC9iItjva
-h+tdpLV/+TerjmrxCWChggOyMIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1
-MDIwMjEyMjZaFw05NTA2MDEwMDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcy
-NDI2WjAWAgUCQQAACRcNOTUwMjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAx
-MjQ5WjAWAgUCQQAADBcNOTUwMjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0
-MDQ5WjAWAgUCQQAAFhcNOTUwMzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0
-MDQxWjAWAgUCQQAAHxcNOTUwMzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAw
-NzExWjAWAgUCcgAAERcNOTUwMzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDEx
-MzIxWjAWAgUCcgAAHhcNOTUwNDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcx
-NzI0WjAWAgUCcgAAOBcNOTUwNDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIx
-MjI2WjANBgkqhkiG9w0BAQIFAAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6q
-QmK92W0hW158wpJg+ovV3+wQwvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3M
-rJBnZ4GaZDu4FutZh72MR3GtJaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFA
-yp0vMIIBHTCBqDANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEgMB4GA1UE
-ChMXUlNBIERhdGEgU2VjdXJpdHksIEluYy4xLjAsBgNVBAsTJUxvdyBBc3N1cmFu
-Y2UgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkXDTk1MDUwMTE5MjcyOVoXDTk1MDYw
-MTA4MDAwMFowGDAWAgUCQAAAXhcNOTUwMjA4MDE0NjIyWjANBgkqhkiG9w0BAQIF
-AANhAF70VxEAKgGlS2otYkWSqYJ286MMDbdAIoEGCDTtVuLCOP3YKHOSTjFhbIhL
-5mBd+Q/W+lKSqdoyYhdObaBk4I4Wk+/BE2QK1x4QhtYG144spESXIRIKAbhffg1g
-rRe/ETEA
------END PKCS7-----

apps/test.ssl

@@ -1,16 +0,0 @@
-www.microsoft.com:443
-sectest.microsoft.com:443
-https://sectest.microsoft.com/ClientAuth/test.asp
-ssl3.netscape.com:443
-ssl3.netscape.com:444
-www.openmarket.com:443 - no session ID caching. - no swap
-
-Servers
-bad  www.openmarket.com	Open-Market-Secure-WebServer/V2.1
-bad  www.microsoft.com	Server: Microsoft-IIS/3.0
-good transact.netscape.com	Netscape-Enterprise/2.01
-
-clients
-good netscape
-hmm  MSIE
-