mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

New Configure option no-<cipher> (rsa, idea, rc5, ...).

Browse Source
This commit is contained in:
Ulf Möller 1999-04-27 03:19:12 +00:00
parent 281c52c054
commit 79df9d6272
18 changed files with 90 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Configure
View File

@ -20,7 +20,7 @@ my $usage="Usage: Configure [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [rsaref] [no
# rsaref use RSAref
# no-asm do not use assembler
# 386 generate 80386 code
# no-CIPHER build without specified algorithm
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
# -D, -L, -l, -f, -K: compiler options are passed through
#
# DES_PTR use pointer lookup vs arrays in the DES in crypto/des/des_locl.h

4
crypto/rsa/rsa_eay.c
View File

@ -115,9 +115,11 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from,
case RSA_PKCS1_PADDING:
i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen);
break;
#ifndef NO_SHA
case RSA_PKCS1_OAEP_PADDING:
i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0);
break;
#endif
case RSA_SSLV23_PADDING:
i=RSA_padding_add_SSLv23(buf,num,from,flen);
break;
@ -299,9 +301,11 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from,
case RSA_PKCS1_PADDING:
r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num);
break;
#ifndef NO_SHA
case RSA_PKCS1_OAEP_PADDING:
r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0);
break;
#endif
case RSA_SSLV23_PADDING:
r=RSA_padding_check_SSLv23(to,num,buf,j,num);
break;

2
crypto/rsa/rsa_oaep.c
View File

@ -4,6 +4,7 @@
/* EME_OAEP as defined in RFC 2437 (PKCS #1 v2.0) */
#ifndef NO_SHA
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
@ -156,3 +157,4 @@ int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen)
}
return (0);
}
#endif

3
rsaref/rsaref.c
View File

@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
#ifndef NO_RSA
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
@ -296,4 +297,4 @@ err:
memset(&rnd,0,sizeof(rnd));
return(outlen);
}
#endif

2
rsaref/rsaref.h
View File

@ -59,6 +59,7 @@
#ifndef HEADER_RSAREF_H
#define HEADER_RSAREF_H
#ifndef NO_RSA
#include <openssl/rsa.h>
/* RSAeuro */
@ -128,6 +129,7 @@ int R_RandomFinal(RSARandomState *rnd);
void ERR_load_RSAREF_strings(void );
RSA_METHOD *RSA_PKCS1_RSAref(void );
#endif
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes

8
ssl/s23_clnt.c
View File

@ -68,9 +68,11 @@ static int ssl23_client_hello(SSL *s);
static int ssl23_get_server_hello(SSL *s);
static SSL_METHOD *ssl23_get_client_method(int ver)
{
#ifndef NO_RSA
if (ver == SSL2_VERSION)
return(SSLv2_client_method());
else if (ver == SSL3_VERSION)
#endif
if (ver == SSL3_VERSION)
return(SSLv3_client_method());
else if (ver == TLS1_VERSION)
return(TLSv1_client_method());
@ -320,6 +322,9 @@ static int ssl23_get_server_hello(SSL *s)
if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
(p[5] == 0x00) && (p[6] == 0x02))
{
#ifdef NO_RSA
goto err;
#else
/* we are talking sslv2 */
/* we need to clean up the SSLv3 setup and put in the
* sslv2 stuff. */
@ -375,6 +380,7 @@ static int ssl23_get_server_hello(SSL *s)
s->method=SSLv2_client_method();
s->handshake_func=s->method->ssl_connect;
#endif
}
else if ((p[0] == SSL3_RT_HANDSHAKE) &&
(p[1] == SSL3_VERSION_MAJOR) &&

8
ssl/s23_srvr.c
View File

@ -67,9 +67,11 @@ static SSL_METHOD *ssl23_get_server_method(int ver);
int ssl23_get_client_hello(SSL *s);
static SSL_METHOD *ssl23_get_server_method(int ver)
{
#ifndef NO_RSA
if (ver == SSL2_VERSION)
return(SSLv2_server_method());
else if (ver == SSL3_VERSION)
#endif
if (ver == SSL3_VERSION)
return(SSLv3_server_method());
else if (ver == TLS1_VERSION)
return(TLSv1_server_method());
@ -404,6 +406,9 @@ next_bit:
if (type == 1)
{
#ifdef NO_RSA
goto err;
#else
/* we are talking sslv2 */
/* we need to clean up the SSLv3/TLSv1 setup and put in the
* sslv2 stuff. */
@ -442,6 +447,7 @@ next_bit:
s->method=SSLv2_server_method();
s->handshake_func=s->method->ssl_accept;
#endif
}
if ((type == 2) || (type == 3))

3
ssl/s2_clnt.c
View File

@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
#ifndef NO_RSA
#include <stdio.h>
#include <openssl/rand.h>
#include <openssl/buffer.h>
@ -963,4 +964,4 @@ end:
EVP_PKEY_free(pkey);
return(i);
}
#endif

3
ssl/s2_lib.c
View File

@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
#ifndef NO_RSA
#include <stdio.h>
#include <openssl/rsa.h>
#include <openssl/objects.h>
@ -414,4 +415,4 @@ int ssl2_shutdown(SSL *s)
s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
return(1);
}
#endif

3
ssl/s2_meth.c
View File

@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
#ifndef NO_RSA
#include <stdio.h>
#include <openssl/objects.h>
#include "ssl_locl.h"
@ -85,4 +86,4 @@ SSL_METHOD *SSLv2_method(void)
}
return(&SSLv2_data);
}
#endif

3
ssl/s2_srvr.c
View File

@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
#ifndef NO_RSA
#include <stdio.h>
#include <openssl/bio.h>
#include <openssl/rand.h>
@ -940,4 +941,4 @@ static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB);
return(i);
}
#endif

22
ssl/s3_clnt.c
View File

@ -828,7 +828,9 @@ static int ssl3_get_key_exchange(SSL *s)
int al,i,j,param_len,ok;
long n,alg;
EVP_PKEY *pkey=NULL;
#ifndef NO_RSA
RSA *rsa=NULL;
#endif
#ifndef NO_DH
DH *dh=NULL;
#endif
@ -1287,10 +1289,13 @@ static int ssl3_get_server_done(SSL *s)
static int ssl3_send_client_key_exchange(SSL *s)
{
unsigned char *p,*q,*d;
unsigned char *p,*d;
int n;
unsigned long l;
#ifndef NO_RSA
unsigned char *q;
EVP_PKEY *pkey=NULL;
#endif
if (s->state == SSL3_ST_CW_KEY_EXCH_A)
{
@ -1440,7 +1445,9 @@ static int ssl3_send_client_verify(SSL *s)
unsigned char *p,*d;
unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
EVP_PKEY *pkey;
#ifndef NO_RSA
int i=0;
#endif
unsigned long n;
#ifndef NO_DSA
int j;
@ -1590,8 +1597,12 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
long algs;
EVP_PKEY *pkey=NULL;
CERT *c;
#ifndef NO_RSA
RSA *rsa;
#endif
#ifndef NO_DH
DH *dh;
#endif
c=s->session->cert;
@ -1607,8 +1618,12 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
if (algs & (SSL_aDH|SSL_aNULL))
return(1);
#ifndef NO_RSA
rsa=s->session->cert->rsa_tmp;
#endif
#ifndef NO_DH
dh=s->session->cert->dh_tmp;
#endif
/* This is the passed certificate */
@ -1631,15 +1646,16 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
goto f_err;
}
#endif
#ifndef NO_RSA
if ((algs & SSL_kRSA) &&
!(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
goto f_err;
}
#endif
#ifndef NO_DH
else if ((algs & SSL_kEDH) &&
if ((algs & SSL_kEDH) &&
!(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);

2
ssl/s3_srvr.c
View File

@ -1183,8 +1183,10 @@ static int ssl3_get_client_key_exchange(SSL *s)
long n;
unsigned long l;
unsigned char *p;
#ifndef NO_RSA
RSA *rsa=NULL;
EVP_PKEY *pkey=NULL;
#endif
#ifndef NO_DH
BIGNUM *pub=NULL;
DH *dh_srvr;

12
ssl/ssl.h
View File

@ -852,7 +852,9 @@ int SSL_get_verify_mode(SSL *s);
int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *);
void SSL_set_verify(SSL *s, int mode,
int (*callback)(int ok,X509_STORE_CTX *ctx));
#ifndef NO_RSA
int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
#endif
int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
@ -912,7 +914,9 @@ int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *);
void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,
int (*callback)(int, X509_STORE_CTX *));
void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(),char *arg);
#ifndef NO_RSA
int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
#endif
int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx,
@ -1046,17 +1050,21 @@ int SSL_get_ex_data_X509_STORE_CTX_idx(void );
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,0,NULL)
/* NB: the keylength is only applicable when export is true */
#ifndef NO_RSA
void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
RSA *(*cb)(SSL *ssl,int export,
int keylength));
void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
DH *(*dh)(SSL *ssl,int export,int keylength));
void SSL_set_tmp_rsa_callback(SSL *ssl,
RSA *(*cb)(SSL *ssl,int export,
int keylength));
#endif
#ifndef NO_DH
void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
DH *(*dh)(SSL *ssl,int export,int keylength));
void SSL_set_tmp_dh_callback(SSL *ssl,
DH *(*dh)(SSL *ssl,int export,int keylength));
#endif
#ifdef HEADER_COMP_H
int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);

3
ssl/ssl3.h
View File

@ -322,8 +322,9 @@ typedef struct ssl3_ctx_st
/* used to hold the new cipher we are going to use */
SSL_CIPHER *new_cipher;
#ifndef NO_DH
DH *dh;
#endif
/* used when SSL_ST_FLUSH_DATA is entered */
int next_state;

14
ssl/ssl_lib.c
View File

@ -1762,9 +1762,17 @@ int SSL_want(SSL *s)
* \param cb the callback
*/
#ifndef NO_RSA
void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,int export,
int keylength))
{ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb); }
#endif
#ifndef NO_RSA
void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,int export,
int keylength))
{ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb); }
#endif
#ifdef DOXYGEN
/*!
@ -1787,17 +1795,15 @@ RSA *cb(SSL *ssl,int export,int keylength)
* \param dh the callback
*/
#ifndef NO_DH
void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int export,
int keylength))
{ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,0,(char *)dh); }
void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,int export,
int keylength))
{ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb); }
void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int export,
int keylength))
{ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,0,(char *)dh); }
#endif
#if defined(_WINDLL) && defined(WIN16)
#include "../crypto/bio/bss_file.c"

7
ssl/ssl_locl.h
View File

@ -273,15 +273,18 @@ typedef struct cert_st
int valid;
unsigned long mask;
unsigned long export_mask;
#ifndef NO_RSA
RSA *rsa_tmp;
RSA *(*rsa_tmp_cb)(SSL *ssl,int export,int keysize);
#endif
#ifndef NO_DH
DH *dh_tmp;
/* FIXME: Although rsa_tmp and dh_tmp are properties of the cert,
callbacks probably aren't, and besides only the context default
cert's callbacks are actually used. Too close to a release to fix
this now - Ben 6 Mar 1999 */
RSA *(*rsa_tmp_cb)(SSL *ssl,int export,int keysize);
DH *(*dh_tmp_cb)(SSL *ssl,int export,int keysize);
#endif
CERT_PKEY pkeys[SSL_PKEY_NUM];
STACK_OF(X509) *cert_chain;

14
ssl/ssltest.c
View File

@ -70,12 +70,18 @@
#include "../crypto/bio/bss_file.c"
#endif
#if defined(NO_RSA) && !defined(NO_SSL2)
#define NO_SSL2
#endif
#define TEST_SERVER_CERT "../apps/server.pem"
#define TEST_CLIENT_CERT "../apps/client.pem"
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
#ifndef NO_RSA
static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int export,int keylength);
#ifndef NO_DSA
#endif
#ifndef NO_DH
static DH *get_dh512(void);
#endif
BIO *bio_err=NULL;
@ -710,6 +716,7 @@ static DH *get_dh512(void)
}
#endif
#ifndef NO_RSA
static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int export, int keylength)
{
static RSA *rsa_tmp=NULL;
@ -718,13 +725,10 @@ static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int export, int keylength)
{
BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
BIO_flush(bio_err);
#ifndef NO_RSA
rsa_tmp=RSA_generate_key(keylength,RSA_F4,NULL,NULL);
#endif
BIO_printf(bio_err,"\n");
BIO_flush(bio_err);
}
return(rsa_tmp);
}
#endif