int main(int Argc, char *ARGV[])
{
ARGS arg;
#define PROG_NAME_SIZE 39
char pname[PROG_NAME_SIZE+1];
FUNCTION f,*fp;
MS_STATIC const char *prompt;
MS_STATIC char buf[1024];
char *to_free=NULL;
int n,i,ret=0;
int argc;
char **argv,*p;
LHASH_OF(FUNCTION) *prog=NULL;
long errline;
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
/* 2011-03-22 SMS.
* If we have 32-bit pointers everywhere, then we're safe, and
* we bypass this mess, as on non-VMS systems. (See ARGV,
* above.)
* Problem 1: Compaq/HP C before V7.3 always used 32-bit
* pointers for argv[].
* Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
* everywhere else, we always allocate and use a 64-bit
* duplicate of argv[].
* Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
* to NULL-terminate a 64-bit argv[]. (As this was written, the
* compiler ECO was available only on IA64.)
* Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
* 64-bit argv[argc] for NULL, and, if necessary, use a
* (properly) NULL-terminated (64-bit) duplicate of argv[].
* The same code is used in either case to duplicate argv[].
* Some of these decisions could be handled in preprocessing,
* but the code tends to get even uglier, and the penalty for
* deciding at compile- or run-time is tiny.
*/
char **Argv = NULL;
int free_Argv = 0;
if ((sizeof( _Argv) < 8) /* 32-bit argv[]. */
# if !defined( VMS_TRUST_ARGV)
|| (_Argv[ Argc] != NULL) /* Untrusted argv[argc] not NULL. */
# endif
)
{
int i;
Argv = OPENSSL_malloc( (Argc+ 1)* sizeof( char *));
if (Argv == NULL)
{ ret = -1; goto end; }
for(i = 0; i < Argc; i++)
Argv[i] = _Argv[i];
Argv[ Argc] = NULL; /* Certain NULL termination. */
free_Argv = 1;
}
else
{
/* Use the known-good 32-bit argv[] (which needs the
* type cast to satisfy the compiler), or the trusted or
* tested-good 64-bit argv[] as-is. */
Argv = (char **)_Argv;
}
#endif /* defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64) */
arg.data=NULL;
arg.count=0;
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) /* if not defined, use compiled-in library defaults */
{
if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))
{
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
}
else
{
/* OPENSSL_DEBUG_MEMORY=off */
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
}
}
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
#if 0
if (getenv("OPENSSL_DEBUG_LOCKING") != NULL)
#endif
{
CRYPTO_set_locking_callback(lock_dbg_cb);
}
if(getenv("OPENSSL_FIPS")) {
#ifdef OPENSSL_FIPS
if (!FIPS_mode_set(1)) {
ERR_load_crypto_strings();
ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
EXIT(1);
}
#else
fprintf(stderr, "FIPS mode not supported.\n");
EXIT(1);
#endif
}
apps_startup();
/* Lets load up our environment a little */
p=getenv("OPENSSL_CONF");
if (p == NULL)
p=getenv("SSLEAY_CONF");
if (p == NULL)
p=to_free=make_config_name();
default_config_file=p;
config=NCONF_new(NULL);
i=NCONF_load(config,p,&errline);
if (i == 0)
{
if (ERR_GET_REASON(ERR_peek_last_error())
== CONF_R_NO_SUCH_FILE)
{
BIO_printf(bio_err,
"WARNING: can't open config file: %s\n",p);
ERR_clear_error();
NCONF_free(config);
config = NULL;
}
else
{
ERR_print_errors(bio_err);
NCONF_free(config);
exit(1);
}
}
prog=prog_init();
/* first check the program name */
program_name(Argv[0],pname,sizeof pname);
f.name=pname;
fp=lh_FUNCTION_retrieve(prog,&f);
if (fp != NULL)
{
Argv[0]=pname;
ret=fp->func(Argc,Argv);
goto end;
}
/* ok, now check that there are not arguments, if there are,
* run with them, shifting the ssleay off the front */
if (Argc != 1)
{
Argc--;
Argv++;
ret=do_cmd(prog,Argc,Argv);
if (ret < 0) ret=0;
goto end;
}
/* ok, lets enter the old 'OpenSSL>' mode */
for (;;)
{
ret=0;
p=buf;
n=sizeof buf;
i=0;
for (;;)
{
p[0]='\0';
if (i++)
prompt=">";
else prompt="OpenSSL> ";
fputs(prompt,stdout);
fflush(stdout);
if (!fgets(p,n,stdin))
goto end;
if (p[0] == '\0') goto end;
i=strlen(p);
if (i <= 1) break;
if (p[i-2] != '\\') break;
i-=2;
p+=i;
n-=i;
}
if (!chopup_args(&arg,buf,&argc,&argv)) break;
ret=do_cmd(prog,argc,argv);
if (ret < 0)
{
ret=0;
goto end;
}
if (ret != 0)
BIO_printf(bio_err,"error in %s\n",argv[0]);
(void)BIO_flush(bio_err);
}
BIO_printf(bio_err,"bad exit\n");
ret=1;
end:
if (to_free)
OPENSSL_free(to_free);
if (config != NULL)
{
NCONF_free(config);
config=NULL;
}
if (prog != NULL) lh_FUNCTION_free(prog);
if (arg.data != NULL) OPENSSL_free(arg.data);
apps_shutdown();
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
{
BIO_free(bio_err);
bio_err=NULL;
}
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
/* Free any duplicate Argv[] storage. */
if (free_Argv)
{
OPENSSL_free(Argv);
}
#endif
OPENSSL_EXIT(ret);
}
int main(int Argc, char *Argv[])
{
ARGS arg;
#define PROG_NAME_SIZE 39
char pname[PROG_NAME_SIZE+1];
FUNCTION f,*fp;
MS_STATIC const char *prompt;
MS_STATIC char buf[1024];
char *to_free=NULL;
int n,i,ret=0;
int argc;
char **argv,*p;
LHASH *prog=NULL;
long errline;
arg.data=NULL;
arg.count=0;
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) /* if not defined, use compiled-in library defaults */
{
if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))
{
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
}
else
{
/* OPENSSL_DEBUG_MEMORY=off */
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
}
}
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
#if 0
if (getenv("OPENSSL_DEBUG_LOCKING") != NULL)
#endif
{
CRYPTO_set_locking_callback(lock_dbg_cb);
}
apps_startup();
/* Lets load up our environment a little */
p=getenv("OPENSSL_CONF");
if (p == NULL)
p=getenv("SSLEAY_CONF");
if (p == NULL)
p=to_free=make_config_name();
default_config_file=p;
config=NCONF_new(NULL);
i=NCONF_load(config,p,&errline);
if (i == 0)
{
NCONF_free(config);
config = NULL;
ERR_clear_error();
}
prog=prog_init();
/* first check the program name */
program_name(Argv[0],pname,sizeof pname);
f.name=pname;
fp=(FUNCTION *)lh_retrieve(prog,&f);
if (fp != NULL)
{
Argv[0]=pname;
ret=fp->func(Argc,Argv);
goto end;
}
/* ok, now check that there are not arguments, if there are,
* run with them, shifting the ssleay off the front */
if (Argc != 1)
{
Argc--;
Argv++;
ret=do_cmd(prog,Argc,Argv);
if (ret < 0) ret=0;
goto end;
}
/* ok, lets enter the old 'OpenSSL>' mode */
for (;;)
{
ret=0;
p=buf;
n=sizeof buf;
i=0;
for (;;)
{
p[0]='\0';
if (i++)
prompt=">";
else prompt="OpenSSL> ";
fputs(prompt,stdout);
fflush(stdout);
fgets(p,n,stdin);
if (p[0] == '\0') goto end;
i=strlen(p);
if (i <= 1) break;
if (p[i-2] != '\\') break;
i-=2;
p+=i;
n-=i;
}
if (!chopup_args(&arg,buf,&argc,&argv)) break;
ret=do_cmd(prog,argc,argv);
if (ret < 0)
{
ret=0;
goto end;
}
if (ret != 0)
BIO_printf(bio_err,"error in %s\n",argv[0]);
(void)BIO_flush(bio_err);
}
BIO_printf(bio_err,"bad exit\n");
ret=1;
end:
if (to_free)
OPENSSL_free(to_free);
if (config != NULL)
{
NCONF_free(config);
config=NULL;
}
if (prog != NULL) lh_free(prog);
if (arg.data != NULL) OPENSSL_free(arg.data);
apps_shutdown();
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
{
BIO_free(bio_err);
bio_err=NULL;
}
OPENSSL_EXIT(ret);
}
int main(int argc, char **argv)
{
JPAKE_CTX *alice;
JPAKE_CTX *bob;
BIGNUM *p = NULL;
BIGNUM *g = NULL;
BIGNUM *q = NULL;
BIGNUM *secret = BN_new();
BIO *bio_err;
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
/*
BN_hex2bn(&p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7");
BN_hex2bn(&g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a");
BN_hex2bn(&q, "9760508f15230bccb292b982a2eb840bf0581cf5");
*/
/*
p = BN_new();
BN_generate_prime(p, 1024, 1, NULL, NULL, NULL, NULL);
*/
/* Use a safe prime for p (that we found earlier) */
BN_hex2bn(&p, "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");
showbn("p", p);
g = BN_new();
BN_set_word(g, 2);
showbn("g", g);
q = BN_new();
BN_rshift1(q, p);
showbn("q", q);
BN_rand(secret, 32, -1, 0);
/* A normal run, expect this to work... */
alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
if(run_jpake(alice, bob) != 0)
{
fprintf(stderr, "Plain JPAKE run failed\n");
return 1;
}
JPAKE_CTX_free(bob);
JPAKE_CTX_free(alice);
/* Now give Alice and Bob different secrets */
alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
BN_add_word(secret, 1);
bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
if(run_jpake(alice, bob) != 5)
{
fprintf(stderr, "Mismatched secret JPAKE run failed\n");
return 1;
}
JPAKE_CTX_free(bob);
JPAKE_CTX_free(alice);
BN_free(secret);
BN_free(q);
BN_free(g);
BN_free(p);
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);
ERR_free_strings();
CRYPTO_mem_leaks(bio_err);
return 0;
}
int main(int argc, char *argv[])
{
BN_CTX *ctx;
BIO *out = NULL;
int i, ret;
unsigned char c;
BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we
* don't even check its return
* value (which we should) */
ctx = BN_CTX_new();
if (ctx == NULL)
EXIT(1);
r_mont = BN_new();
r_mont_const = BN_new();
r_recp = BN_new();
r_simple = BN_new();
a = BN_new();
b = BN_new();
m = BN_new();
if ((r_mont == NULL) || (r_recp == NULL) || (a == NULL) || (b == NULL))
goto err;
out = BIO_new(BIO_s_file());
if (out == NULL)
EXIT(1);
BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
for (i = 0; i < 200; i++) {
RAND_bytes(&c, 1);
c = (c % BN_BITS) - BN_BITS2;
BN_rand(a, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY);
RAND_bytes(&c, 1);
c = (c % BN_BITS) - BN_BITS2;
BN_rand(b, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY);
RAND_bytes(&c, 1);
c = (c % BN_BITS) - BN_BITS2;
BN_rand(m, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD);
BN_mod(a, a, m, ctx);
BN_mod(b, b, m, ctx);
ret = BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL);
if (ret <= 0) {
printf("BN_mod_exp_mont() problems\n");
ERR_print_errors(out);
EXIT(1);
}
ret = BN_mod_exp_recp(r_recp, a, b, m, ctx);
if (ret <= 0) {
printf("BN_mod_exp_recp() problems\n");
ERR_print_errors(out);
EXIT(1);
}
ret = BN_mod_exp_simple(r_simple, a, b, m, ctx);
if (ret <= 0) {
printf("BN_mod_exp_simple() problems\n");
ERR_print_errors(out);
EXIT(1);
}
ret = BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL);
if (ret <= 0) {
printf("BN_mod_exp_mont_consttime() problems\n");
ERR_print_errors(out);
EXIT(1);
}
if (BN_cmp(r_simple, r_mont) == 0
&& BN_cmp(r_simple, r_recp) == 0
&& BN_cmp(r_simple, r_mont_const) == 0) {
printf(".");
fflush(stdout);
} else {
if (BN_cmp(r_simple, r_mont) != 0)
printf("\nsimple and mont results differ\n");
if (BN_cmp(r_simple, r_mont_const) != 0)
printf("\nsimple and mont const time results differ\n");
if (BN_cmp(r_simple, r_recp) != 0)
printf("\nsimple and recp results differ\n");
printf("a (%3d) = ", BN_num_bits(a));
BN_print(out, a);
printf("\nb (%3d) = ", BN_num_bits(b));
BN_print(out, b);
printf("\nm (%3d) = ", BN_num_bits(m));
BN_print(out, m);
printf("\nsimple =");
BN_print(out, r_simple);
printf("\nrecp =");
BN_print(out, r_recp);
printf("\nmont =");
BN_print(out, r_mont);
printf("\nmont_ct =");
BN_print(out, r_mont_const);
printf("\n");
EXIT(1);
}
}
BN_free(r_mont);
BN_free(r_mont_const);
BN_free(r_recp);
BN_free(r_simple);
BN_free(a);
BN_free(b);
BN_free(m);
BN_CTX_free(ctx);
if (test_exp_mod_zero() != 0)
goto err;
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks(out) <= 0)
goto err;
#endif
BIO_free(out);
printf("\n");
printf("done\n");
EXIT(0);
err:
ERR_print_errors(out);
EXIT(1);
}
int main(int argc, char **argv)
{
DSA *dsa=NULL;
int counter,ret=0,i,j;
unsigned char buf[256];
unsigned long h;
unsigned char sig[256];
unsigned int siglen;
ERR_load_crypto_strings();
RAND_seed(rnd_seed, sizeof rnd_seed);
if (bio_err == NULL)
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
BIO_printf(bio_err,"test generation of DSA parameters\n");
dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err);
BIO_printf(bio_err,"seed\n");
for (i=0; i<20; i+=4)
{
BIO_printf(bio_err,"%02X%02X%02X%02X ",
seed[i],seed[i+1],seed[i+2],seed[i+3]);
}
BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h);
if (dsa == NULL) goto end;
DSA_print(bio_err,dsa,0);
if (counter != 105)
{
BIO_printf(bio_err,"counter should be 105\n");
goto end;
}
if (h != 2)
{
BIO_printf(bio_err,"h should be 2\n");
goto end;
}
i=BN_bn2bin(dsa->q,buf);
j=sizeof(out_q);
if ((i != j) || (memcmp(buf,out_q,i) != 0))
{
BIO_printf(bio_err,"q value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->p,buf);
j=sizeof(out_p);
if ((i != j) || (memcmp(buf,out_p,i) != 0))
{
BIO_printf(bio_err,"p value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->g,buf);
j=sizeof(out_g);
if ((i != j) || (memcmp(buf,out_g,i) != 0))
{
BIO_printf(bio_err,"g value is wrong\n");
goto end;
}
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret=1;
end:
if (!ret)
ERR_print_errors(bio_err);
if (dsa != NULL) DSA_free(dsa);
ERR_remove_state(0);
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
{
BIO_free(bio_err);
bio_err = NULL;
}
exit(!ret);
return(0);
}
int exp_main(int argc, char *argv[])
#endif
{
BN_CTX *ctx;
BIO *out=NULL;
int i,ret;
unsigned char c;
BIGNUM *r_mont,*r_mont_const,*r_recp,*r_simple,*a,*b,*m;
// FILE* temp;
RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
* even check its return value
* (which we should) */
if(errno==ENOMEM)
{
return 1;
}
ERR_load_BN_strings();
if(errno==ENOMEM)
{
return 1;
}
ctx=BN_CTX_new();
if (ctx == NULL)
{
if(errno==ENOMEM)
{
return 1;
}
return 1;
}
r_mont=BN_new();
if(r_mont==NULL&&errno==ENOMEM)
{
return 1;
}
r_mont_const=BN_new();
if(r_mont_const==NULL&&errno==ENOMEM)
{
return 1;
}
r_recp=BN_new();
if(r_recp==NULL&&errno==ENOMEM)
{
return 1;
}
r_simple=BN_new();
if(r_simple==NULL&&errno==ENOMEM)
{
return 1;
}
a=BN_new();
if(a==NULL&&errno==ENOMEM)
{
return 1;
}
b=BN_new();
if(b==NULL&&errno==ENOMEM)
{
return 1;
}
m=BN_new();
if(m==NULL&&errno==ENOMEM)
{
return 1;
}
if ( (r_mont == NULL) || (r_recp == NULL) ||
(a == NULL) || (b == NULL))
goto err;
out=BIO_new(BIO_s_file());
if(out==NULL&&errno==ENOMEM)
{
return 1;
}
if (out == NULL)
return 1;
BIO_set_fp(out,stdout,BIO_NOCLOSE);
if(errno==ENOMEM)
{
return 1;
}
// temp = fopen("sanjeev.txt", "w");
for (i=0; i<200; i++)
{
// fputc(i,temp);
RAND_bytes(&c,1);
if(errno==ENOMEM)
{
return 1;
}
c=(c%BN_BITS)-BN_BITS2;
BN_rand(a,NUM_BITS+c,0,0);
if(errno==ENOMEM)
{
return 1;
}
RAND_bytes(&c,1);
if(errno==ENOMEM)
{
return 1;
}
c=(c%BN_BITS)-BN_BITS2;
BN_rand(b,NUM_BITS+c,0,0);
if(errno==ENOMEM)
{
return 1;
}
RAND_bytes(&c,1);
if(errno==ENOMEM)
{
return 1;
}
c=(c%BN_BITS)-BN_BITS2;
BN_rand(m,NUM_BITS+c,0,1);
if(errno==ENOMEM)
{
return 1;
}
BN_mod(a,a,m,ctx);
if(errno==ENOMEM)
{
return 1;
}
BN_mod(b,b,m,ctx);
if(errno==ENOMEM)
{
return 1;
}
ret=BN_mod_exp_mont(r_mont,a,b,m,ctx,NULL);
if (ret <= 0)
{
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"BN_mod_exp_mont() problems\n");
ERR_print_errors(out);
if(errno==ENOMEM)
{
return 1;
}
return 1;
}
ret=BN_mod_exp_recp(r_recp,a,b,m,ctx);
if (ret <= 0)
{
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"BN_mod_exp_recp() problems\n");
ERR_print_errors(out);
if(errno==ENOMEM)
{
return 1;
}
return 1;
}
ret=BN_mod_exp_simple(r_simple,a,b,m,ctx);
if (ret <= 0)
{
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"BN_mod_exp_simple() problems\n");
ERR_print_errors(out);
if(errno==ENOMEM)
{
return 1;
}
return 1;
}
ret=BN_mod_exp_mont_consttime(r_mont_const,a,b,m,ctx,NULL);
if (ret <= 0)
{
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"BN_mod_exp_mont_consttime() problems\n");
ERR_print_errors(out);
if(errno==ENOMEM)
{
return 1;
}
return 1;
}
if (BN_cmp(r_simple, r_mont) == 0
&& BN_cmp(r_simple,r_recp) == 0
&& BN_cmp(r_simple,r_mont_const) == 0)
{
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,".");
fflush(stdout);
}
else
{
if (BN_cmp(r_simple,r_mont) != 0)
{
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"\nsimple and mont results differ\n");
}
if (BN_cmp(r_simple,r_mont) != 0)
{
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"\nsimple and mont const time results differ\n");
}
if (BN_cmp(r_simple,r_recp) != 0)
{
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"\nsimple and recp results differ\n");
}
fprintf(stdout,"a (%3d) = ",BN_num_bits(a));
BN_print(out,a);
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"\nb (%3d) = ",BN_num_bits(b));
BN_print(out,b);
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"\nm (%3d) = ",BN_num_bits(m));
BN_print(out,m);
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"\nsimple =");
BN_print(out,r_simple);
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"\nrecp =");
BN_print(out,r_recp);
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"\nmont =");
BN_print(out,r_mont);
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"\nmont_ct =");
BN_print(out,r_mont_const);
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout,"\n");
return 1;
}
}
BN_free(r_mont);
BN_free(r_mont_const);
BN_free(r_recp);
BN_free(r_simple);
BN_free(a);
BN_free(b);
BN_free(m);
BN_CTX_free(ctx);
ERR_remove_state(0);
if(errno==ENOMEM)
{
return 1;
}
CRYPTO_mem_leaks(out);
if(errno==ENOMEM)
{
return 1;
}
BIO_free(out);
if(errno==ENOMEM)
{
return 1;
}
CRYPTO_cleanup_all_ex_data();
if(errno==ENOMEM)
{
return 1;
}
fprintf(stdout," done\n");
fprintf(stdout," Test case passed\n");
return 0;
err:
ERR_load_crypto_strings();
if(errno==ENOMEM)
{
return 1;
}
ERR_print_errors(out);
if(errno==ENOMEM)
{
return 1;
}
#ifdef OPENSSL_SYS_NETWARE
fprintf(stdout,"ERROR\n");
#endif
return(1);
}
int main(int argc, char *argv[])
{
FUNCTION f, *fp;
LHASH_OF(FUNCTION) *prog = NULL;
char **copied_argv = NULL;
char *p, *pname;
char buf[1024];
const char *prompt;
ARGS arg;
int first, n, i, ret = 0;
arg.argv = NULL;
arg.size = 0;
/* Set up some of the environment. */
default_config_file = make_config_name();
bio_in = dup_bio_in(FORMAT_TEXT);
bio_out = dup_bio_out(FORMAT_TEXT);
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
#if defined( OPENSSL_SYS_VMS)
copied_argv = argv = copy_argv(&argc, argv);
#endif
p = getenv("OPENSSL_DEBUG_MEMORY");
if (p == NULL)
/* if not set, use compiled-in default */
;
else if (strcmp(p, "off") != 0) {
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
} else {
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
}
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
CRYPTO_set_locking_callback(lock_dbg_cb);
if (getenv("OPENSSL_FIPS")) {
#ifdef OPENSSL_FIPS
if (!FIPS_mode_set(1)) {
ERR_load_crypto_strings();
ERR_print_errors(bio_err);
return 1;
}
#else
BIO_printf(bio_err, "FIPS mode not supported.\n");
return 1;
#endif
}
apps_startup();
/*
* If first argument is a colon, skip it. Because in "interactive"
* mode our prompt is a colon and we can cut/paste whole lines
* by doing this hack.
*/
if (argv[1] && strcmp(argv[1], ":") == 0) {
argv[1] = argv[0];
argc--;
argv++;
}
prog = prog_init();
pname = opt_progname(argv[0]);
/* first check the program name */
f.name = pname;
fp = lh_FUNCTION_retrieve(prog, &f);
if (fp != NULL) {
argv[0] = pname;
ret = fp->func(argc, argv);
goto end;
}
/* If there is stuff on the command line, run with that. */
if (argc != 1) {
argc--;
argv++;
ret = do_cmd(prog, argc, argv);
if (ret < 0)
ret = 0;
goto end;
}
/* ok, lets enter interactive mode */
for (;;) {
ret = 0;
/* Read a line, continue reading if line ends with \ */
for (p = buf, n = sizeof buf, i = 0, first = 1; n > 0; first = 0) {
prompt = first ? "openssl : " : "> ";
p[0] = '\0';
#ifndef READLINE
fputs(prompt, stdout);
fflush(stdout);
if (!fgets(p, n, stdin))
goto end;
if (p[0] == '\0')
goto end;
i = strlen(p);
if (i <= 1)
break;
if (p[i - 2] != '\\')
break;
i -= 2;
p += i;
n -= i;
#else
{
extern char *readline(const char *);
extern void add_history(const char *cp);
char *text;
char *text = readline(prompt);
if (text == NULL)
goto end;
i = strlen(text);
if (i == 0 || i > n)
break;
if (text[i - 1] != '\\') {
p += strlen(strcpy(p, text));
free(text);
add_history(buf);
break;
}
text[i - 1] = '\0';
p += strlen(strcpy(p, text));
free(text);
n -= i;
}
#endif
}
if (!chopup_args(&arg, buf)) {
BIO_printf(bio_err, "Can't parse (no memory?)\n");
break;
}
ret = do_cmd(prog, arg.argc, arg.argv);
if (ret == EXIT_THE_PROGRAM) {
ret = 0;
goto end;
}
if (ret != 0)
BIO_printf(bio_err, "error in %s\n", arg.argv[0]);
(void)BIO_flush(bio_out);
(void)BIO_flush(bio_err);
}
ret = 1;
end:
OPENSSL_free(copied_argv);
OPENSSL_free(default_config_file);
NCONF_free(config);
config = NULL;
lh_FUNCTION_free(prog);
OPENSSL_free(arg.argv);
BIO_free(bio_in);
BIO_free_all(bio_out);
apps_shutdown();
CRYPTO_mem_leaks(bio_err);
BIO_free(bio_err);
return (ret);
}
int main(int argc, char **argv)
{
BN_GENCB *cb;
DSA *dsa = NULL;
int counter, ret = 0, i, j;
unsigned char buf[256];
unsigned long h;
unsigned char sig[256];
unsigned int siglen;
if (bio_err == NULL)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof rnd_seed);
BIO_printf(bio_err, "test generation of DSA parameters\n");
cb = BN_GENCB_new();
if (!cb)
goto end;
BN_GENCB_set(cb, dsa_cb, bio_err);
if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
seed, 20,
&counter,
&h, cb))
goto end;
BIO_printf(bio_err, "seed\n");
for (i = 0; i < 20; i += 4) {
BIO_printf(bio_err, "%02X%02X%02X%02X ",
seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);
}
BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h);
DSA_print(bio_err, dsa, 0);
if (counter != 105) {
BIO_printf(bio_err, "counter should be 105\n");
goto end;
}
if (h != 2) {
BIO_printf(bio_err, "h should be 2\n");
goto end;
}
i = BN_bn2bin(dsa->q, buf);
j = sizeof(out_q);
if ((i != j) || (memcmp(buf, out_q, i) != 0)) {
BIO_printf(bio_err, "q value is wrong\n");
goto end;
}
i = BN_bn2bin(dsa->p, buf);
j = sizeof(out_p);
if ((i != j) || (memcmp(buf, out_p, i) != 0)) {
BIO_printf(bio_err, "p value is wrong\n");
goto end;
}
i = BN_bn2bin(dsa->g, buf);
j = sizeof(out_g);
if ((i != j) || (memcmp(buf, out_g, i) != 0)) {
BIO_printf(bio_err, "g value is wrong\n");
goto end;
}
dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret = 1;
dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret = 1;
end:
if (!ret)
ERR_print_errors(bio_err);
DSA_free(dsa);
BN_GENCB_free(cb);
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks(bio_err) <= 0)
ret = 0;
#endif
BIO_free(bio_err);
bio_err = NULL;
EXIT(!ret);
}
int main(int argc, char *argv[])
{
FUNCTION f, *fp;
LHASH_OF(FUNCTION) *prog = NULL;
char **copied_argv = NULL;
char *p, *pname;
char buf[1024];
const char *prompt;
ARGS arg;
int first, n, i, ret = 0;
arg.argv = NULL;
arg.size = 0;
/* Set up some of the environment. */
default_config_file = make_config_name();
bio_in = dup_bio_in(FORMAT_TEXT);
bio_out = dup_bio_out(FORMAT_TEXT);
bio_err = dup_bio_err(FORMAT_TEXT);
#if defined(OPENSSL_SYS_VMS) && defined(__DECC)
copied_argv = argv = copy_argv(&argc, argv);
#elif defined(_WIN32)
/*
* Replace argv[] with UTF-8 encoded strings.
*/
win32_utf8argv(&argc, &argv);
#endif
p = getenv("OPENSSL_DEBUG_MEMORY");
if (p != NULL && strcmp(p, "on") == 0)
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
if (getenv("OPENSSL_FIPS")) {
#ifdef OPENSSL_FIPS
if (!FIPS_mode_set(1)) {
ERR_print_errors(bio_err);
return 1;
}
#else
BIO_printf(bio_err, "FIPS mode not supported.\n");
return 1;
#endif
}
if (!apps_startup())
goto end;
prog = prog_init();
pname = opt_progname(argv[0]);
/* first check the program name */
f.name = pname;
fp = lh_FUNCTION_retrieve(prog, &f);
if (fp != NULL) {
argv[0] = pname;
ret = fp->func(argc, argv);
goto end;
}
/* If there is stuff on the command line, run with that. */
if (argc != 1) {
argc--;
argv++;
ret = do_cmd(prog, argc, argv);
if (ret < 0)
ret = 0;
goto end;
}
/* ok, lets enter interactive mode */
for (;;) {
ret = 0;
/* Read a line, continue reading if line ends with \ */
for (p = buf, n = sizeof buf, i = 0, first = 1; n > 0; first = 0) {
prompt = first ? "OpenSSL> " : "> ";
p[0] = '\0';
#ifndef READLINE
fputs(prompt, stdout);
fflush(stdout);
if (!fgets(p, n, stdin))
goto end;
if (p[0] == '\0')
goto end;
i = strlen(p);
if (i <= 1)
break;
if (p[i - 2] != '\\')
break;
i -= 2;
p += i;
n -= i;
#else
{
extern char *readline(const char *);
extern void add_history(const char *cp);
char *text;
text = readline(prompt);
if (text == NULL)
goto end;
i = strlen(text);
if (i == 0 || i > n)
break;
if (text[i - 1] != '\\') {
p += strlen(strcpy(p, text));
free(text);
add_history(buf);
break;
}
text[i - 1] = '\0';
p += strlen(strcpy(p, text));
free(text);
n -= i;
}
#endif
}
if (!chopup_args(&arg, buf)) {
BIO_printf(bio_err, "Can't parse (no memory?)\n");
break;
}
ret = do_cmd(prog, arg.argc, arg.argv);
if (ret == EXIT_THE_PROGRAM) {
ret = 0;
goto end;
}
if (ret != 0)
BIO_printf(bio_err, "error in %s\n", arg.argv[0]);
(void)BIO_flush(bio_out);
(void)BIO_flush(bio_err);
}
ret = 1;
end:
OPENSSL_free(copied_argv);
OPENSSL_free(default_config_file);
NCONF_free(config);
config = NULL;
lh_FUNCTION_free(prog);
OPENSSL_free(arg.argv);
BIO_free(bio_in);
BIO_free_all(bio_out);
apps_shutdown();
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks(bio_err) <= 0)
ret = 1;
#endif
BIO_free(bio_err);
EXIT(ret);
}
int main(int argc, char *argv[])
{
BN_CTX *ctx;
BIO *out=NULL;
int i,ret;
unsigned char c;
BIGNUM *r_mont,*r_mont_const,*r_recp,*r_simple,*a,*b,*m;
RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
* even check its return value
* (which we should) */
ERR_load_BN_strings();
ctx=BN_CTX_new();
if (ctx == NULL) EXIT(1);
r_mont=BN_new();
r_mont_const=BN_new();
r_recp=BN_new();
r_simple=BN_new();
a=BN_new();
b=BN_new();
m=BN_new();
if ( (r_mont == NULL) || (r_recp == NULL) ||
(a == NULL) || (b == NULL))
goto err;
out=BIO_new(BIO_s_file());
if (out == NULL) EXIT(1);
BIO_set_fp(out,stdout,BIO_NOCLOSE);
for (i=0; i<200; i++)
{
RAND_bytes(&c,1);
c=(c%BN_BITS)-BN_BITS2;
BN_rand(a,NUM_BITS+c,0,0);
RAND_bytes(&c,1);
c=(c%BN_BITS)-BN_BITS2;
BN_rand(b,NUM_BITS+c,0,0);
RAND_bytes(&c,1);
c=(c%BN_BITS)-BN_BITS2;
BN_rand(m,NUM_BITS+c,0,1);
BN_mod(a,a,m,ctx);
BN_mod(b,b,m,ctx);
ret=BN_mod_exp_mont(r_mont,a,b,m,ctx,NULL);
if (ret <= 0)
{
printf("BN_mod_exp_mont() problems\n");
ERR_print_errors(out);
EXIT(1);
}
ret=BN_mod_exp_recp(r_recp,a,b,m,ctx);
if (ret <= 0)
{
printf("BN_mod_exp_recp() problems\n");
ERR_print_errors(out);
EXIT(1);
}
ret=BN_mod_exp_simple(r_simple,a,b,m,ctx);
if (ret <= 0)
{
printf("BN_mod_exp_simple() problems\n");
ERR_print_errors(out);
EXIT(1);
}
ret=BN_mod_exp_mont_consttime(r_mont_const,a,b,m,ctx,NULL);
if (ret <= 0)
{
printf("BN_mod_exp_mont_consttime() problems\n");
ERR_print_errors(out);
EXIT(1);
}
if (BN_cmp(r_simple, r_mont) == 0
&& BN_cmp(r_simple,r_recp) == 0
&& BN_cmp(r_simple,r_mont_const) == 0)
{
printf(".");
fflush(stdout);
}
else
{
if (BN_cmp(r_simple,r_mont) != 0)
printf("\nsimple and mont results differ\n");
if (BN_cmp(r_simple,r_mont) != 0)
printf("\nsimple and mont const time results differ\n");
if (BN_cmp(r_simple,r_recp) != 0)
printf("\nsimple and recp results differ\n");
printf("a (%3d) = ",BN_num_bits(a)); BN_print(out,a);
printf("\nb (%3d) = ",BN_num_bits(b)); BN_print(out,b);
printf("\nm (%3d) = ",BN_num_bits(m)); BN_print(out,m);
printf("\nsimple ="); BN_print(out,r_simple);
printf("\nrecp ="); BN_print(out,r_recp);
printf("\nmont ="); BN_print(out,r_mont);
printf("\nmont_ct ="); BN_print(out,r_mont_const);
printf("\n");
EXIT(1);
}
}
BN_free(r_mont);
BN_free(r_mont_const);
BN_free(r_recp);
BN_free(r_simple);
BN_free(a);
BN_free(b);
BN_free(m);
BN_CTX_free(ctx);
ERR_remove_state(0);
CRYPTO_mem_leaks(out);
BIO_free(out);
printf(" done\n");
EXIT(0);
err:
ERR_load_crypto_strings();
ERR_print_errors(out);
#ifdef OPENSSL_SYS_NETWARE
printf("ERROR\n");
#endif
EXIT(1);
return(1);
}
int main(int argc, char **argv)
{
DSA *dsa=NULL;
EVP_PKEY pk;
int counter,ret=0,i,j;
unsigned int slen;
unsigned char buf[256];
unsigned long h;
BN_GENCB cb;
EVP_MD_CTX mctx;
BN_GENCB_set(&cb, dsa_cb, stderr);
EVP_MD_CTX_init(&mctx);
if(!FIPS_mode_set(1))
{
do_print_errors();
EXIT(1);
}
fprintf(stderr,"test generation of DSA parameters\n");
dsa = FIPS_dsa_new();
DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,&cb);
fprintf(stderr,"seed\n");
for (i=0; i<20; i+=4)
{
fprintf(stderr,"%02X%02X%02X%02X ",
seed[i],seed[i+1],seed[i+2],seed[i+3]);
}
fprintf(stderr,"\ncounter=%d h=%ld\n",counter,h);
if (dsa == NULL) goto end;
if (counter != 16)
{
fprintf(stderr,"counter should be 105\n");
goto end;
}
if (h != 2)
{
fprintf(stderr,"h should be 2\n");
goto end;
}
i=BN_bn2bin(dsa->q,buf);
j=sizeof(out_q);
if ((i != j) || (memcmp(buf,out_q,i) != 0))
{
fprintf(stderr,"q value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->p,buf);
j=sizeof(out_p);
if ((i != j) || (memcmp(buf,out_p,i) != 0))
{
fprintf(stderr,"p value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->g,buf);
j=sizeof(out_g);
if ((i != j) || (memcmp(buf,out_g,i) != 0))
{
fprintf(stderr,"g value is wrong\n");
goto end;
}
DSA_generate_key(dsa);
pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL))
goto end;
if (!EVP_SignUpdate(&mctx, str1, 20))
goto end;
if (!EVP_SignFinal(&mctx, buf, &slen, &pk))
goto end;
if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL))
goto end;
if (!EVP_VerifyUpdate(&mctx, str1, 20))
goto end;
if (EVP_VerifyFinal(&mctx, buf, slen, &pk) != 1)
goto end;
ret = 1;
end:
if (!ret)
do_print_errors();
if (dsa != NULL) FIPS_dsa_free(dsa);
EVP_MD_CTX_cleanup(&mctx);
#if 0
CRYPTO_mem_leaks(bio_err);
#endif
EXIT(!ret);
return(!ret);
}
int main(int argc, char **argv)
{
DSA *dsa=NULL;
DSA_SIG *sig = NULL;
int counter,ret=0,i,j;
unsigned char buf[256];
unsigned long h;
BN_GENCB cb;
BN_GENCB_set(&cb, dsa_cb, stderr);
fips_algtest_init();
fprintf(stderr,"test generation of DSA parameters\n");
dsa = FIPS_dsa_new();
DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,&cb);
fprintf(stderr,"seed\n");
for (i=0; i<20; i+=4)
{
fprintf(stderr,"%02X%02X%02X%02X ",
seed[i],seed[i+1],seed[i+2],seed[i+3]);
}
fprintf(stderr,"\ncounter=%d h=%ld\n",counter,h);
if (dsa == NULL) goto end;
if (counter != 16)
{
fprintf(stderr,"counter should be 105\n");
goto end;
}
if (h != 2)
{
fprintf(stderr,"h should be 2\n");
goto end;
}
i=BN_bn2bin(dsa->q,buf);
j=sizeof(out_q);
if ((i != j) || (memcmp(buf,out_q,i) != 0))
{
fprintf(stderr,"q value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->p,buf);
j=sizeof(out_p);
if ((i != j) || (memcmp(buf,out_p,i) != 0))
{
fprintf(stderr,"p value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->g,buf);
j=sizeof(out_g);
if ((i != j) || (memcmp(buf,out_g,i) != 0))
{
fprintf(stderr,"g value is wrong\n");
goto end;
}
DSA_generate_key(dsa);
sig = FIPS_dsa_sign(dsa, str1, 20, EVP_sha1());
if (!sig)
goto end;
if (FIPS_dsa_verify(dsa, str1, 20, EVP_sha1(), sig) != 1)
goto end;
ret = 1;
end:
if (sig)
FIPS_dsa_sig_free(sig);
if (dsa != NULL) FIPS_dsa_free(dsa);
#if 0
CRYPTO_mem_leaks(bio_err);
#endif
EXIT(!ret);
return(!ret);
}
int main(int argc, char *argv[])
{
char *CApath=NULL,*CAfile=NULL;
int badop=0;
int bio_pair=0;
int force=0;
int tls1=0,ssl2=0,ssl3=0,ret=1;
int client_auth=0;
int server_auth=0,i;
int app_verify=0;
char *server_cert=TEST_SERVER_CERT;
char *server_key=NULL;
char *client_cert=TEST_CLIENT_CERT;
char *client_key=NULL;
SSL_CTX *s_ctx=NULL;
SSL_CTX *c_ctx=NULL;
SSL_METHOD *meth=NULL;
SSL *c_ssl,*s_ssl;
int number=1,reuse=0;
long bytes=1L;
#ifndef OPENSSL_NO_DH
DH *dh;
int dhe1024 = 0, dhe1024dsa = 0;
#endif
int no_dhe = 0;
int print_time = 0;
clock_t s_time = 0, c_time = 0;
int comp = 0;
COMP_METHOD *cm = NULL;
verbose = 0;
debug = 0;
cipher = 0;
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
CRYPTO_set_locking_callback(lock_dbg_cb);
/* enable memory leak checking unless explicitly disabled */
if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
{
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
}
else
{
/* OPENSSL_DEBUG_MEMORY=off */
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
}
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof rnd_seed);
bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-server_auth") == 0)
server_auth=1;
else if (strcmp(*argv,"-client_auth") == 0)
client_auth=1;
else if (strcmp(*argv,"-v") == 0)
verbose=1;
else if (strcmp(*argv,"-d") == 0)
debug=1;
else if (strcmp(*argv,"-reuse") == 0)
reuse=1;
else if (strcmp(*argv,"-dhe1024") == 0)
{
#ifndef OPENSSL_NO_DH
dhe1024=1;
#else
fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
#endif
}
else if (strcmp(*argv,"-dhe1024dsa") == 0)
{
#ifndef OPENSSL_NO_DH
dhe1024dsa=1;
#else
fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
#endif
}
else if (strcmp(*argv,"-no_dhe") == 0)
no_dhe=1;
else if (strcmp(*argv,"-ssl2") == 0)
ssl2=1;
else if (strcmp(*argv,"-tls1") == 0)
tls1=1;
else if (strcmp(*argv,"-ssl3") == 0)
ssl3=1;
else if (strncmp(*argv,"-num",4) == 0)
{
if (--argc < 1) goto bad;
number= atoi(*(++argv));
if (number == 0) number=1;
}
else if (strcmp(*argv,"-bytes") == 0)
{
if (--argc < 1) goto bad;
bytes= atol(*(++argv));
if (bytes == 0L) bytes=1L;
i=strlen(argv[0]);
if (argv[0][i-1] == 'k') bytes*=1024L;
if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
}
else if (strcmp(*argv,"-cert") == 0)
{
if (--argc < 1) goto bad;
server_cert= *(++argv);
}
else if (strcmp(*argv,"-s_cert") == 0)
{
if (--argc < 1) goto bad;
server_cert= *(++argv);
}
else if (strcmp(*argv,"-key") == 0)
{
if (--argc < 1) goto bad;
server_key= *(++argv);
}
else if (strcmp(*argv,"-s_key") == 0)
{
if (--argc < 1) goto bad;
server_key= *(++argv);
}
else if (strcmp(*argv,"-c_cert") == 0)
{
if (--argc < 1) goto bad;
client_cert= *(++argv);
}
else if (strcmp(*argv,"-c_key") == 0)
{
if (--argc < 1) goto bad;
client_key= *(++argv);
}
else if (strcmp(*argv,"-cipher") == 0)
{
if (--argc < 1) goto bad;
cipher= *(++argv);
}
else if (strcmp(*argv,"-CApath") == 0)
{
if (--argc < 1) goto bad;
CApath= *(++argv);
}
else if (strcmp(*argv,"-CAfile") == 0)
{
if (--argc < 1) goto bad;
CAfile= *(++argv);
}
else if (strcmp(*argv,"-bio_pair") == 0)
{
bio_pair = 1;
}
else if (strcmp(*argv,"-f") == 0)
{
force = 1;
}
else if (strcmp(*argv,"-time") == 0)
{
print_time = 1;
}
else if (strcmp(*argv,"-zlib") == 0)
{
comp = COMP_ZLIB;
}
else if (strcmp(*argv,"-rle") == 0)
{
comp = COMP_RLE;
}
else if (strcmp(*argv,"-app_verify") == 0)
{
app_verify = 1;
}
else
{
fprintf(stderr,"unknown option %s\n",*argv);
badop=1;
break;
}
argc--;
argv++;
}
if (badop)
{
bad:
sv_usage();
goto end;
}
if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
{
fprintf(stderr, "This case cannot work. Use -f to perform "
"the test anyway (and\n-d to see what happens), "
"or add one of -ssl2, -ssl3, -tls1, -reuse\n"
"to avoid protocol mismatch.\n");
EXIT(1);
}
if (print_time)
{
if (!bio_pair)
{
fprintf(stderr, "Using BIO pair (-bio_pair)\n");
bio_pair = 1;
}
if (number < 50 && !force)
fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
}
/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
SSL_library_init();
SSL_load_error_strings();
if (comp == COMP_ZLIB) cm = COMP_zlib();
if (comp == COMP_RLE) cm = COMP_rle();
if (cm != NULL)
{
if (cm->type != NID_undef)
SSL_COMP_add_compression_method(comp, cm);
else
{
fprintf(stderr,
"Warning: %s compression not supported\n",
(comp == COMP_RLE ? "rle" :
(comp == COMP_ZLIB ? "zlib" :
"unknown")));
ERR_print_errors_fp(stderr);
}
}
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
if (ssl2)
meth=SSLv2_method();
else
if (tls1)
meth=TLSv1_method();
else
if (ssl3)
meth=SSLv3_method();
else
meth=SSLv23_method();
#else
#ifdef OPENSSL_NO_SSL2
meth=SSLv3_method();
#else
meth=SSLv2_method();
#endif
#endif
c_ctx=SSL_CTX_new(meth);
s_ctx=SSL_CTX_new(meth);
if ((c_ctx == NULL) || (s_ctx == NULL))
{
ERR_print_errors(bio_err);
goto end;
}
if (cipher != NULL)
{
SSL_CTX_set_cipher_list(c_ctx,cipher);
SSL_CTX_set_cipher_list(s_ctx,cipher);
}
#ifndef OPENSSL_NO_DH
if (!no_dhe)
{
if (dhe1024dsa)
{
/* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
dh=get_dh1024dsa();
}
else if (dhe1024)
dh=get_dh1024();
else
dh=get_dh512();
SSL_CTX_set_tmp_dh(s_ctx,dh);
DH_free(dh);
}
#else
(void)no_dhe;
#endif
#ifndef OPENSSL_NO_RSA
SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
#endif
if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
{
ERR_print_errors(bio_err);
}
else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
(server_key?server_key:server_cert), SSL_FILETYPE_PEM))
{
ERR_print_errors(bio_err);
goto end;
}
if (client_auth)
{
SSL_CTX_use_certificate_file(c_ctx,client_cert,
SSL_FILETYPE_PEM);
SSL_CTX_use_PrivateKey_file(c_ctx,
(client_key?client_key:client_cert),
SSL_FILETYPE_PEM);
}
if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
(!SSL_CTX_set_default_verify_paths(s_ctx)) ||
(!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
(!SSL_CTX_set_default_verify_paths(c_ctx)))
{
/* fprintf(stderr,"SSL_load_verify_locations\n"); */
ERR_print_errors(bio_err);
/* goto end; */
}
if (client_auth)
{
BIO_printf(bio_err,"client authentication\n");
SSL_CTX_set_verify(s_ctx,
SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verify_callback);
if (app_verify)
{
SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
}
}
if (server_auth)
{
BIO_printf(bio_err,"server authentication\n");
SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
verify_callback);
if (app_verify)
{
SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, app_verify_arg);
}
}
{
int session_id_context = 0;
SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
}
c_ssl=SSL_new(c_ctx);
s_ssl=SSL_new(s_ctx);
#ifndef OPENSSL_NO_KRB5
if (c_ssl && c_ssl->kssl_ctx)
{
char localhost[MAXHOSTNAMELEN+2];
if (gethostname(localhost, sizeof localhost-1) == 0)
{
localhost[sizeof localhost-1]='\0';
if(strlen(localhost) == sizeof localhost-1)
{
BIO_printf(bio_err,"localhost name too long\n");
goto end;
}
kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
localhost);
}
}
#endif /* OPENSSL_NO_KRB5 */
for (i=0; i<number; i++)
{
if (!reuse) SSL_set_session(c_ssl,NULL);
if (bio_pair)
ret=doit_biopair(s_ssl,c_ssl,bytes,&s_time,&c_time);
else
ret=doit(s_ssl,c_ssl,bytes);
}
if (!verbose)
{
print_details(c_ssl, "");
}
if ((number > 1) || (bytes > 1L))
BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes);
if (print_time)
{
#ifdef CLOCKS_PER_SEC
/* "To determine the time in seconds, the value returned
* by the clock function should be divided by the value
* of the macro CLOCKS_PER_SEC."
* -- ISO/IEC 9899 */
BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
"Approximate total client time: %6.2f s\n",
(double)s_time/CLOCKS_PER_SEC,
(double)c_time/CLOCKS_PER_SEC);
#else
/* "`CLOCKS_PER_SEC' undeclared (first use this function)"
* -- cc on NeXTstep/OpenStep */
BIO_printf(bio_stdout,
"Approximate total server time: %6.2f units\n"
"Approximate total client time: %6.2f units\n",
(double)s_time,
(double)c_time);
#endif
}
SSL_free(s_ssl);
SSL_free(c_ssl);
end:
if (s_ctx != NULL) SSL_CTX_free(s_ctx);
if (c_ctx != NULL) SSL_CTX_free(c_ctx);
if (bio_stdout != NULL) BIO_free(bio_stdout);
#ifndef OPENSSL_NO_RSA
free_tmp_rsa();
#endif
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
ERR_remove_state(0);
EVP_cleanup();
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL) BIO_free(bio_err);
EXIT(ret);
}
int ssl_test_dsa(int argc, char **argv)
{
BN_GENCB cb;
DSA *dsa=NULL;
int counter,ret=0,i,j;
unsigned char buf[256];
unsigned long h;
unsigned char sig[256];
unsigned int siglen;
#ifndef OPENSSL_SYS_WINDOWS
bio_err = BIO_new(BIO_s_mem());
if (bio_err == NULL) return(1);
#else
if (bio_err == NULL)
bio_err=BIO_new_fp(OPENSSL_TYPE__FILE_STDERR,BIO_NOCLOSE);
#endif
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
RAND_seed(rnd_seed, sizeof rnd_seed);
TINYCLR_SSL_PRINTF("test generation of DSA parameters\n");
BN_GENCB_set(&cb, dsa_cb, bio_err);
if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
seed, 20, &counter, &h, &cb))
goto end;
TINYCLR_SSL_PRINTF("seed\n");
for (i=0; i<20; i+=4)
{
TINYCLR_SSL_PRINTF("%02X%02X%02X%02X ",
seed[i],seed[i+1],seed[i+2],seed[i+3]);
}
TINYCLR_SSL_PRINTF("\ncounter=%d h=%ld\n",counter,h);
DSA_print(bio_err,dsa,0);
if (counter != 105)
{
TINYCLR_SSL_PRINTF("counter should be 105\n");
goto end;
}
if (h != 2)
{
TINYCLR_SSL_PRINTF("h should be 2\n");
goto end;
}
i=BN_bn2bin(dsa->q,buf);
j=sizeof(out_q);
if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_q,i) != 0))
{
TINYCLR_SSL_PRINTF("q value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->p,buf);
j=sizeof(out_p);
if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_p,i) != 0))
{
TINYCLR_SSL_PRINTF("p value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->g,buf);
j=sizeof(out_g);
if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_g,i) != 0))
{
TINYCLR_SSL_PRINTF("g value is wrong\n");
goto end;
}
dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret=1;
dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret=1;
end:
if (!ret)
ERR_print_errors(bio_err);
if (dsa != NULL) DSA_free(dsa);
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
ERR_free_strings();
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
{
BIO_free(bio_err);
bio_err = NULL;
}
#ifdef OPENSSL_SYS_NETWARE
if (!ret) TINYCLR_SSL_PRINTF("ERROR\n");
#endif
return(0);
}
int main(int argc, char *argv[])
{
SSL_CTX *ctx;
SSL *con;
BIO *rbio;
BIO *wbio;
BIO *err;
long len;
unsigned char *data;
unsigned char *dataend;
char *dummytick = "Hello World!";
unsigned int tmplen;
unsigned int type;
unsigned int size;
int testresult = 0;
int currtest = 0;
SSL_library_init();
SSL_load_error_strings();
err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
/*
* For each test set up an SSL_CTX and SSL and see what ClientHello gets
* produced when we try to connect
*/
for (; currtest < TOTAL_NUM_TESTS; currtest++) {
testresult = 0;
if (currtest == TEST_SET_SESSION_TICK_DATA_TLS_1_2) {
ctx = SSL_CTX_new(TLSv1_2_method());
} else {
ctx = SSL_CTX_new(SSLv23_method());
}
con = SSL_new(ctx);
rbio = BIO_new(BIO_s_mem());
wbio = BIO_new(BIO_s_mem());
SSL_set_bio(con, rbio, wbio);
SSL_set_connect_state(con);
if (currtest == TEST_SET_SESSION_TICK_DATA_TLS_1_2
|| currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) {
if (!SSL_set_session_ticket_ext(con, dummytick, strlen(dummytick)))
goto end;
}
if (SSL_connect(con) > 0) {
/* This shouldn't succeed because we don't have a server! */
goto end;
}
len = BIO_get_mem_data(wbio, (char **)&data);
dataend = data + len;
/* Skip the record header */
data += SSL3_RT_HEADER_LENGTH;
/* Skip the handshake message header */
data += SSL3_HM_HEADER_LENGTH;
/* Skip client version and random */
data += CLIENT_VERSION_LEN + SSL3_RANDOM_SIZE;
if (data + SESSION_ID_LEN_LEN > dataend)
goto end;
/* Skip session id */
tmplen = *data;
data += SESSION_ID_LEN_LEN + tmplen;
if (data + CIPHERS_LEN_LEN > dataend)
goto end;
/* Skip ciphers */
tmplen = ((*data) << 8) | *(data + 1);
data += CIPHERS_LEN_LEN + tmplen;
if (data + COMPRESSION_LEN_LEN > dataend)
goto end;
/* Skip compression */
tmplen = *data;
data += COMPRESSION_LEN_LEN + tmplen;
if (data + EXTENSIONS_LEN_LEN > dataend)
goto end;
/* Extensions len */
tmplen = ((*data) << 8) | *(data + 1);
data += EXTENSIONS_LEN_LEN;
if (data + tmplen > dataend)
goto end;
/* Loop through all extensions */
while (tmplen > EXTENSION_TYPE_LEN + EXTENSION_SIZE_LEN) {
type = ((*data) << 8) | *(data + 1);
data += EXTENSION_TYPE_LEN;
size = ((*data) << 8) | *(data + 1);
data += EXTENSION_SIZE_LEN;
if (data + size > dataend)
goto end;
if (type == TLSEXT_TYPE_session_ticket) {
if (currtest == TEST_SET_SESSION_TICK_DATA_TLS_1_2
|| currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) {
if (size == strlen(dummytick)
&& memcmp(data, dummytick, size) == 0) {
/* Ticket data is as we expected */
testresult = 1;
} else {
printf("Received session ticket is not as expected\n");
}
break;
}
}
tmplen -= EXTENSION_TYPE_LEN + EXTENSION_SIZE_LEN + size;
data += size;
}
end:
SSL_free(con);
SSL_CTX_free(ctx);
if (!testresult) {
printf("ClientHello test: FAILED (Test %d)\n", currtest);
break;
}
}
ERR_free_strings();
ERR_remove_thread_state(NULL);
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
CRYPTO_mem_leaks(err);
return testresult?0:1;
}
