mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-31 20:10:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove RSA SSLv23 padding mode

Browse Source 
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14248)
This commit is contained in:
Rich Salz 2021-02-22 12:55:25 -05:00 committed by Tomas Mraz
parent d546e8e267
commit b0aae91324
21 changed files with 16 additions and 280 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
CHANGES.md
View File

@ -77,6 +77,13 @@ OpenSSL 3.0
*Tomáš Mráz*
* Removed RSA padding mode for SSLv23 (which was only used for
SSLv2). This includes the functions RSA_padding_check_SSLv23() and
RSA_padding_add_SSLv23() and the `-ssl` option in the deprecated
`rsautl` command.
*Rich Salz*
* Deprecated the obsolete X9.31 RSA key generation related functions
BN_X931_generate_Xpq(), BN_X931_derive_prime_ex(), and
BN_X931_generate_prime_ex().

6
apps/rsautl.c
View File

@ -28,7 +28,7 @@
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
OPT_ENGINE, OPT_IN, OPT_OUT, OPT_ASN1PARSE, OPT_HEXDUMP,
OPT_RSA_RAW, OPT_OAEP, OPT_SSL, OPT_PKCS, OPT_X931,
OPT_RSA_RAW, OPT_OAEP, OPT_PKCS, OPT_X931,
OPT_SIGN, OPT_VERIFY, OPT_REV, OPT_ENCRYPT, OPT_DECRYPT,
OPT_PUBIN, OPT_CERTIN, OPT_INKEY, OPT_PASSIN, OPT_KEYFORM,
OPT_R_ENUM, OPT_PROV_ENUM
@ -56,7 +56,6 @@ const OPTIONS rsautl_options[] = {
OPT_SECTION("Output"),
{"out", OPT_OUT, '>', "Output file"},
{"ssl", OPT_SSL, '-', "Use SSL v2 padding"},
{"raw", OPT_RSA_RAW, '-', "Use no padding"},
{"pkcs", OPT_PKCS, '-', "Use PKCS#1 v1.5 padding (default)"},
{"x931", OPT_X931, '-', "Use ANSI X9.31 padding"},
@ -123,9 +122,6 @@ int rsautl_main(int argc, char **argv)
case OPT_OAEP:
pad = RSA_PKCS1_OAEP_PADDING;
break;
case OPT_SSL:
pad = RSA_SSLV23_PADDING;
break;
case OPT_PKCS:
pad = RSA_PKCS1_PADDING;
break;

1
crypto/evp/ctrl_params_translate.c
View File

@ -1186,7 +1186,6 @@ static int fix_rsa_padding_mode(enum state state,
{
static const OSSL_ITEM str_value_map[] = {
{ RSA_PKCS1_PADDING, "pkcs1" },
{ RSA_SSLV23_PADDING, "sslv23" },
{ RSA_NO_PADDING, "none" },
{ RSA_PKCS1_OAEP_PADDING, "oaep" },
{ RSA_PKCS1_OAEP_PADDING, "oeap" },

2
crypto/rsa/build.info
View File

@ -7,7 +7,7 @@ $COMMON=rsa_ossl.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_pk1.c \
SOURCE[../../libcrypto]=$COMMON\
rsa_saos.c rsa_err.c rsa_asn1.c rsa_ameth.c rsa_prn.c \
rsa_pmeth.c rsa_meth.c rsa_mp.c rsa_ssl.c
rsa_pmeth.c rsa_meth.c rsa_mp.c
IF[{- !$disabled{'deprecated-0.9.8'} -}]
SOURCE[../../libcrypto]=rsa_depr.c
ENDIF

3
crypto/rsa/rsa_local.h
View File

@ -195,9 +195,6 @@ int ossl_rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test,
int nbits, const BIGNUM *e, BN_CTX *ctx,
BN_GENCB *cb);
int ossl_rsa_padding_add_SSLv23_ex(OSSL_LIB_CTX *libctx, unsigned char *to,
int tlen, const unsigned char *from,
int flen);
int ossl_rsa_padding_add_PKCS1_type_2_ex(OSSL_LIB_CTX *libctx, unsigned char *to,
int tlen, const unsigned char *from,
int flen);

11
crypto/rsa/rsa_ossl.c
View File

@ -119,11 +119,6 @@ static int rsa_ossl_public_encrypt(int flen, const unsigned char *from,
from, flen, NULL, 0,
NULL, NULL);
break;
#ifndef FIPS_MODULE
case RSA_SSLV23_PADDING:
i = ossl_rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen);
break;
#endif
case RSA_NO_PADDING:
i = RSA_padding_add_none(buf, num, from, flen);
break;
@ -278,7 +273,6 @@ static int rsa_ossl_private_encrypt(int flen, const unsigned char *from,
case RSA_NO_PADDING:
i = RSA_padding_add_none(buf, num, from, flen);
break;
case RSA_SSLV23_PADDING:
default:
ERR_raise(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
@ -487,11 +481,6 @@ static int rsa_ossl_private_decrypt(int flen, const unsigned char *from,
case RSA_PKCS1_OAEP_PADDING:
r = RSA_padding_check_PKCS1_OAEP(to, num, buf, j, num, NULL, 0);
break;
#ifndef FIPS_MODULE
case RSA_SSLV23_PADDING:
r = RSA_padding_check_SSLv23(to, num, buf, j, num);
break;
#endif
case RSA_NO_PADDING:
memcpy(to, buf, (r = j));
break;

2
crypto/rsa/rsa_pmeth.c
View File

@ -604,8 +604,6 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
if (strcmp(value, "pkcs1") == 0) {
pm = RSA_PKCS1_PADDING;
} else if (strcmp(value, "sslv23") == 0) {
pm = RSA_SSLV23_PADDING;
} else if (strcmp(value, "none") == 0) {
pm = RSA_NO_PADDING;
} else if (strcmp(value, "oeap") == 0) {

189
crypto/rsa/rsa_ssl.c
View File

@ -1,189 +0,0 @@
/*
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* RSA low level APIs are deprecated for public use, but still ok for
* internal use.
*/
#include "internal/deprecated.h"
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/rand.h>
#include "internal/constant_time.h"
#include "rsa_local.h"
int ossl_rsa_padding_add_SSLv23_ex(OSSL_LIB_CTX *libctx, unsigned char *to,
int tlen, const unsigned char *from,
int flen)
{
int i, j;
unsigned char *p;
if (flen > (tlen - RSA_PKCS1_PADDING_SIZE)) {
ERR_raise(ERR_LIB_RSA, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
return 0;
}
p = (unsigned char *)to;
*(p++) = 0;
*(p++) = 2; /* Public Key BT (Block Type) */
/* pad out with non-zero random data */
j = tlen - 3 - 8 - flen;
if (RAND_bytes_ex(libctx, p, j) <= 0)
return 0;
for (i = 0; i < j; i++) {
if (*p == '\0')
do {
if (RAND_bytes_ex(libctx, p, 1) <= 0)
return 0;
} while (*p == '\0');
p++;
}
memset(p, 3, 8);
p += 8;
*(p++) = '\0';
memcpy(p, from, (unsigned int)flen);
return 1;
}
int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
const unsigned char *from, int flen)
{
return ossl_rsa_padding_add_SSLv23_ex(NULL, to, tlen, from, flen);
}
/*
* Copy of RSA_padding_check_PKCS1_type_2 with a twist that rejects padding
* if nul delimiter is preceded by 8 consecutive 0x03 bytes. It also
* preserves error code reporting for backward compatibility.
*/
int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
const unsigned char *from, int flen, int num)
{
int i;
/* |em| is the encoded message, zero-padded to exactly |num| bytes */
unsigned char *em = NULL;
unsigned int good, found_zero_byte, mask, threes_in_row;
int zero_index = 0, msg_index, mlen = -1, err;
if (tlen <= 0 || flen <= 0)
return -1;
if (flen > num || num < RSA_PKCS1_PADDING_SIZE) {
ERR_raise(ERR_LIB_RSA, RSA_R_DATA_TOO_SMALL);
return -1;
}
em = OPENSSL_malloc(num);
if (em == NULL) {
ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE);
return -1;
}
/*
* Caller is encouraged to pass zero-padded message created with
* BN_bn2binpad. Trouble is that since we can't read out of |from|'s
* bounds, it's impossible to have an invariant memory access pattern
* in case |from| was not zero-padded in advance.
*/
for (from += flen, em += num, i = 0; i < num; i++) {
mask = ~constant_time_is_zero(flen);
flen -= 1 & mask;
from -= 1 & mask;
*--em = *from & mask;
}
good = constant_time_is_zero(em[0]);
good &= constant_time_eq(em[1], 2);
err = constant_time_select_int(good, 0, RSA_R_BLOCK_TYPE_IS_NOT_02);
mask = ~good;
/* scan over padding data */
found_zero_byte = 0;
threes_in_row = 0;
for (i = 2; i < num; i++) {
unsigned int equals0 = constant_time_is_zero(em[i]);
zero_index = constant_time_select_int(~found_zero_byte & equals0,
i, zero_index);
found_zero_byte |= equals0;
threes_in_row += 1 & ~found_zero_byte;
threes_in_row &= found_zero_byte | constant_time_eq(em[i], 3);
}
/*
* PS must be at least 8 bytes long, and it starts two bytes into |em|.
* If we never found a 0-byte, then |zero_index| is 0 and the check
* also fails.
*/
good &= constant_time_ge(zero_index, 2 + 8);
err = constant_time_select_int(mask | good, err,
RSA_R_NULL_BEFORE_BLOCK_MISSING);
mask = ~good;
/*
* Reject if nul delimiter is preceded by 8 consecutive 0x03 bytes. Note
* that RFC5246 incorrectly states this the other way around, i.e. reject
* if it is not preceded by 8 consecutive 0x03 bytes. However this is
* corrected in subsequent errata for that RFC.
*/
good &= constant_time_lt(threes_in_row, 8);
err = constant_time_select_int(mask | good, err,
RSA_R_SSLV3_ROLLBACK_ATTACK);
mask = ~good;
/*
* Skip the zero byte. This is incorrect if we never found a zero-byte
* but in this case we also do not copy the message out.
*/
msg_index = zero_index + 1;
mlen = num - msg_index;
/*
* For good measure, do this check in constant time as well.
*/
good &= constant_time_ge(tlen, mlen);
err = constant_time_select_int(mask | good, err, RSA_R_DATA_TOO_LARGE);
/*
* Move the result in-place by |num|-RSA_PKCS1_PADDING_SIZE-|mlen| bytes to the left.
* Then if |good| move |mlen| bytes from |em|+RSA_PKCS1_PADDING_SIZE to |to|.
* Otherwise leave |to| unchanged.
* Copy the memory back in a way that does not reveal the size of
* the data being copied via a timing side channel. This requires copying
* parts of the buffer multiple times based on the bits set in the real
* length. Clear bits do a non-copy with identical access pattern.
* The loop below has overall complexity of O(N*log(N)).
*/
tlen = constant_time_select_int(constant_time_lt(num - RSA_PKCS1_PADDING_SIZE, tlen),
num - RSA_PKCS1_PADDING_SIZE, tlen);
for (msg_index = 1; msg_index < num - RSA_PKCS1_PADDING_SIZE; msg_index <<= 1) {
mask = ~constant_time_eq(msg_index & (num - RSA_PKCS1_PADDING_SIZE - mlen), 0);
for (i = RSA_PKCS1_PADDING_SIZE; i < num - msg_index; i++)
em[i] = constant_time_select_8(mask, em[i + msg_index], em[i]);
}
for (i = 0; i < tlen; i++) {
mask = good & constant_time_lt(i, mlen);
to[i] = constant_time_select_8(mask, em[i + RSA_PKCS1_PADDING_SIZE], to[i]);
}
OPENSSL_clear_free(em, num);
ERR_raise(ERR_LIB_RSA, err);
err_clear_last_constant_time(1 & good);
return constant_time_select_int(good, mlen, -1);
}

2
doc/man1/openssl-pkeyutl.pod.in
View File

@ -236,7 +236,7 @@ B<pkeyopt> values are supported:
=item B<rsa_padding_mode:>I<mode>
This sets the RSA padding mode. Acceptable values for I<mode> are B<pkcs1> for
PKCS#1 padding, B<sslv23> for SSLv23 padding, B<none> for no padding, B<oaep>
PKCS#1 padding, B<none> for no padding, B<oaep>
for B<OAEP> mode, B<x931> for X9.31 mode and B<pss> for PSS.
In PKCS#1 padding if the message digest is not set then the supplied data is

10
doc/man1/openssl-rsautl.pod.in
View File

@ -24,10 +24,6 @@ B<openssl> B<rsautl>
[B<-pkcs>]
[B<-x931>]
[B<-oaep>]
[B<-ssl>]
[B<-raw>]
[B<-pkcs>]
[B<-ssl>]
[B<-raw>]
[B<-hexdump>]
[B<-asn1parse>]
@ -106,12 +102,10 @@ Encrypt the input data using an RSA public key.
Decrypt the input data using an RSA private key.
=item B<-pkcs>, B<-oaep>, B<-x931> B<-ssl>, B<-raw>
=item B<-pkcs>, B<-oaep>, B<-x931> B<-raw>
The padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP,
ANSI X9.31,
special padding used in SSL v2 backwards compatible handshakes,
or no padding, respectively.
ANSI X9.31, or no padding, respectively.
For signatures, only B<-pkcs> and B<-raw> can be used.
=item B<-hexdump>

2
doc/man3/EVP_PKEY_CTX_ctrl.pod
View File

@ -249,7 +249,7 @@ terminating NUL byte.
EVP_PKEY_CTX_set_rsa_padding() sets the RSA padding mode for I<ctx>.
The I<pad> parameter can take the value B<RSA_PKCS1_PADDING> for PKCS#1
padding, B<RSA_SSLV23_PADDING> for SSLv23 padding, B<RSA_NO_PADDING> for
padding, B<RSA_NO_PADDING> for
no padding, B<RSA_PKCS1_OAEP_PADDING> for OAEP padding (encrypt and
decrypt only), B<RSA_X931_PADDING> for X9.31 padding (signature operations
only), B<RSA_PKCS1_PSS_PADDING> (sign and verify only) and

11
doc/man3/RSA_padding_add_PKCS1_type_1.pod
View File

@ -6,7 +6,6 @@ RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1,
RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2,
RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP,
RSA_padding_add_PKCS1_OAEP_mgf1, RSA_padding_check_PKCS1_OAEP_mgf1,
RSA_padding_add_SSLv23, RSA_padding_check_SSLv23,
RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption
padding
@ -48,12 +47,6 @@ L<openssl_user_macros(7)>:
const unsigned char *p, int pl,
const EVP_MD *md, const EVP_MD *mgf1md);
int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
const unsigned char *f, int fl);
int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
const unsigned char *f, int fl, int rsa_len);
int RSA_padding_add_none(unsigned char *to, int tlen,
const unsigned char *f, int fl);
@ -95,10 +88,6 @@ PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)
PKCS #1 v2.0 EME-OAEP
=item SSLv23
PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification
=item none
simply copy the data

5
doc/man3/RSA_public_encrypt.pod
View File

@ -43,11 +43,6 @@ new applications. SEE WARNING BELOW.
EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty
encoding parameter. This mode is recommended for all new applications.
=item RSA_SSLV23_PADDING
PKCS #1 v1.5 padding with an SSL-specific modification that denotes
that the server is SSL3 capable.
=item RSA_NO_PADDING
Raw RSA encryption. This mode should I<only> be used to implement

2
doc/man7/EVP_SIGNATURE-RSA.pod
View File

@ -34,8 +34,6 @@ The type of padding to be used. Its value can be one of the following:
=item "pkcs1" (B<OSSL_PKEY_RSA_PAD_MODE_PKCSV15>)
=item "sslv23" (B<OSSL_PKEY_RSA_PAD_MODE_SSLV23>)
=item "x931" (B<OSSL_PKEY_RSA_PAD_MODE_X931>)
=item "pss" (B<OSSL_PKEY_RSA_PAD_MODE_PSS>)

2
doc/man7/provider-asym_cipher.pod
View File

@ -183,7 +183,7 @@ algorithms:
The type of padding to be used. The interpretation of this value will depend
on the algorithm in use. The default provider understands these RSA padding
modes: 1 (RSA_PKCS1_PADDING), 2 (RSA_SSLV23_PADDING), 3 (RSA_NO_PADDING),
modes: 1 (RSA_PKCS1_PADDING), 3 (RSA_NO_PADDING),
4 (RSA_PKCS1_OAEP_PADDING), 5 (RSA_X931_PADDING), 6 (RSA_PKCS1_PSS_PADDING) and
7 (RSA_PKCS1_WITH_TLS_PADDING). See L<EVP_PKEY_CTX_set_rsa_padding(3)> for
further details.

1
include/openssl/core_names.h
View File

@ -384,7 +384,6 @@ extern "C" {
/* RSA padding modes */
#define OSSL_PKEY_RSA_PAD_MODE_NONE "none"
#define OSSL_PKEY_RSA_PAD_MODE_PKCSV15 "pkcs1"
#define OSSL_PKEY_RSA_PAD_MODE_SSLV23 "sslv23"
#define OSSL_PKEY_RSA_PAD_MODE_OAEP "oaep"
#define OSSL_PKEY_RSA_PAD_MODE_X931 "x931"
#define OSSL_PKEY_RSA_PAD_MODE_PSS "pss"

8
include/openssl/rsa.h
View File

@ -184,7 +184,6 @@ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
# define EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES (EVP_PKEY_ALG_CTRL + 13)
# define RSA_PKCS1_PADDING 1
# define RSA_SSLV23_PADDING 2
# define RSA_NO_PADDING 3
# define RSA_PKCS1_OAEP_PADDING 4
# define RSA_X931_PADDING 5
@ -405,13 +404,6 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
int num,
const unsigned char *param, int plen,
const EVP_MD *md, const EVP_MD *mgf1md);
OSSL_DEPRECATEDIN_3_0
int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
const unsigned char *f, int fl);
OSSL_DEPRECATEDIN_3_0
int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
const unsigned char *f, int fl,
int rsa_len);
OSSL_DEPRECATEDIN_3_0 int RSA_padding_add_none(unsigned char *to, int tlen,
const unsigned char *f, int fl);
OSSL_DEPRECATEDIN_3_0 int RSA_padding_check_none(unsigned char *to, int tlen,

1
providers/implementations/asymciphers/rsa_enc.c
View File

@ -47,7 +47,6 @@ static OSSL_FUNC_asym_cipher_settable_ctx_params_fn rsa_settable_ctx_params;
static OSSL_ITEM padding_item[] = {
{ RSA_PKCS1_PADDING, OSSL_PKEY_RSA_PAD_MODE_PKCSV15 },
{ RSA_SSLV23_PADDING, OSSL_PKEY_RSA_PAD_MODE_SSLV23 },
{ RSA_NO_PADDING, OSSL_PKEY_RSA_PAD_MODE_NONE },
{ RSA_PKCS1_OAEP_PADDING, OSSL_PKEY_RSA_PAD_MODE_OAEP }, /* Correct spelling first */
{ RSA_PKCS1_OAEP_PADDING, "oeap" },

4
providers/implementations/signature/rsa.c
View File

@ -61,7 +61,6 @@ static OSSL_FUNC_signature_settable_ctx_md_params_fn rsa_settable_ctx_md_params;
static OSSL_ITEM padding_item[] = {
{ RSA_PKCS1_PADDING, OSSL_PKEY_RSA_PAD_MODE_PKCSV15 },
{ RSA_SSLV23_PADDING, OSSL_PKEY_RSA_PAD_MODE_SSLV23 },
{ RSA_NO_PADDING, OSSL_PKEY_RSA_PAD_MODE_NONE },
{ RSA_X931_PADDING, OSSL_PKEY_RSA_PAD_MODE_X931 },
{ RSA_PKCS1_PSS_PADDING, OSSL_PKEY_RSA_PAD_MODE_PSS },
@ -1187,9 +1186,6 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
case RSA_PKCS1_PADDING:
err_extra_text = "PKCS#1 padding not allowed with RSA-PSS";
goto cont;
case RSA_SSLV23_PADDING:
err_extra_text = "SSLv3 padding not allowed with RSA-PSS";
goto cont;
case RSA_NO_PADDING:
err_extra_text = "No padding not allowed with RSA-PSS";
goto cont;

23
test/rsa_test.c
View File

@ -278,28 +278,6 @@ static int test_rsa_pkcs1(int idx)
NULL, NULL);
}
static int test_rsa_sslv23(int idx)
{
int ret;
/* Simulate an SSLv2 only client talking to a TLS capable server */
ret = test_rsa_simple(idx, RSA_PKCS1_PADDING, RSA_SSLV23_PADDING, 1, NULL,
NULL, NULL);
/* Simulate a TLS capable client talking to an SSLv2 only server */
ret &= test_rsa_simple(idx, RSA_SSLV23_PADDING, RSA_PKCS1_PADDING, 1, NULL,
NULL, NULL);
/*
* Simulate a TLS capable client talking to a TLS capable server. Should
* fail due to detecting a rollback attack.
*/
ret &= test_rsa_simple(idx, RSA_SSLV23_PADDING, RSA_SSLV23_PADDING, 0, NULL,
NULL, NULL);
return ret;
}
static int test_rsa_oaep(int idx)
{
int ret = 0;
@ -411,7 +389,6 @@ err:
int setup_tests(void)
{
ADD_ALL_TESTS(test_rsa_pkcs1, 3);
ADD_ALL_TESTS(test_rsa_sslv23, 3);
ADD_ALL_TESTS(test_rsa_oaep, 3);
ADD_ALL_TESTS(test_rsa_security_bit, OSSL_NELEM(rsa_security_bits_cases));
return 1;

4
util/libcrypto.num
View File

@ -1392,7 +1392,7 @@ EVP_PBE_get 1424 3_0_0 EXIST::FUNCTION:
CRYPTO_nistcts128_encrypt 1425 3_0_0 EXIST::FUNCTION:
CONF_modules_finish 1426 3_0_0 EXIST::FUNCTION:
BN_value_one 1427 3_0_0 EXIST::FUNCTION:
RSA_padding_add_SSLv23 1428 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
RSA_padding_add_SSLv23 1428 3_0_0 NOEXIST::FUNCTION:DEPRECATEDIN_3_0
OCSP_RESPBYTES_it 1429 3_0_0 EXIST::FUNCTION:OCSP
EVP_aes_192_wrap 1430 3_0_0 EXIST::FUNCTION:
OCSP_CERTID_it 1431 3_0_0 EXIST::FUNCTION:OCSP
@ -3302,7 +3302,7 @@ PKCS7_ENVELOPE_new 3369 3_0_0 EXIST::FUNCTION:
EDIPARTYNAME_new 3370 3_0_0 EXIST::FUNCTION:
CMS_add1_cert 3371 3_0_0 EXIST::FUNCTION:CMS
DSO_convert_filename 3372 3_0_0 EXIST::FUNCTION:
RSA_padding_check_SSLv23 3373 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
RSA_padding_check_SSLv23 3373 3_0_0 NOEXIST::FUNCTION:DEPRECATEDIN_3_0
CRYPTO_gcm128_finish 3374 3_0_0 EXIST::FUNCTION:
PKCS12_SAFEBAGS_it 3375 3_0_0 EXIST::FUNCTION:
PKCS12_PBE_add 3376 3_0_0 EXIST::FUNCTION: