jiangcuo/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2025-04-28 05:25:19 +00:00
Code Issues Actions 21 Packages Projects Releases Wiki Activity

deps: delete OpenSSL demos, doc and test folders

Browse Source 
And ignore them for future updates.

PR-URL: https://github.com/nodejs/node/pull/57835
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit is contained in:
Michaël Zasso 2025-04-13 17:34:51 +02:00 committed by GitHub
parent 4a4aa58fa4
commit dfaded80e1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2521 changed files with 3 additions and 529845 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
deps/openssl/.gitignore vendored
View File

@ -1,3 +1,6 @@
openssl/demos
openssl/doc
openssl/fuzz/corpora
openssl/makefile.in
openssl/Makefile.in
openssl/test

50
deps/openssl/openssl/demos/README.txt vendored
View File

@ -1,50 +0,0 @@
OpenSSL Demonstration Applications
This folder contains source code that demonstrates the proper use of the OpenSSL
library API.
bio: Demonstration of a simple TLS client and server
certs: Demonstration of creating certs, using OCSP
cipher:
aesgcm.c Demonstration of symmetric cipher GCM mode encrypt/decrypt
aesccm.c Demonstration of symmetric cipher CCM mode encrypt/decrypt
ariacbc.c Demonstration of symmetric cipher CBC mode encrypt/decrypt
cms:
digest:
EVP_MD_demo.c Compute a digest from multiple buffers
EVP_MD_stdin.c Compute a digest with data read from stdin
EVP_MD_xof.c Compute a digest using the SHAKE256 XOF
EVP_f_md.c Compute a digest using BIO and EVP_f_md
kdf:
hkdf.c Demonstration of HMAC based key derivation
pbkdf2.c Demonstration of PBKDF2 password based key derivation
scrypt.c Demonstration of SCRYPT password based key derivation
mac:
gmac.c Demonstration of GMAC message authentication
poly1305.c Demonstration of Poly1305-AES message authentication
siphash.c Demonstration of SIPHASH message authentication
pkey:
EVP_PKEY_EC_keygen.c Generate an EC key.
EVP_PKEY_RSA_keygen.c Generate an RSA key.
EVP_PKEY_DSA_keygen.c Generate a DSA key.
EVP_PKEY_DSA_paramgen.c Generate a DSA param key.
EVP_PKEY_DSA_paramvalidate.c Validate a DSA param key.
EVP_PKEY_DSA_paramfromdata.c Load a DSA param key using raw data.
smime:
pkcs12:
pkread.c Print out a description of a PKCS12 file.
pkwrite.c Add a password to an existing PKCS12 file.
signature:
EVP_Signature_demo.c Compute and verify a signature from multiple buffers
rsa_pss_direct.c Compute and verify an RSA-PSS signature from a hash
rsa_pss_hash.c Compute and verify an RSA-PSS signature over a buffer

33
deps/openssl/openssl/demos/bio/Makefile vendored
View File

@ -1,33 +0,0 @@
# Quick instruction:
# To build against an OpenSSL built in the source tree, do this:
#
# make OPENSSL_INCS_LOCATION=-I../../include OPENSSL_LIBS_LOCATION=-L../..
#
# To run the demos when linked with a shared library (default):
#
# LD_LIBRARY_PATH=../.. ./server-arg
# LD_LIBRARY_PATH=../.. ./server-cmod
# LD_LIBRARY_PATH=../.. ./server-conf
# LD_LIBRARY_PATH=../.. ./client-arg
# LD_LIBRARY_PATH=../.. ./client-conf
# LD_LIBRARY_PATH=../.. ./saccept
# LD_LIBRARY_PATH=../.. ./sconnect
CFLAGS = $(OPENSSL_INCS_LOCATION)
LDFLAGS = $(OPENSSL_LIBS_LOCATION) -lssl -lcrypto $(EX_LIBS)
all: client-arg client-conf saccept sconnect server-arg server-cmod server-conf
client-arg: client-arg.o
client-conf: client-conf.o
saccept: saccept.o
sconnect: sconnect.o
server-arg: server-arg.o
server-cmod: server-cmod.o
server-conf: server-conf.o
client-arg client-conf saccept sconnect server-arg server-cmod server-conf:
$(CC) $(CFLAGS) -o $@ $< $(LDFLAGS)
clean:
$(RM) *.o client-arg client-conf saccept sconnect server-arg server-cmod server-conf

6
deps/openssl/openssl/demos/bio/README.txt vendored
View File

@ -1,6 +0,0 @@
This directory contains some simple examples of the use of BIO's
to simplify socket programming.
The client-conf, server-conf, client-arg and client-conf include examples
of how to use the SSL_CONF API for configuration file or command line
processing.

23
deps/openssl/openssl/demos/bio/accept.cnf vendored
View File

@ -1,23 +0,0 @@
# Example configuration file
# Comment out the next line to ignore configuration errors
config_diagnostics = 1
# Port to listen on
Port = 4433
# Disable TLS v1.2 for test.
# Protocol = ALL, -TLSv1.2
# Only support 3 curves
Curves = P-521:P-384:P-256
# Restricted signature algorithms
SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512
Certificate=server.pem
PrivateKey=server.pem
ChainCAFile=root.pem
VerifyCAFile=root.pem
# Request certificate
VerifyMode=Request
ClientCAFile=root.pem

108
deps/openssl/openssl/demos/bio/client-arg.c vendored
View File

@ -1,108 +0,0 @@
/*
* Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
int main(int argc, char **argv)
{
BIO *sbio = NULL, *out = NULL;
int len;
char tmpbuf[1024];
SSL_CTX *ctx;
SSL_CONF_CTX *cctx;
SSL *ssl;
char **args = argv + 1;
const char *connect_str = "localhost:4433";
int nargs = argc - 1;
ctx = SSL_CTX_new(TLS_client_method());
cctx = SSL_CONF_CTX_new();
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT);
SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
while (*args && **args == '-') {
int rv;
/* Parse standard arguments */
rv = SSL_CONF_cmd_argv(cctx, &nargs, &args);
if (rv == -3) {
fprintf(stderr, "Missing argument for %s\n", *args);
goto end;
}
if (rv < 0) {
fprintf(stderr, "Error in command %s\n", *args);
ERR_print_errors_fp(stderr);
goto end;
}
/* If rv > 0 we processed something so proceed to next arg */
if (rv > 0)
continue;
/* Otherwise application specific argument processing */
if (strcmp(*args, "-connect") == 0) {
connect_str = args[1];
if (connect_str == NULL) {
fprintf(stderr, "Missing -connect argument\n");
goto end;
}
args += 2;
nargs -= 2;
continue;
} else {
fprintf(stderr, "Unknown argument %s\n", *args);
goto end;
}
}
if (!SSL_CONF_CTX_finish(cctx)) {
fprintf(stderr, "Finish error\n");
ERR_print_errors_fp(stderr);
goto end;
}
/*
* We'd normally set some stuff like the verify paths and * mode here
* because as things stand this will connect to * any server whose
* certificate is signed by any CA.
*/
sbio = BIO_new_ssl_connect(ctx);
BIO_get_ssl(sbio, &ssl);
if (!ssl) {
fprintf(stderr, "Can't locate SSL pointer\n");
goto end;
}
/* We might want to do other things with ssl here */
BIO_set_conn_hostname(sbio, connect_str);
out = BIO_new_fp(stdout, BIO_NOCLOSE);
if (BIO_do_connect(sbio) <= 0) {
fprintf(stderr, "Error connecting to server\n");
ERR_print_errors_fp(stderr);
goto end;
}
/* Could examine ssl here to get connection info */
BIO_puts(sbio, "GET / HTTP/1.0\n\n");
for (;;) {
len = BIO_read(sbio, tmpbuf, 1024);
if (len <= 0)
break;
BIO_write(out, tmpbuf, len);
}
end:
SSL_CONF_CTX_free(cctx);
BIO_free_all(sbio);
BIO_free(out);
return 0;
}

117
deps/openssl/openssl/demos/bio/client-conf.c vendored
View File

@ -1,117 +0,0 @@
/*
* Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <openssl/conf.h>
int main(int argc, char **argv)
{
BIO *sbio = NULL, *out = NULL;
int i, len, rv;
char tmpbuf[1024];
SSL_CTX *ctx = NULL;
SSL_CONF_CTX *cctx = NULL;
SSL *ssl = NULL;
CONF *conf = NULL;
STACK_OF(CONF_VALUE) *sect = NULL;
CONF_VALUE *cnf;
const char *connect_str = "localhost:4433";
long errline = -1;
conf = NCONF_new(NULL);
if (NCONF_load(conf, "connect.cnf", &errline) <= 0) {
if (errline <= 0)
fprintf(stderr, "Error processing config file\n");
else
fprintf(stderr, "Error on line %ld\n", errline);
goto end;
}
sect = NCONF_get_section(conf, "default");
if (sect == NULL) {
fprintf(stderr, "Error retrieving default section\n");
goto end;
}
ctx = SSL_CTX_new(TLS_client_method());
cctx = SSL_CONF_CTX_new();
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT);
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE);
SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
cnf = sk_CONF_VALUE_value(sect, i);
rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value);
if (rv > 0)
continue;
if (rv != -2) {
fprintf(stderr, "Error processing %s = %s\n",
cnf->name, cnf->value);
ERR_print_errors_fp(stderr);
goto end;
}
if (strcmp(cnf->name, "Connect") == 0) {
connect_str = cnf->value;
} else {
fprintf(stderr, "Unknown configuration option %s\n", cnf->name);
goto end;
}
}
if (!SSL_CONF_CTX_finish(cctx)) {
fprintf(stderr, "Finish error\n");
ERR_print_errors_fp(stderr);
goto end;
}
/*
* We'd normally set some stuff like the verify paths and * mode here
* because as things stand this will connect to * any server whose
* certificate is signed by any CA.
*/
sbio = BIO_new_ssl_connect(ctx);
BIO_get_ssl(sbio, &ssl);
if (!ssl) {
fprintf(stderr, "Can't locate SSL pointer\n");
goto end;
}
/* We might want to do other things with ssl here */
BIO_set_conn_hostname(sbio, connect_str);
out = BIO_new_fp(stdout, BIO_NOCLOSE);
if (BIO_do_connect(sbio) <= 0) {
fprintf(stderr, "Error connecting to server\n");
ERR_print_errors_fp(stderr);
goto end;
}
/* Could examine ssl here to get connection info */
BIO_puts(sbio, "GET / HTTP/1.0\n\n");
for (;;) {
len = BIO_read(sbio, tmpbuf, 1024);
if (len <= 0)
break;
BIO_write(out, tmpbuf, len);
}
end:
SSL_CONF_CTX_free(cctx);
BIO_free_all(sbio);
BIO_free(out);
NCONF_free(conf);
return 0;
}

27
deps/openssl/openssl/demos/bio/cmod.cnf vendored
View File

@ -1,27 +0,0 @@
# Example config module configuration
# Name supplied by application to CONF_modules_load_file
# and section containing configuration
testapp = test_sect
# Comment out the next line to ignore configuration errors
config_diagnostics = 1
[test_sect]
# list of configuration modules
# SSL configuration module
ssl_conf = ssl_sect
[ssl_sect]
# list of SSL configurations
server = server_sect
[server_sect]
# Only support 3 curves
Curves = P-521:P-384:P-256
# Restricted signature algorithms
SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512
# Certificates and keys
RSA.Certificate=server.pem
ECDSA.Certificate=server-ec.pem

15
deps/openssl/openssl/demos/bio/connect.cnf vendored
View File

@ -1,15 +0,0 @@
# Example configuration file
# Comment out the next line to ignore configuration errors
config_diagnostics = 1
# Connects to the default port of s_server
Connect = localhost:4433
# Disable TLS v1.2 for test.
# Protocol = ALL, -TLSv1.2
# Only support 3 curves
Curves = P-521:P-384:P-256
# Restricted signature algorithms
SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512

47
deps/openssl/openssl/demos/bio/descrip.mms vendored
View File

@ -1,47 +0,0 @@
# This build description trusts that the following logical names are defined:
#
# For compilation: OPENSSL
# For linking with shared libraries: OSSL$LIBCRYPTO_SHR and OSSL$LIBSSL_SHR
# For linking with static libraries: OSSL$LIBCRYPTO and OSSL$LIBSSL
#
# These are normally defined with the OpenSSL startup procedure
# By default, we link with the shared libraries
SHARED = TRUE
# Alternative, for linking with static libraries
#SHARED = FALSE
.FIRST :
IF "$(SHARED)" .EQS. "TRUE" THEN DEFINE OPT []shared.opt
IF "$(SHARED)" .NES. "TRUE" THEN DEFINE OPT []static.opt
.LAST :
DEASSIGN OPT
.DEFAULT :
@ !
# Because we use an option file, we need to redefine this
.obj.exe :
$(LINK) $(LINKFLAGS) $<,OPT:/OPT
all : client-arg.exe client-conf.exe saccept.exe sconnect.exe -
server-arg.exe server-cmod.exe server-conf.exe
client-arg.exe : client-arg.obj
client-conf.exe : client-conf.obj
saccept.exe : saccept.obj
sconnect.exe : sconnect.obj
server-arg.exe : server-arg.obj
server-cmod.exe : server-cmod.obj
server-conf.exe : server-conf.obj
# MMS doesn't infer this automatically...
client-arg.obj : client-arg.c
client-conf.obj : client-conf.c
saccept.obj : saccept.c
sconnect.obj : sconnect.c
server-arg.obj : server-arg.c
server-cmod.obj : server-cmod.c
server-conf.obj : server-conf.c

25
deps/openssl/openssl/demos/bio/intca.pem vendored
View File

@ -1,25 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIEPzCCAqegAwIBAgIILsaQqJAjK4IwDQYJKoZIhvcNAQELBQAwaDELMAkGA1UE
BhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBURVNU
SU5HIFBVUlBPU0VTIE9OTFkxHTAbBgNVBAMMFE9wZW5TU0wgVGVzdCBSb290IENB
MCAXDTE4MDYxNDEyNDYyOFoYDzIxMTgwNjE0MTI0NjI4WjBwMQswCQYDVQQGEwJV
SzEWMBQGA1UECgwNT3BlblNTTCBHcm91cDEiMCAGA1UECwwZRk9SIFRFU1RJTkcg
UFVSUE9TRVMgT05MWTElMCMGA1UEAwwcT3BlblNTTCBUZXN0IEludGVybWVkaWF0
ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANIpVng2wNFJp2kF
oJ6Yji25wy1YufnS8NxA82fk5OHdhGWj1CWqnQNotEqEQzcOUszQYrNxd8tEvoWk
Ik4JMBVoEcgBGedchftptTNulFWodWpi1yFaqA/Nz2BsVgcCJW4C+UWDT7VeHtGU
7tYKKr35lxp6io/a4jUDQXvO2nJA9YlrxOktunMqtoZSYqUz35ZXsdkn58o8Fbqm
dEpw6AqAr9aBgY5DSaGxbaX2lwNt9NvB+f9ucOqEnPP8AfTlPYc/ENwJ6u/H8RGw
d1im71mu2lHjcws3aHkbluH860U3vlKWx6Ff1qdQcH98e2HwElqxCK00xya8leu4
u64nljkCAwEAAaNjMGEwHQYDVR0OBBYEFAoDRKVoOufDXW5Ui7L4ONxANVsFMB8G
A1UdIwQYMBaAFDZjTeLsQUG6KL9xuLhzXVdB4pkKMA8GA1UdEwEB/wQFMAMBAf8w
DgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBgQDZQJLA90ewVaS3E3du
gSjPkQ1xsHm8H1am+7zr5oZ81J+R8XYIZgMR+9ShVo38OradiYNqDLso+4iuVdxh
hzoSoQELoDXCficzWKnlAtWvwDDoczyK+/p94g3VKx14n2+GvQzoZ4kwQQgaFH1w
YI6w0oH9zwoklCxvihj8D069QrYyuTT8JGZ2m0FHqVJg6teuQKFahSgwYR2CUoIb
6PrpSUQeCVCH8TPkzlRT6UgtM3ERt7+TlQ+zZ80dSf4YTAsDv9Z/CJXiF/5wZr6/
lWuFjWmX2HkpEW6Wiv5KF8QP6Ft7Z+RYua7RMtELCYvqYbWDBs7fXWGBkZ5xhB09
jCxz+F7zOeRbyzacfFq9DhxCWCRbIrdgGGE/Of2ujJtmK/2p4M6E5IsKNAI2SJBW
iJXvIgQgR22ehPqy6er2Gog5LkWUwqB0kHZJJpbp1IW01IGTpD6YAJyVCEAlyMbo
Kto9+wQFLT3Auv/W5h6OwxkNdfAyZBYy0ZSFk4EE8OdWWY4=
-----END CERTIFICATE-----

28
deps/openssl/openssl/demos/bio/root.pem vendored
View File

@ -1,28 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIEwzCCAyugAwIBAgIUHKKc7fxVgQjWQ7IF6l7m/fHQHH8wDQYJKoZIhvcNAQEL
BQAwaDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNV
BAsMGUZPUiBURVNUSU5HIFBVUlBPU0VTIE9OTFkxHTAbBgNVBAMMFE9wZW5TU0wg
VGVzdCBSb290IENBMCAXDTE4MDYxNDEyNDYyOFoYDzIxMTgwNjE0MTI0NjI4WjBo
MQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91cDEiMCAGA1UECwwZ
Rk9SIFRFU1RJTkcgUFVSUE9TRVMgT05MWTEdMBsGA1UEAwwUT3BlblNTTCBUZXN0
IFJvb3QgQ0EwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDaTVriXS5C
6C17OxGwWR4xxdLveLLkAb0+nSiYpzfCcEGX3qiBxHDA+Nj1kkihIJNkXmrKxa3w
1XIVoSUaVULuVxe3vqla+DScGC9MLVsfIwWe8UdGsKst4VvvtNvQUZ5CvLF4jv0V
nabvQhcjY5X7A/t8cZcjOHcaZ9fkThhG/7tJKwp4dLgPcXIimQ0UtP5gRBxnpEYd
l21mPjafqPt02lfOWTgnT5PeVoBDmN7QcrTlI7RzaeDglwFm10rNuYsRxrVsEfiG
Ejup/1eM/69zkV4Lb2RFbIpZ+oKqQ5AEemh6/IP9VwX08DOX3T1EqwthyB+yOZgp
BQ/MZ2M21E03sxlgPGKkRVTU520az84Tyft7T7sJ6BeGSMrdEZVUSJxsS/iFFwL2
ubmhG6tq0ALIyoS+rUeHUeH2pVnEEcHIXAsLbCXfmsRpWU1fOHcpkTSzbMPhqMa3
K8aKNHni0UtoD+ddOw0Zrx4uf3zlbPCzy2eQ2d8qb/TSynGxWmN8an8CAwEAAaNj
MGEwHQYDVR0OBBYEFDZjTeLsQUG6KL9xuLhzXVdB4pkKMB8GA1UdIwQYMBaAFDZj
TeLsQUG6KL9xuLhzXVdB4pkKMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
AgEGMA0GCSqGSIb3DQEBCwUAA4IBgQCFbQA4yoXhxVQm+tEMpfKf2VEzQVNw0Tzd
Vy+zbscQ04RM4Hx4YbICdX+J7M2fYByU+KawllZJI++mfS9sbnuPIouD5NJLX5EH
//5rySOqA0OkN/Y8f41xp/YF5j96NUCjg3RoerefRSHZfNWJE1faQEHuhwDZK6OQ
GNgt246FZ7ittfe537MHUWY7CjKt6kILN03rVKSgRwwOw5Tv+VyUVyUtRppWl57L
Z+41g0gZ/r7h6ACd+n35nuzgbmqUF2VNYQLo7RzaxPvtkzJ4t96r+5NAr1cx8thr
3rnJWSgpm1ZKdtHMj1jCLxarn8gNz2gB35Tn2NdzHQI0/aEEcfLWpU9mrmhUW+yy
WEN2R8BqGsC++HhlUKKJZgR48SHF5MOBl4KyZPylBuPYcJFQdnEbioBLPlvt5bbt
+o/w3sCR3ZVHMB0n9OcQwd6tdN7aDiept6lJPlOp4dfFjkku8J5nM0oY/Xsg194A
rRK0SBUCVN/2NSHFl9LKEqQiQIUjOQM=
-----END CERTIFICATE-----

121
deps/openssl/openssl/demos/bio/saccept.c vendored
View File

@ -1,121 +0,0 @@
/*
* Copyright 1998-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*-
* A minimal program to serve an SSL connection.
* It uses blocking.
* saccept host:port
* host is the interface IP to use. If any interface, use *:port
* The default it *:4433
*
* cc -I../../include saccept.c -L../.. -lssl -lcrypto -ldl
*/
#include <stdio.h>
#include <signal.h>
#include <stdlib.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#define CERT_FILE "server.pem"
static volatile int done = 0;
void interrupt(int sig)
{
done = 1;
}
void sigsetup(void)
{
struct sigaction sa;
/*
* Catch at most once, and don't restart the accept system call.
*/
sa.sa_flags = SA_RESETHAND;
sa.sa_handler = interrupt;
sigemptyset(&sa.sa_mask);
sigaction(SIGINT, &sa, NULL);
}
int main(int argc, char *argv[])
{
char *port = NULL;
BIO *in = NULL;
BIO *ssl_bio, *tmp;
SSL_CTX *ctx;
char buf[512];
int ret = EXIT_FAILURE, i;
if (argc <= 1)
port = "*:4433";
else
port = argv[1];
ctx = SSL_CTX_new(TLS_server_method());
if (!SSL_CTX_use_certificate_chain_file(ctx, CERT_FILE))
goto err;
if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))
goto err;
if (!SSL_CTX_check_private_key(ctx))
goto err;
/* Setup server side SSL bio */
ssl_bio = BIO_new_ssl(ctx, 0);
if ((in = BIO_new_accept(port)) == NULL)
goto err;
/*
* This means that when a new connection is accepted on 'in', The ssl_bio
* will be 'duplicated' and have the new socket BIO push into it.
* Basically it means the SSL BIO will be automatically setup
*/
BIO_set_accept_bios(in, ssl_bio);
/* Arrange to leave server loop on interrupt */
sigsetup();
again:
/*
* The first call will setup the accept socket, and the second will get a
* socket. In this loop, the first actual accept will occur in the
* BIO_read() function.
*/
if (BIO_do_accept(in) <= 0)
goto err;
while (!done) {
i = BIO_read(in, buf, 512);
if (i == 0) {
/*
* If we have finished, remove the underlying BIO stack so the
* next time we call any function for this BIO, it will attempt
* to do an accept
*/
printf("Done\n");
tmp = BIO_pop(in);
BIO_free_all(tmp);
goto again;
}
if (i < 0)
goto err;
fwrite(buf, 1, i, stdout);
fflush(stdout);
}
ret = EXIT_SUCCESS;
err:
if (ret != EXIT_SUCCESS)
ERR_print_errors_fp(stderr);
BIO_free(in);
return ret;
}

128
deps/openssl/openssl/demos/bio/sconnect.c vendored
View File

@ -1,128 +0,0 @@
/*
* Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*-
* A minimal program to do SSL to a passed host and port.
* It is actually using non-blocking IO but in a very simple manner
* sconnect host:port - it does a 'GET / HTTP/1.0'
*
* cc -I../../include sconnect.c -L../.. -lssl -lcrypto
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#define HOSTPORT "localhost:4433"
#define CAFILE "root.pem"
int main(int argc, char *argv[])
{
const char *hostport = HOSTPORT;
const char *CAfile = CAFILE;
const char *hostname;
char *cp;
BIO *out = NULL;
char buf[1024 * 10], *p;
SSL_CTX *ssl_ctx = NULL;
SSL *ssl;
BIO *ssl_bio;
int i, len, off, ret = EXIT_FAILURE;
if (argc > 1)
hostport = argv[1];
if (argc > 2)
CAfile = argv[2];
#ifdef WATT32
dbug_init();
sock_init();
#endif
ssl_ctx = SSL_CTX_new(TLS_client_method());
/* Enable trust chain verification */
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
SSL_CTX_load_verify_locations(ssl_ctx, CAfile, NULL);
/* Lets make a SSL structure */
ssl = SSL_new(ssl_ctx);
SSL_set_connect_state(ssl);
/* Use it inside an SSL BIO */
ssl_bio = BIO_new(BIO_f_ssl());
BIO_set_ssl(ssl_bio, ssl, BIO_CLOSE);
/* Lets use a connect BIO under the SSL BIO */
out = BIO_new(BIO_s_connect());
BIO_set_conn_hostname(out, hostport);
/* The BIO has parsed the host:port and even IPv6 literals in [] */
hostname = BIO_get_conn_hostname(out);
if (!hostname || SSL_set1_host(ssl, hostname) <= 0)
goto err;
BIO_set_nbio(out, 1);
out = BIO_push(ssl_bio, out);
p = "GET / HTTP/1.0\r\n\r\n";
len = strlen(p);
off = 0;
for (;;) {
i = BIO_write(out, &(p[off]), len);
if (i <= 0) {
if (BIO_should_retry(out)) {
fprintf(stderr, "write DELAY\n");
sleep(1);
continue;
} else {
goto err;
}
}
off += i;
len -= i;
if (len <= 0)
break;
}
for (;;) {
i = BIO_read(out, buf, sizeof(buf));
if (i == 0)
break;
if (i < 0) {
if (BIO_should_retry(out)) {
fprintf(stderr, "read DELAY\n");
sleep(1);
continue;
}
goto err;
}
fwrite(buf, 1, i, stdout);
}
ret = EXIT_SUCCESS;
goto done;
err:
if (ERR_peek_error() == 0) { /* system call error */
fprintf(stderr, "errno=%d ", errno);
perror("error");
} else {
ERR_print_errors_fp(stderr);
}
done:
BIO_free_all(out);
SSL_CTX_free(ssl_ctx);
return ret;
}

144
deps/openssl/openssl/demos/bio/server-arg.c vendored
View File

@ -1,144 +0,0 @@
/*
* Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* A minimal program to serve an SSL connection. It uses blocking. It use the
* SSL_CONF API with the command line. cc -I../../include server-arg.c
* -L../.. -lssl -lcrypto -ldl
*/
#include <stdio.h>
#include <string.h>
#include <signal.h>
#include <stdlib.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
int main(int argc, char *argv[])
{
char *port = "*:4433";
BIO *ssl_bio, *tmp;
SSL_CTX *ctx;
SSL_CONF_CTX *cctx;
char buf[512];
BIO *in = NULL;
int ret = EXIT_FAILURE, i;
char **args = argv + 1;
int nargs = argc - 1;
ctx = SSL_CTX_new(TLS_server_method());
cctx = SSL_CONF_CTX_new();
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER);
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE);
SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
while (*args && **args == '-') {
int rv;
/* Parse standard arguments */
rv = SSL_CONF_cmd_argv(cctx, &nargs, &args);
if (rv == -3) {
fprintf(stderr, "Missing argument for %s\n", *args);
goto err;
}
if (rv < 0) {
fprintf(stderr, "Error in command %s\n", *args);
ERR_print_errors_fp(stderr);
goto err;
}
/* If rv > 0 we processed something so proceed to next arg */
if (rv > 0)
continue;
/* Otherwise application specific argument processing */
if (strcmp(*args, "-port") == 0) {
port = args[1];
if (port == NULL) {
fprintf(stderr, "Missing -port argument\n");
goto err;
}
args += 2;
nargs -= 2;
continue;
} else {
fprintf(stderr, "Unknown argument %s\n", *args);
goto err;
}
}
if (!SSL_CONF_CTX_finish(cctx)) {
fprintf(stderr, "Finish error\n");
ERR_print_errors_fp(stderr);
goto err;
}
#ifdef ITERATE_CERTS
/*
* Demo of how to iterate over all certificates in an SSL_CTX structure.
*/
{
X509 *x;
int rv;
rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_FIRST);
while (rv) {
X509 *x = SSL_CTX_get0_certificate(ctx);
X509_NAME_print_ex_fp(stdout, X509_get_subject_name(x), 0,
XN_FLAG_ONELINE);
printf("\n");
rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_NEXT);
}
fflush(stdout);
}
#endif
/* Setup server side SSL bio */
ssl_bio = BIO_new_ssl(ctx, 0);
if ((in = BIO_new_accept(port)) == NULL)
goto err;
/*
* This means that when a new connection is accepted on 'in', The ssl_bio
* will be 'duplicated' and have the new socket BIO push into it.
* Basically it means the SSL BIO will be automatically setup
*/
BIO_set_accept_bios(in, ssl_bio);
again:
/*
* The first call will setup the accept socket, and the second will get a
* socket. In this loop, the first actual accept will occur in the
* BIO_read() function.
*/
if (BIO_do_accept(in) <= 0)
goto err;
for (;;) {
i = BIO_read(in, buf, 512);
if (i == 0) {
/*
* If we have finished, remove the underlying BIO stack so the
* next time we call any function for this BIO, it will attempt
* to do an accept
*/
printf("Done\n");
tmp = BIO_pop(in);
BIO_free_all(tmp);
goto again;
}
if (i < 0)
goto err;
fwrite(buf, 1, i, stdout);
fflush(stdout);
}
ret = EXIT_SUCCESS;
err:
if (ret != EXIT_SUCCESS)
ERR_print_errors_fp(stderr);
BIO_free(in);
return ret;
}

94
deps/openssl/openssl/demos/bio/server-cmod.c vendored
View File

@ -1,94 +0,0 @@
/*
* Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* A minimal TLS server it ses SSL_CTX_config and a configuration file to
* set most server parameters.
*/
#include <stdio.h>
#include <signal.h>
#include <stdlib.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <openssl/conf.h>
int main(int argc, char *argv[])
{
unsigned char buf[512];
char *port = "*:4433";
BIO *in = NULL;
BIO *ssl_bio, *tmp;
SSL_CTX *ctx;
int ret = EXIT_FAILURE, i;
ctx = SSL_CTX_new(TLS_server_method());
if (CONF_modules_load_file("cmod.cnf", "testapp", 0) <= 0) {
fprintf(stderr, "Error processing config file\n");
goto err;
}
if (SSL_CTX_config(ctx, "server") == 0) {
fprintf(stderr, "Error configuring server.\n");
goto err;
}
/* Setup server side SSL bio */
ssl_bio = BIO_new_ssl(ctx, 0);
if ((in = BIO_new_accept(port)) == NULL)
goto err;
/*
* This means that when a new connection is accepted on 'in', The ssl_bio
* will be 'duplicated' and have the new socket BIO push into it.
* Basically it means the SSL BIO will be automatically setup
*/
BIO_set_accept_bios(in, ssl_bio);
again:
/*
* The first call will setup the accept socket, and the second will get a
* socket. In this loop, the first actual accept will occur in the
* BIO_read() function.
*/
if (BIO_do_accept(in) <= 0)
goto err;
for (;;) {
i = BIO_read(in, buf, sizeof(buf));
if (i == 0) {
/*
* If we have finished, remove the underlying BIO stack so the
* next time we call any function for this BIO, it will attempt
* to do an accept
*/
printf("Done\n");
tmp = BIO_pop(in);
BIO_free_all(tmp);
goto again;
}
if (i < 0) {
if (BIO_should_retry(in))
continue;
goto err;
}
fwrite(buf, 1, i, stdout);
fflush(stdout);
}
ret = EXIT_SUCCESS;
err:
if (ret != EXIT_SUCCESS)
ERR_print_errors_fp(stderr);
BIO_free(in);
return ret;
}

139
deps/openssl/openssl/demos/bio/server-conf.c vendored
View File

@ -1,139 +0,0 @@
/*
* Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* A minimal program to serve an SSL connection. It uses blocking. It uses
* the SSL_CONF API with a configuration file. cc -I../../include saccept.c
* -L../.. -lssl -lcrypto -ldl
*/
#include <stdio.h>
#include <string.h>
#include <signal.h>
#include <stdlib.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <openssl/conf.h>
int main(int argc, char *argv[])
{
char *port = "*:4433";
BIO *in = NULL;
BIO *ssl_bio, *tmp;
SSL_CTX *ctx;
SSL_CONF_CTX *cctx = NULL;
CONF *conf = NULL;
STACK_OF(CONF_VALUE) *sect = NULL;
CONF_VALUE *cnf;
long errline = -1;
char buf[512];
int ret = EXIT_FAILURE, i;
ctx = SSL_CTX_new(TLS_server_method());
conf = NCONF_new(NULL);
if (NCONF_load(conf, "accept.cnf", &errline) <= 0) {
if (errline <= 0)
fprintf(stderr, "Error processing config file\n");
else
fprintf(stderr, "Error on line %ld\n", errline);
goto err;
}
sect = NCONF_get_section(conf, "default");
if (sect == NULL) {
fprintf(stderr, "Error retrieving default section\n");
goto err;
}
cctx = SSL_CONF_CTX_new();
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER);
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE);
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE);
SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
int rv;
cnf = sk_CONF_VALUE_value(sect, i);
rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value);
if (rv > 0)
continue;
if (rv != -2) {
fprintf(stderr, "Error processing %s = %s\n",
cnf->name, cnf->value);
ERR_print_errors_fp(stderr);
goto err;
}
if (strcmp(cnf->name, "Port") == 0) {
port = cnf->value;
} else {
fprintf(stderr, "Unknown configuration option %s\n", cnf->name);
goto err;
}
}
if (!SSL_CONF_CTX_finish(cctx)) {
fprintf(stderr, "Finish error\n");
ERR_print_errors_fp(stderr);
goto err;
}
/* Setup server side SSL bio */
ssl_bio = BIO_new_ssl(ctx, 0);
if ((in = BIO_new_accept(port)) == NULL)
goto err;
/*
* This means that when a new connection is accepted on 'in', The ssl_bio
* will be 'duplicated' and have the new socket BIO push into it.
* Basically it means the SSL BIO will be automatically setup
*/
BIO_set_accept_bios(in, ssl_bio);
again:
/*
* The first call will setup the accept socket, and the second will get a
* socket. In this loop, the first actual accept will occur in the
* BIO_read() function.
*/
if (BIO_do_accept(in) <= 0)
goto err;
for (;;) {
i = BIO_read(in, buf, 512);
if (i == 0) {
/*
* If we have finished, remove the underlying BIO stack so the
* next time we call any function for this BIO, it will attempt
* to do an accept
*/
printf("Done\n");
tmp = BIO_pop(in);
BIO_free_all(tmp);
goto again;
}
if (i < 0) {
if (BIO_should_retry(in))
continue;
goto err;
}
fwrite(buf, 1, i, stdout);
fflush(stdout);
}
ret = EXIT_SUCCESS;
err:
if (ret != EXIT_SUCCESS)
ERR_print_errors_fp(stderr);
BIO_free(in);
return ret;
}

17
deps/openssl/openssl/demos/bio/server-ec.pem vendored
View File

@ -1,17 +0,0 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgsoKOpzTm/+VR5xOk
kgwtljzMFYtX4NGdqCkxjitXvLmhRANCAASsxTC21z8mDYAX/RgLK5XGJNmPlHcY
VMql6fSeS+9fTZnn1Ma12932/UBfFTITOuHviJYkQ5KxVSitmgMwnF3V
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIBvjCCAWSgAwIBAgIURVOfyUojPPQMfDEVhKY4DIdeLY0wCgYIKoZIzj0EAwIw
NTEfMB0GA1UECwwWVGVzdCBFQ0RTQSBDZXJ0aWZpY2F0ZTESMBAGA1UEAwwJbG9j
YWxob3N0MCAXDTE4MDYxNDEyNDYyOFoYDzIxMTgwNjE0MTI0NjI4WjA1MR8wHQYD
VQQLDBZUZXN0IEVDRFNBIENlcnRpZmljYXRlMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASsxTC21z8mDYAX/RgLK5XGJNmPlHcY
VMql6fSeS+9fTZnn1Ma12932/UBfFTITOuHviJYkQ5KxVSitmgMwnF3Vo1AwTjAd
BgNVHQ4EFgQUA0dWehTLHzBYhzfXiTIVUOXDusMwHwYDVR0jBBgwFoAUA0dWehTL
HzBYhzfXiTIVUOXDusMwDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiEA
8/l8RyihzqlEnLjcyIEaXTZm4HyNgZRQKhNACCW3jd4CIEbMJAf/D0eY38EeP2xY
/BDy/BYXYmyDQeqiE+RDjG5X
-----END CERTIFICATE-----

79
deps/openssl/openssl/demos/bio/server.pem vendored
View File

@ -1,79 +0,0 @@
subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert
issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
-----BEGIN CERTIFICATE-----
MIID0DCCArigAwIBAgIIcsOElVeHzfYwDQYJKoZIhvcNAQELBQAwcDELMAkGA1UE
BhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBURVNU
SU5HIFBVUlBPU0VTIE9OTFkxJTAjBgNVBAMMHE9wZW5TU0wgVGVzdCBJbnRlcm1l
ZGlhdGUgQ0EwIBcNMTgwNjE0MTI0NjI4WhgPMjExODA2MTQxMjQ2MjhaMGQxCzAJ
BgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1Ig
VEVTVElORyBQVVJQT1NFUyBPTkxZMRkwFwYDVQQDDBBUZXN0IFNlcnZlciBDZXJ0
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jIZ8IZ4dIzBc+ZfdmG5
n8G3JzRX99QvIqv52s4hFVfdzoa+AciKJpo9zkegWPmfsAVNa4uVceg/ZQt6qJsu
G/pxbQSZVnyjDQGtt7rgaDEbyUP0XJCnzyRdWSUjFS8yNZn4NkmZU01GlHtXdzWy
dEa5PaiTIwW0HI+bjjOEhwJ1hFuFqzlKHVKHA6DBzNcl6ly0E/q2kyslbR+0hq7p
NMqKvvuAxqgc//W8KvLDlKAt9D3t5zgh2+BrMPemrzjEaM97yHTogJo7+SKVDdUw
YQ7Br3xfyki9u2bUYib1BMSvLezxNP0qf/iU91z4xyLmMvOXE6W0D1WHwya1CfE7
vwIDAQABo3gwdjAdBgNVHQ4EFgQU3ulCbvgfxej6rHnddMpBidwnLIIwHwYDVR0j
BBgwFoAUCgNEpWg658NdblSLsvg43EA1WwUwCQYDVR0TBAIwADATBgNVHSUEDDAK
BggrBgEFBQcDATAUBgNVHREEDTALgglsb2NhbGhvc3QwDQYJKoZIhvcNAQELBQAD
ggEBAENMzaqJtmWED++W4KXFVwNBkQ87errBXe4jVeYKpjNb0JGMm60MS5ty54fb
r27SsR2EEk3EK2rcd85RR7TEKZCn9SvPykVtVf0tru7nOptQJgSbRvxIzyyq1UcE
K+BXDgN/I0f1X6qbk4Stb6uJF7yyAUabacjwKqgVifOOeKF9WJhVA8qJKoVq7HLN
k+uvm0geO1I4LKeULXVnQy8kwB6twcxN8iPyO45ZxbYIVeEKaYtbj/XPoq6KsLIb
5fj+mK1r/LkWk352ksNhf73r3alF8TBcSLqnbMoy1/ZvzlI4ksp9IGWtIU+CzP/f
VUjh00NOwDLd5jJbPoWW0oNp9m4=
-----END CERTIFICATE-----
subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Root CA
-----BEGIN CERTIFICATE-----
MIIEPzCCAqegAwIBAgIILsaQqJAjK4IwDQYJKoZIhvcNAQELBQAwaDELMAkGA1UE
BhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBURVNU
SU5HIFBVUlBPU0VTIE9OTFkxHTAbBgNVBAMMFE9wZW5TU0wgVGVzdCBSb290IENB
MCAXDTE4MDYxNDEyNDYyOFoYDzIxMTgwNjE0MTI0NjI4WjBwMQswCQYDVQQGEwJV
SzEWMBQGA1UECgwNT3BlblNTTCBHcm91cDEiMCAGA1UECwwZRk9SIFRFU1RJTkcg
UFVSUE9TRVMgT05MWTElMCMGA1UEAwwcT3BlblNTTCBUZXN0IEludGVybWVkaWF0
ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANIpVng2wNFJp2kF
oJ6Yji25wy1YufnS8NxA82fk5OHdhGWj1CWqnQNotEqEQzcOUszQYrNxd8tEvoWk
Ik4JMBVoEcgBGedchftptTNulFWodWpi1yFaqA/Nz2BsVgcCJW4C+UWDT7VeHtGU
7tYKKr35lxp6io/a4jUDQXvO2nJA9YlrxOktunMqtoZSYqUz35ZXsdkn58o8Fbqm
dEpw6AqAr9aBgY5DSaGxbaX2lwNt9NvB+f9ucOqEnPP8AfTlPYc/ENwJ6u/H8RGw
d1im71mu2lHjcws3aHkbluH860U3vlKWx6Ff1qdQcH98e2HwElqxCK00xya8leu4
u64nljkCAwEAAaNjMGEwHQYDVR0OBBYEFAoDRKVoOufDXW5Ui7L4ONxANVsFMB8G
A1UdIwQYMBaAFDZjTeLsQUG6KL9xuLhzXVdB4pkKMA8GA1UdEwEB/wQFMAMBAf8w
DgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBgQDZQJLA90ewVaS3E3du
gSjPkQ1xsHm8H1am+7zr5oZ81J+R8XYIZgMR+9ShVo38OradiYNqDLso+4iuVdxh
hzoSoQELoDXCficzWKnlAtWvwDDoczyK+/p94g3VKx14n2+GvQzoZ4kwQQgaFH1w
YI6w0oH9zwoklCxvihj8D069QrYyuTT8JGZ2m0FHqVJg6teuQKFahSgwYR2CUoIb
6PrpSUQeCVCH8TPkzlRT6UgtM3ERt7+TlQ+zZ80dSf4YTAsDv9Z/CJXiF/5wZr6/
lWuFjWmX2HkpEW6Wiv5KF8QP6Ft7Z+RYua7RMtELCYvqYbWDBs7fXWGBkZ5xhB09
jCxz+F7zOeRbyzacfFq9DhxCWCRbIrdgGGE/Of2ujJtmK/2p4M6E5IsKNAI2SJBW
iJXvIgQgR22ehPqy6er2Gog5LkWUwqB0kHZJJpbp1IW01IGTpD6YAJyVCEAlyMbo
Kto9+wQFLT3Auv/W5h6OwxkNdfAyZBYy0ZSFk4EE8OdWWY4=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA0jIZ8IZ4dIzBc+ZfdmG5n8G3JzRX99QvIqv52s4hFVfdzoa+
AciKJpo9zkegWPmfsAVNa4uVceg/ZQt6qJsuG/pxbQSZVnyjDQGtt7rgaDEbyUP0
XJCnzyRdWSUjFS8yNZn4NkmZU01GlHtXdzWydEa5PaiTIwW0HI+bjjOEhwJ1hFuF
qzlKHVKHA6DBzNcl6ly0E/q2kyslbR+0hq7pNMqKvvuAxqgc//W8KvLDlKAt9D3t
5zgh2+BrMPemrzjEaM97yHTogJo7+SKVDdUwYQ7Br3xfyki9u2bUYib1BMSvLezx
NP0qf/iU91z4xyLmMvOXE6W0D1WHwya1CfE7vwIDAQABAoIBAQC2HAo1RYvfDoQc
sh9LJWf5bZANO2Brqz4bP/x9AdHP+AyH/l1oliJ7R2785TmbXMppam6lGo4j3h/u
n39pzOip/NWAqldfgySRBD9Jy3LZUpLMUT/JYtrAsLTfozk+BWHu5rMR9boNXgok
Yqho8/DkpNGhBghUc4CUricLkL7laD3ziAHpx8yALL3tnLGOpgT9hNrA8Dm3yfUS
JEfiG12ILXvq1IP+vUNuaLpTLJZuqUmLpK8v+CBYgKxfd+TDnEjul4PqhhIIFK3A
xEZYQR2D/AXUwng9hP9uCbVm5lOY6vRbi9Fpbt+KRv+m25s1AnuhJFBOsL30h/Tb
iCKWm/nhAoGBAO0bFqMvZHjaT2KiwOwG/Ze9NsjynFPVltiuCqNj8HE5wM6imC5J
SdB+jMkgN6ERXALWrtr8Uf2pqzfeMsi6pekOOVTWLe/8c4bAZRxaCZn/BlZRysZI
vB9Gb7m7Oymw5iDSqrYywgOiUu+oIiCrmPOealhmn7zmHzHaETvdL9zDAoGBAOLy
DVT1csoexnuHVIWqnp7FK7lv6eOGZSdXpfJ3XYjmKJLK2hpVZe+J/mFOL1wsKSt4
0k/V0dnkHR7V4Pa4ECiCthkWMWrBVIHe7+ZnZ0ocKQSC+EEecavOiZ57S/qnUlT6
NtQP4cSy4DHzzFZdTZnn+2oymapPZpb2mvSN/GVVAoGADrIlHwwq8Aqn7Pclefuc
8DC8GoxfABs29EslQadKGdp4htYxFH1aY9/UHgsvJ36J82sW/1+wPUas5BOTljlr
WxyUlRuJUVyWVH3MRouWGMNjwynipZOQhWe6OQrPye+688Ha7twKhmsjNNN4+glo
u4DQGpaRxAWHXXGkq88zzj0CgYEAsICEceD7R8srnwMfb13FQ8IhQXWSuAvcO/7k
53CCZGhsgc4WVoi4YNY360G9f7gwxMiQ+NpY/Vd2dnbtIbUBjCAss9IY2OhHa0IR
3mXpZTAFjqa1oR+mVHKrgYBvFSBw3fpEDiXT9wEPcIomD709D0fmty9nZ5edOCfP
WAfdlokCgYEAqXuMuAg3NMMgEv+eBfsf43v3hRwBqPYanE26wcO3GoT/S8BpB6wy
vBoPZOlO5ZfsD2jaTec60GLay+MofxC7qNXIjzHOw50ry4bqHqqoQbn2cONE1k+0
ov7H2keTcG9FEGgL7dRUq3pRUo/W12WmRuDN17IEgkzAeisJnoiPtaQ=
-----END RSA PRIVATE KEY-----

2
deps/openssl/openssl/demos/bio/shared.opt vendored
View File

@ -1,2 +0,0 @@
OSSL$LIBSSL_SHR/SHARE
OSSL$LIBCRYPTO_SHR/SHARE

2
deps/openssl/openssl/demos/bio/static.opt vendored
View File

@ -1,2 +0,0 @@
OSSL$LIBSSL/LIB
OSSL$LIBCRYPTO/LIB

18
deps/openssl/openssl/demos/certs/README.txt vendored
View File

@ -1,18 +0,0 @@
There is often a need to generate test certificates automatically using
a script. This is often a cause for confusion which can result in incorrect
CA certificates, obsolete V1 certificates or duplicate serial numbers.
The range of command line options can be daunting for a beginner.
The mkcerts.sh script is an example of how to generate certificates
automatically using scripts. Example creates a root CA, an intermediate CA
signed by the root and several certificates signed by the intermediate CA.
The script then creates an empty index.txt file and adds entries for the
certificates and generates a CRL. Then one certificate is revoked and a
second CRL generated.
The script ocsprun.sh runs the test responder on port 8888 covering the
client certificates.
The script ocspquery.sh queries the status of the certificates using the
test responder.

66
deps/openssl/openssl/demos/certs/apps/apps.cnf vendored
View File

@ -1,66 +0,0 @@
#
# OpenSSL configuration file to create apps directory certificates
#
# This definition stops the following lines choking if HOME or CN
# is undefined.
HOME = .
CN = "Not Defined"
# Comment out the next line to ignore configuration errors
config_diagnostics = 1
####################################################################
[ req ]
default_bits = 2048
default_keyfile = privkey.pem
# Don't prompt for fields: use those in section directly
prompt = no
distinguished_name = req_distinguished_name
x509_extensions = v3_ca # The extensions to add to the self signed cert
string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = UK
organizationName = OpenSSL Group
organizationalUnitName = FOR TESTING PURPOSES ONLY
# Take CN from environment so it can come from a script.
commonName = $ENV::CN
[ usr_cert ]
# These extensions are added when 'ca' signs a request for an end entity
# certificate
basicConstraints=critical, CA:FALSE
keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment
[ ec_cert ]
# These extensions are added when 'ca' signs a request for an end entity
# certificate
basicConstraints=critical, CA:FALSE
keyUsage=critical, nonRepudiation, digitalSignature, keyAgreement
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always
basicConstraints = critical,CA:true
keyUsage = critical, cRLSign, keyCertSign

27
deps/openssl/openssl/demos/certs/apps/ckey.pem vendored
View File

@ -1,27 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAtK2p2x0S3C1ajftAc3GaWPsji6scw1k9Sw/XltbLQuDc11/f
wwrUiFcje2CB3Ri6yD6+uCA3V12jEc4GdqzirJZhwgIhaTv42vfYBgiUcR9McEGr
agFC3yVR3lIbOzhBjmXNp1on46irxnzU4pT+w58IuvYqUBavaEtfRZocFR5NsIOy
mRhyNag8htOFK3wmTEYrb0vflFYT6SD47ogYtsd/xWSKS+YFyb7xSusR2Ot6Ktmr
MswQE57QYJz+KiRVlnL0cduMBdT52Wm8blaC9mz50PyrzjQ68NyHapCoWDU7pe4x
HLtzpXGSDMPuw4miiSwMym/2wReYJv6cFugLPQIDAQABAoIBAAZOyc9MhIwLSU4L
p4RgQvM4UVVe8/Id+3XTZ8NsXExJbWxXfIhiqGjaIfL8u4vsgRjcl+v1s/jo2/iT
KMab4o4D8gXD7UavQVDjtjb/ta79WL3SjRl2Uc9YjjMkyq6WmDNQeo2NKDdafCTB
1uzSJtLNipB8Z53ELPuHJhxX9QMHrMnuha49riQgXZ7buP9iQrHJFhImBjSzbxJx
L+TI6rkyLSf9Wi0Pd3L27Ob3QWNfNRYNSeTE+08eSRChkur5W0RuXAcuAICdQlCl
LBvWO/LmmvbzCqiDcgy/TliSb6CGGwgiNG7LJZmlkYNj8laGwalNlYZs3UrVv6NO
Br2loAECgYEA2kvCvPGj0Dg/6g7WhXDvAkEbcaL1tSeCxBbNH+6HS2UWMWvyTtCn
/bbD519QIdkvayy1QjEf32GV/UjUVmlULMLBcDy0DGjtL3+XpIhLKWDNxN1v1/ai
1oz23ZJCOgnk6K4qtFtlRS1XtynjA+rBetvYvLP9SKeFrnpzCgaA2r0CgYEA0+KX
1ACXDTNH5ySX3kMjSS9xdINf+OOw4CvPHFwbtc9aqk2HePlEsBTz5I/W3rKwXva3
NqZ/bRqVVeZB/hHKFywgdUQk2Uc5z/S7Lw70/w1HubNTXGU06Ngb6zOFAo/o/TwZ
zTP1BMIKSOB6PAZPS3l+aLO4FRIRotfFhgRHOoECgYEAmiZbqt8cJaJDB/5YYDzC
mp3tSk6gIb936Q6M5VqkMYp9pIKsxhk0N8aDCnTU+kIK6SzWBpr3/d9Ecmqmfyq7
5SvWO3KyVf0WWK9KH0abhOm2BKm2HBQvI0DB5u8sUx2/hsvOnjPYDISbZ11t0MtK
u35Zy89yMYcSsIYJjG/ROCUCgYEAgI2P9G5PNxEP5OtMwOsW84Y3Xat/hPAQFlI+
HES+AzbFGWJkeT8zL2nm95tVkFP1sggZ7Kxjz3w7cpx7GX0NkbWSE9O+T51pNASV
tN1sQ3p5M+/a+cnlqgfEGJVvc7iAcXQPa3LEi5h2yPR49QYXAgG6cifn3dDSpmwn
SUI7PQECgYEApGCIIpSRPLAEHTGmP87RBL1smurhwmy2s/pghkvUkWehtxg0sGHh
kuaqDWcskogv+QC0sVdytiLSz8G0DwcEcsHK1Fkyb8A+ayiw6jWJDo2m9+IF4Fww
1Te6jFPYDESnbhq7+TLGgHGhtwcu5cnb4vSuYXGXKupZGzoLOBbv1Zw=
-----END RSA PRIVATE KEY-----

27
deps/openssl/openssl/demos/certs/apps/intkey.pem vendored
View File

@ -1,27 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAsErw75CmLYD6pkrGW/YhAl/K8L5wJYxDjqu2FghxjD8K308W
3EHq4uBxEwR1OHXaM1+6ZZw7/r2I37VLIdurBEAIEUdbzx0so74FPawgz5EW2CTq
oJnK8F71/vo5Kj1VPwW46CxwxUR3cfvJGNXND2ip0TcyTSPLROXOyQakcVfIGJmd
Sa1wHKi+c2gMA4emADudZUOYLrg80gr2ldePm07ynbVsKKzCcStw8MdmoW9Qt3fL
nPJn2TFUUBNWj+4kvL+88edWCVQXKNdsysD/CDrH4W/hjyPDStVsM6XpiNU0+L2Z
Y6fcj3OP8d0goOx45xotMn9m8hNkCGsrVXx9IwIDAQABAoIBACg3wIV2o2KIJSZg
sqXyHY+0GNEZMO5v9E2NAMo//N941lshaN6wrww5FbK39qH9yNylfxmFLe6sgJhA
fLZprbcXgH+onto+Fpv4UqvCI+4WdHa03U3sJ+70SvxzSy1Gtrbc8FUPJl7qgrFf
Nn5S8CgOwYb4J6KPguTh5G3Z9RPiCKObwOwEM34hrZUlgPS88wmzu9H6L2GM8A1v
YBtEr0msBnlJBJOgStyUEfHW2KspNQ+VllQ6c0cedgFXUpl9EoKTLxP+WXwFI1sx
jFCFzSrMqPcPz1PxU6bXoZE0WH6r+3c8WAW4xR/HVu04BrBDu0CGwn6zAXDy6wCU
pWogDlkCgYEA4o+nIu2CTzqUlgc22pj+hjenfS5lnCtJfAdrXOJHmnuL+J9h8Nzz
9kkL+/Y0Xg9bOM6xXPm+81UNpDvOLbUahSSQsfB+LNVEkthJIL4XIk083LsHjFaJ
9SiCFRbf2OgWrEhe/c1drySwz9u/0f4Q7B6VGqxMnTDjzS5JacZ1pE8CgYEAxzMn
/n/Dpdn+c4rf14BRNKCv1qBXngPNylKJCmiRpKRJAn+B+Msdwtggk/1Ihju21wSo
IGy0Gw7WQd1Iq7V85cB2G5PAFY6ybpSV6G3QrzmzuvjHmKvXgUAuuaN+7Pp1YkMY
rLVjUOcdP5JbXG6XnaCkHYJR8uapPwWPkDt+oO0CgYBI4yZGGlr92j7LNW70TJw1
2dnMcAzIfTSa7lgf/bxDetPBHKWJs8vYxA9S9BZM3Gvgjr6IxuAjsI0+9O6TzdvG
UckrNc+h5Mq241ZDbmRK6MZXzOPUxlKDyJBw8Hb7dU82BeJpjJRDMG6hsHS5vh77
l6sodZ4ARCZFcEq1+N8ICQKBgDeBHJLAXO6YmFrvhkGQ4o+senJuSRuhabUHXGIH
ExXyJNnKV5fQWOGSwTkbKRsmBmNRS9uFDoY/kxnVI8ucjUmjYAV9HNek5DkFs+OI
vc4lYNwnN85li23bSWm2kcZMX2ra0URGYn8HdtHg4Q4XTq3ANhp21oi9FsmVrhP9
T+JdAoGBAK2ebwZ7CXFavDFo4mzLKkGitBjrSi/udFhZECXZWEbNzWlVc3Y3q0cU
drDqUtbVm+/Xb5CMU044Gqq6SKdObAb3JElKmFylFL9fp2rfL/foUr2sdb87Vqdp
2j5jZyvt1DKnNaJ7JaFbUdRxlvHQRiqKlZpafN/SMQ0jCs1bSgCg
-----END RSA PRIVATE KEY-----

45
deps/openssl/openssl/demos/certs/apps/mkacerts.sh vendored
View File

@ -1,45 +0,0 @@
#!/bin/sh
# Recreate the demo certificates in the apps directory.
OPENSSL=openssl
# Root CA: create certificate directly
CN="OpenSSL Test Root CA" $OPENSSL req -config apps.cnf -x509 -nodes \
-keyout root.pem -out root.pem -key rootkey.pem -new -days 3650
# Intermediate CA: request first
CN="OpenSSL Test Intermediate CA" $OPENSSL req -config apps.cnf -nodes \
-key intkey.pem -out intreq.pem -new
# Sign request: CA extensions
$OPENSSL x509 -req -in intreq.pem -CA root.pem -CAkey rootkey.pem -days 3630 \
-extfile apps.cnf -extensions v3_ca -CAcreateserial -out intca.pem
# Client certificate: request first
CN="Test Client Cert" $OPENSSL req -config apps.cnf -nodes \
-key ckey.pem -out creq.pem -new
# Sign using intermediate CA
$OPENSSL x509 -req -in creq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \
-extfile apps.cnf -extensions usr_cert -CAcreateserial | \
$OPENSSL x509 -nameopt oneline -subject -issuer >client.pem
# Server certificate: request first
CN="Test Server Cert" $OPENSSL req -config apps.cnf -nodes \
-key skey.pem -out sreq.pem -new
# Sign using intermediate CA
$OPENSSL x509 -req -in sreq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \
-extfile apps.cnf -extensions usr_cert -CAcreateserial | \
$OPENSSL x509 -nameopt oneline -subject -issuer >server.pem
# Server certificate #2: request first
CN="Test Server Cert #2" $OPENSSL req -config apps.cnf -nodes \
-key skey2.pem -out sreq2.pem -new
# Sign using intermediate CA
$OPENSSL x509 -req -in sreq2.pem -CA intca.pem -CAkey intkey.pem -days 3600 \
-extfile apps.cnf -extensions usr_cert -CAcreateserial | \
$OPENSSL x509 -nameopt oneline -subject -issuer >server2.pem
# Append keys to file.
cat skey.pem >>server.pem
cat skey2.pem >>server2.pem
cat ckey.pem >>client.pem
$OPENSSL verify -CAfile root.pem -untrusted intca.pem \
server2.pem server.pem client.pem

29
deps/openssl/openssl/demos/certs/apps/mkxcerts.sh vendored
View File

@ -1,29 +0,0 @@
# Create certificates using various algorithms to test multi-certificate
# functionality.
OPENSSL=../../../apps/openssl
CN="OpenSSL Test RSA SHA-1 cert" $OPENSSL req \
-config apps.cnf -extensions usr_cert -x509 -nodes \
-keyout tsha1.pem -out tsha1.pem -new -days 3650 -sha1
CN="OpenSSL Test RSA SHA-256 cert" $OPENSSL req \
-config apps.cnf -extensions usr_cert -x509 -nodes \
-keyout tsha256.pem -out tsha256.pem -new -days 3650 -sha256
CN="OpenSSL Test RSA SHA-512 cert" $OPENSSL req \
-config apps.cnf -extensions usr_cert -x509 -nodes \
-keyout tsha512.pem -out tsha512.pem -new -days 3650 -sha512
# Create EC parameters
$OPENSSL ecparam -name P-256 -out ecp256.pem
$OPENSSL ecparam -name P-384 -out ecp384.pem
CN="OpenSSL Test P-256 SHA-256 cert" $OPENSSL req \
-config apps.cnf -extensions ec_cert -x509 -nodes \
-nodes -keyout tecp256.pem -out tecp256.pem -newkey ec:ecp256.pem \
-days 3650 -sha256
CN="OpenSSL Test P-384 SHA-384 cert" $OPENSSL req \
-config apps.cnf -extensions ec_cert -x509 -nodes \
-nodes -keyout tecp384.pem -out tecp384.pem -newkey ec:ecp384.pem \
-days 3650 -sha384

27
deps/openssl/openssl/demos/certs/apps/rootkey.pem vendored
View File

@ -1,27 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpgIBAAKCAQEA0xpquKAoY6trkxz8uuE6RyYfMOy+Rgvt19pqG3x8sEpFNjDN
IG873HniShNaOrseRtrGRgCDcecNOQ0LLOQYo10zz0er8+0YgUWVx5Ag5q3cqN3T
kjDc+0sRZMONPoUwD0ySOT9dumbJypEjA0q2AgKgWwaO4ilzg/fWTEruLeuL4meX
K9WZFmMnGuF4kHSocZeKWs5UM86WIOf/+NdtzLNd6a5HwqAB5Azggiz2Ngck6Aet
Mi0inBr3A1MSn0oIaQ7rGvbQ2QrIOnpdHJ36GadQHuvvtZOm28o8UVONMMWoS1yJ
/1TaRWQJ+faZJE7yegJtUf75+5HwsxaUP32C3wIDAQABAoIBAQCEybEnwVamm0Vn
nGw9AT+vUYN9Ou3VEdviUzk7YOrt2Un/9GKTbGSzItf80H+JQfqhhywBDIGiPDxN
Dq9g5Xm6CP51/BdlsFYhuqukhDyt3d9XOXHEG4hlaarfP0KxeQXqGbhA2mMSxWVZ
TkI/59blHNHRcCagjIJlGJhsFRYNO1/ApfA5zN7fWCFvH1XWZhuvsPDgUXKm4BS0
p3ol67MVJHRfYcLb/txBO5rBhSXinK0jEBiljRcE0rWzRycSedmDgG3SNV17wvA0
UWgMNpPcJ1b7Satr0nM7A8+siV8FRcfvPqCuGPKCYTrNn71hGJEhKXKwlURj9+95
O5yzRxjBAoGBAPtTRYN40/piRB0XLpi+zNh+4Ba4TGfXSymbaozgC/pI5wfgGXrz
IpT9ujjV42r8TABHvXa6uiGm0cbxcUgq2n6Y8rf6iHxmn23ezCEBUs7rd6jtt11b
m58T8o0XWyOgAovaH0UgzMtrlsZYR2fli5254oRkTWwaUTuO38z6CVddAoGBANcH
nvdu3RniIYStsr5/deu7l81ZQ9rSiR1m3H6Wy8ryMIfkYfa0WqXhwNHrLrhvhLIQ
7mGnJ+jAkJyVQULE6UdbmVW8tC58Dfrgz/1s7RMeUYPnOmRpx79c/LqZ2IunfFWx
IvBvFu7vidEHA+1tU2N+oXNsU+B9XpfsJ+/d2QtrAoGBAJTuP58tFtClMp/agO5b
AqC4bqqIBB704cGCK53XlsF2OhHcprzJH5ES2iub8+wOHit8V7Xn6SzP4jf2E58k
Zd3nXM3RVNgDKC6/fE+CrUOZHYupcqOMCag29eDOGl/+DgQ5+ZXJXhKdaveWkJns
2NNat/SkS4zn+4NDozOgZ7CxAoGBAIuXjfJRTUXNUDci0APtGO9U1AJiLbOzs4Gb
0g539IqmWS0O7S3L/YDsolFkXOsssjcq2KYabsUhpX+RQVGIJWzGoS9QlqQKssSo
Bz4c5Xbg2shHZtfi9+JaClNVJofazdOPcAAoDfpFFPHWnQ0YSOcxQLx+maEFok/7
5h1IputLAoGBAKGBWDPwskgRRfCAIFpCJLOu/9D30M/akMtO0kJYQpBjOaKuigUy
ic7pthFVse/pMUljXHAd1hs2CTjMW1ukEusU3x1Ei6wvnHHqn0Hs+6D5NQFQkcMn
7rejJ+bpJPRAn40AAV5hGBYI12XycB8ZgyPC4hTUK6unGVK06DC4qvdv
-----END RSA PRIVATE KEY-----

27
deps/openssl/openssl/demos/certs/apps/skey.pem vendored
View File

@ -1,27 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv
h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL
tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu
D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI
uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6
qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn
zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3
r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D
AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R
5s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm
W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH
674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg
utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY
BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX
4qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a
WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8
bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH
6ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex
4UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa
WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g
n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB
JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+
OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX
xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK
UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ==
-----END RSA PRIVATE KEY-----

27
deps/openssl/openssl/demos/certs/apps/skey2.pem vendored
View File

@ -1,27 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA63Yu4/cnLRvi+BIwcoIz5hKmcziREG2tujKEBs4JVO3uV3+f
UW/4YFULigKImXu/0fKyuMyeFu4l3V8NC6gachvAeWhiniN9sPgPU3AQKaF1y9gq
2EBEI2cFCKS5WASItjZCY951ZKuXYJdYDgC4kPlvI4N5M4ORHPa4pqfa/dzfMLEi
92sLGn7q5mArzn+5Xh2jD9Vif8w0RlDRxv1rQ413PGVBtfuhF1PSXNhbPtjpn+33
DdJdNACv8D4PDmjUtKyshqvSXSE/RURldW13v68efBWhOQiLXcAkmISbxfzveS1k
KMSV8nuWwhS5rw0xMlavRTEgqbX7Jm14xGRrFwIDAQABAoIBAHLsTPihIfLnYIE5
x4GsQQ5zXeBw5ITDM37ktwHnQDC+rIzyUl1aLD1AZRBoKinXd4lOTqLZ4/NHKx4A
DYr58mZtWyUmqLOMmQVuHXTZBlp7XtYuXMMNovQwjQlp9LicBeoBU6gQ5PVMtubD
F4xGF89Sn0cTHW3iMkqTtQ5KcR1j57OcJO0FEb1vPvk2MXI5ZyAatUYE7YacbEzd
rg02uIwx3FqNSkuSI79uz4hMdV5TPtuhxx9nTwj9aLUhXFeZ0mn2PVgVzEnnMoJb
+znlsZDgzDlJqdaD744YGWh8Z3OEssB35KfzFcdOeO6yH8lmv2Zfznk7pNPT7LTb
Lae9VgkCgYEA92p1qnAB3NtJtNcaW53i0S5WJgS1hxWKvUDx3lTB9s8X9fHpqL1a
E94fDfWzp/hax6FefUKIvBOukPLQ6bYjTMiFoOHzVirghAIuIUoMI5VtLhwD1hKs
Lr7l/dptMgKb1nZHyXoKHRBthsy3K4+udsPi8TzMvYElgEqyQIe/Rk0CgYEA86GL
8HC6zLszzKERDPBxrboRmoFvVUCTQDhsfj1M8aR3nQ8V5LkdIJc7Wqm/Ggfk9QRf
rJ8M2WUMlU5CNnCn/KCrKzCNZIReze3fV+HnKdbcXGLvgbHPrhnz8yYehUFG+RGq
bVyDWRU94T38izy2s5qMYrMJWZEYyXncSPbfcPMCgYAtaXfxcZ+V5xYPQFARMtiX
5nZfggvDoJuXgx0h3tK/N2HBfcaSdzbaYLG4gTmZggc/jwnl2dl5E++9oSPhUdIG
3ONSFUbxsOsGr9PBvnKd8WZZyUCXAVRjPBzAzF+whzQNWCZy/5htnz9LN7YDI9s0
5113Q96cheDZPFydZY0hHQKBgQDVbEhNukM5xCiNcu+f2SaMnLp9EjQ4h5g3IvaP
5B16daw/Dw8LzcohWboqIxeAsze0GD/D1ZUJAEd0qBjC3g+a9BjefervCjKOzXng
38mEUm+6EwVjJSQcjSmycEs+Sr/kwr/8i5WYvU32+jk4tFgMoC+o6tQe/Uesf68k
z/dPVwKBgGbF7Vv1/3SmhlOy+zYyvJ0CrWtKxH9QP6tLIEgEpd8x7YTSuCH94yok
kToMXYA3sWNPt22GbRDZ+rcp4c7HkDx6I6vpdP9aQEwJTp0EPy0sgWr2XwYmreIQ
NFmkk8Itn9EY2R9VBaP7GLv5kvwxDdLAnmwGmzVtbmaVdxCaBwUk
-----END RSA PRIVATE KEY-----

82
deps/openssl/openssl/demos/certs/ca.cnf vendored
View File

@ -1,82 +0,0 @@
#
# OpenSSL example configuration file for automated certificate creation.
#
# This definition stops the following lines choking if HOME or CN
# is undefined.
HOME = .
CN = "Not Defined"
default_ca = ca
# Comment out the next line to ignore configuration errors
config_diagnostics = 1
####################################################################
[ req ]
default_bits = 1024
default_keyfile = privkey.pem
# Don't prompt for fields: use those in section directly
prompt = no
distinguished_name = req_distinguished_name
x509_extensions = v3_ca # The extensions to add to the self signed cert
string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = UK
organizationName = OpenSSL Group
# Take CN from environment so it can come from a script.
commonName = $ENV::CN
[ usr_cert ]
# These extensions are added when 'ca' signs a request for an end entity
# certificate
basicConstraints=critical, CA:FALSE
keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid
# OCSP responder certificate
[ ocsp_cert ]
basicConstraints=critical, CA:FALSE
keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid
extendedKeyUsage=OCSPSigning
[ dh_cert ]
# These extensions are added when 'ca' signs a request for an end entity
# DH certificate
basicConstraints=critical, CA:FALSE
keyUsage=critical, keyAgreement
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always
basicConstraints = critical,CA:true
keyUsage = critical, cRLSign, keyCertSign
# Minimal CA entry to allow generation of CRLs.
[ca]
database=index.txt
crlnumber=crlnum.txt

96
deps/openssl/openssl/demos/certs/mkcerts.sh vendored
View File

@ -1,96 +0,0 @@
#!/bin/sh
OPENSSL=../../apps/openssl
OPENSSL_CONF=../../apps/openssl.cnf
export OPENSSL_CONF
# Root CA: create certificate directly
CN="Test Root CA" $OPENSSL req -config ca.cnf -x509 -nodes \
-keyout root.pem -out root.pem -newkey rsa:2048 -days 3650
# Intermediate CA: request first
CN="Test Intermediate CA" $OPENSSL req -config ca.cnf -nodes \
-keyout intkey.pem -out intreq.pem -newkey rsa:2048
# Sign request: CA extensions
$OPENSSL x509 -req -in intreq.pem -CA root.pem -days 3600 \
-extfile ca.cnf -extensions v3_ca -CAcreateserial -out intca.pem
# Server certificate: create request first
CN="Test Server Cert" $OPENSSL req -config ca.cnf -nodes \
-keyout skey.pem -out req.pem -newkey rsa:1024
# Sign request: end entity extensions
$OPENSSL x509 -req -in req.pem -CA intca.pem -CAkey intkey.pem -days 3600 \
-extfile ca.cnf -extensions usr_cert -CAcreateserial -out server.pem
# Client certificate: request first
CN="Test Client Cert" $OPENSSL req -config ca.cnf -nodes \
-keyout ckey.pem -out creq.pem -newkey rsa:1024
# Sign using intermediate CA
$OPENSSL x509 -req -in creq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \
-extfile ca.cnf -extensions usr_cert -CAcreateserial -out client.pem
# Revoked certificate: request first
CN="Test Revoked Cert" $OPENSSL req -config ca.cnf -nodes \
-keyout revkey.pem -out rreq.pem -newkey rsa:1024
# Sign using intermediate CA
$OPENSSL x509 -req -in rreq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \
-extfile ca.cnf -extensions usr_cert -CAcreateserial -out rev.pem
# OCSP responder certificate: request first
CN="Test OCSP Responder Cert" $OPENSSL req -config ca.cnf -nodes \
-keyout respkey.pem -out respreq.pem -newkey rsa:1024
# Sign using intermediate CA and responder extensions
$OPENSSL x509 -req -in respreq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \
-extfile ca.cnf -extensions ocsp_cert -CAcreateserial -out resp.pem
# Example creating a PKCS#3 DH certificate.
# First DH parameters
[ -f dhp.pem ] || $OPENSSL genpkey -genparam -algorithm DH -pkeyopt dh_paramgen_prime_len:1024 -out dhp.pem
# Now a DH private key
$OPENSSL genpkey -paramfile dhp.pem -out dhskey.pem
# Create DH public key file
$OPENSSL pkey -in dhskey.pem -pubout -out dhspub.pem
# Certificate request, key just reuses old one as it is ignored when the
# request is signed.
CN="Test Server DH Cert" $OPENSSL req -config ca.cnf -new \
-key skey.pem -out dhsreq.pem
# Sign request: end entity DH extensions
$OPENSSL x509 -req -in dhsreq.pem -CA root.pem -days 3600 \
-force_pubkey dhspub.pem \
-extfile ca.cnf -extensions dh_cert -CAcreateserial -out dhserver.pem
# DH client certificate
$OPENSSL genpkey -paramfile dhp.pem -out dhckey.pem
$OPENSSL pkey -in dhckey.pem -pubout -out dhcpub.pem
CN="Test Client DH Cert" $OPENSSL req -config ca.cnf -new \
-key skey.pem -out dhcreq.pem
$OPENSSL x509 -req -in dhcreq.pem -CA root.pem -days 3600 \
-force_pubkey dhcpub.pem \
-extfile ca.cnf -extensions dh_cert -CAcreateserial -out dhclient.pem
# Examples of CRL generation without the need to use 'ca' to issue
# certificates.
# Create zero length index file
>index.txt
# Create initial crl number file
echo 01 >crlnum.txt
# Add entries for server and client certs
$OPENSSL ca -valid server.pem -keyfile root.pem -cert root.pem \
-config ca.cnf -md sha1
$OPENSSL ca -valid client.pem -keyfile root.pem -cert root.pem \
-config ca.cnf -md sha1
$OPENSSL ca -valid rev.pem -keyfile root.pem -cert root.pem \
-config ca.cnf -md sha1
# Generate a CRL.
$OPENSSL ca -gencrl -keyfile root.pem -cert root.pem -config ca.cnf \
-md sha1 -crldays 1 -out crl1.pem
# Revoke a certificate
openssl ca -revoke rev.pem -crl_reason superseded \
-keyfile root.pem -cert root.pem -config ca.cnf -md sha1
# Generate another CRL
$OPENSSL ca -gencrl -keyfile root.pem -cert root.pem -config ca.cnf \
-md sha1 -crldays 1 -out crl2.pem

21
deps/openssl/openssl/demos/certs/ocspquery.sh vendored
View File

@ -1,21 +0,0 @@
# Example querying OpenSSL test responder. Assumes ocsprun.sh has been
# called.
OPENSSL=../../apps/openssl
OPENSSL_CONF=../../apps/openssl.cnf
export OPENSSL_CONF
# Send responder queries for each certificate.
echo "Requesting OCSP status for each certificate"
$OPENSSL ocsp -issuer intca.pem -cert client.pem -CAfile root.pem \
-url http://127.0.0.1:8888/
$OPENSSL ocsp -issuer intca.pem -cert server.pem -CAfile root.pem \
-url http://127.0.0.1:8888/
$OPENSSL ocsp -issuer intca.pem -cert rev.pem -CAfile root.pem \
-url http://127.0.0.1:8888/
# One query for all three certificates.
echo "Requesting OCSP status for three certificates in one request"
$OPENSSL ocsp -issuer intca.pem \
-cert client.pem -cert server.pem -cert rev.pem \
-CAfile root.pem -url http://127.0.0.1:8888/

14
deps/openssl/openssl/demos/certs/ocsprun.sh vendored
View File

@ -1,14 +0,0 @@
# Example of running an querying OpenSSL test OCSP responder.
# This assumes "mkcerts.sh" or similar has been run to set up the
# necessary file structure.
OPENSSL=../../apps/openssl
OPENSSL_CONF=../../apps/openssl.cnf
export OPENSSL_CONF
# Run OCSP responder.
PORT=8888
$OPENSSL ocsp -port $PORT -index index.txt -CA intca.pem \
-rsigner resp.pem -rkey respkey.pem -rother intca.pem $*

27
deps/openssl/openssl/demos/cipher/Makefile vendored
View File

@ -1,27 +0,0 @@
# Quick instruction:
# To build against an OpenSSL built in the source tree, do this:
#
# make OPENSSL_INCS_LOCATION=-I../../include OPENSSL_LIBS_LOCATION=-L../..
#
# To run the demos when linked with a shared library (default):
#
# LD_LIBRARY_PATH=../.. ./aesccm
# LD_LIBRARY_PATH=../.. ./aesgcm
# LD_LIBRARY_PATH=../.. ./aeskeywrap
# LD_LIBRARY_PATH=../.. ./ariacbc
CFLAGS = $(OPENSSL_INCS_LOCATION)
LDFLAGS = $(OPENSSL_LIBS_LOCATION) -lssl -lcrypto
all: aesccm aesgcm aeskeywrap ariacbc
aesccm: aesccm.o
aesgcm: aesgcm.o
aeskeywrap: aeskeywrap.o
ariacbc: ariacbc.o
aesccm aesgcm aeskeywrap ariacbc:
$(CC) $(CFLAGS) -o $@ $< $(LDFLAGS)
clean:
$(RM) aesccm aesgcm aeskeywrap ariacbc *.o

238
deps/openssl/openssl/demos/cipher/aesccm.c vendored
View File

@ -1,238 +0,0 @@
/*
* Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Simple AES CCM authenticated encryption with additional data (AEAD)
* demonstration program.
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/core_names.h>
/* AES-CCM test data obtained from NIST public test vectors */
/* AES key */
static const unsigned char ccm_key[] = {
0xce, 0xb0, 0x09, 0xae, 0xa4, 0x45, 0x44, 0x51, 0xfe, 0xad, 0xf0, 0xe6,
0xb3, 0x6f, 0x45, 0x55, 0x5d, 0xd0, 0x47, 0x23, 0xba, 0xa4, 0x48, 0xe8
};
/* Unique nonce to be used for this message */
static const unsigned char ccm_nonce[] = {
0x76, 0x40, 0x43, 0xc4, 0x94, 0x60, 0xb7
};
/*
* Example of Additional Authenticated Data (AAD), i.e. unencrypted data
* which can be authenticated using the generated Tag value.
*/
static const unsigned char ccm_adata[] = {
0x6e, 0x80, 0xdd, 0x7f, 0x1b, 0xad, 0xf3, 0xa1, 0xc9, 0xab, 0x25, 0xc7,
0x5f, 0x10, 0xbd, 0xe7, 0x8c, 0x23, 0xfa, 0x0e, 0xb8, 0xf9, 0xaa, 0xa5,
0x3a, 0xde, 0xfb, 0xf4, 0xcb, 0xf7, 0x8f, 0xe4
};
/* Example plaintext to encrypt */
static const unsigned char ccm_pt[] = {
0xc8, 0xd2, 0x75, 0xf9, 0x19, 0xe1, 0x7d, 0x7f, 0xe6, 0x9c, 0x2a, 0x1f,
0x58, 0x93, 0x9d, 0xfe, 0x4d, 0x40, 0x37, 0x91, 0xb5, 0xdf, 0x13, 0x10
};
/* Expected ciphertext value */
static const unsigned char ccm_ct[] = {
0x8a, 0x0f, 0x3d, 0x82, 0x29, 0xe4, 0x8e, 0x74, 0x87, 0xfd, 0x95, 0xa2,
0x8a, 0xd3, 0x92, 0xc8, 0x0b, 0x36, 0x81, 0xd4, 0xfb, 0xc7, 0xbb, 0xfd
};
/* Expected AEAD Tag value */
static const unsigned char ccm_tag[] = {
0x2d, 0xd6, 0xef, 0x1c, 0x45, 0xd4, 0xcc, 0xb7, 0x23, 0xdc, 0x07, 0x44,
0x14, 0xdb, 0x50, 0x6d
};
/*
* A library context and property query can be used to select & filter
* algorithm implementations. If they are NULL then the default library
* context and properties are used.
*/
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
int aes_ccm_encrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
EVP_CIPHER *cipher = NULL;
int outlen, tmplen;
size_t ccm_nonce_len = sizeof(ccm_nonce);
size_t ccm_tag_len = sizeof(ccm_tag);
unsigned char outbuf[1024];
unsigned char outtag[16];
OSSL_PARAM params[3] = {
OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END
};
printf("AES CCM Encrypt:\n");
printf("Plaintext:\n");
BIO_dump_fp(stdout, ccm_pt, sizeof(ccm_pt));
/* Create a context for the encrypt operation */
if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
goto err;
/* Fetch the cipher implementation */
if ((cipher = EVP_CIPHER_fetch(libctx, "AES-192-CCM", propq)) == NULL)
goto err;
/* Default nonce length for AES-CCM is 7 bytes (56 bits). */
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN,
&ccm_nonce_len);
/* Set tag length */
params[1] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
NULL, ccm_tag_len);
/*
* Initialise encrypt operation with the cipher & mode,
* nonce length and tag length parameters.
*/
if (!EVP_EncryptInit_ex2(ctx, cipher, NULL, NULL, params))
goto err;
/* Initialise key and nonce */
if (!EVP_EncryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce))
goto err;
/* Set plaintext length: only needed if AAD is used */
if (!EVP_EncryptUpdate(ctx, NULL, &outlen, NULL, sizeof(ccm_pt)))
goto err;
/* Zero or one call to specify any AAD */
if (!EVP_EncryptUpdate(ctx, NULL, &outlen, ccm_adata, sizeof(ccm_adata)))
goto err;
/* Encrypt plaintext: can only be called once */
if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, ccm_pt, sizeof(ccm_pt)))
goto err;
/* Output encrypted block */
printf("Ciphertext:\n");
BIO_dump_fp(stdout, outbuf, outlen);
/* Finalise: note get no output for CCM */
if (!EVP_EncryptFinal_ex(ctx, NULL, &tmplen))
goto err;
/* Get tag */
params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
outtag, ccm_tag_len);
params[1] = OSSL_PARAM_construct_end();
if (!EVP_CIPHER_CTX_get_params(ctx, params))
goto err;
/* Output tag */
printf("Tag:\n");
BIO_dump_fp(stdout, outtag, ccm_tag_len);
ret = 1;
err:
if (!ret)
ERR_print_errors_fp(stderr);
EVP_CIPHER_free(cipher);
EVP_CIPHER_CTX_free(ctx);
return ret;
}
int aes_ccm_decrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
EVP_CIPHER *cipher = NULL;
int outlen, rv;
unsigned char outbuf[1024];
size_t ccm_nonce_len = sizeof(ccm_nonce);
OSSL_PARAM params[3] = {
OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END
};
printf("AES CCM Decrypt:\n");
printf("Ciphertext:\n");
BIO_dump_fp(stdout, ccm_ct, sizeof(ccm_ct));
if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
goto err;
/* Fetch the cipher implementation */
if ((cipher = EVP_CIPHER_fetch(libctx, "AES-192-CCM", propq)) == NULL)
goto err;
/* Set nonce length if default 96 bits is not appropriate */
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN,
&ccm_nonce_len);
/* Set tag length */
params[1] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
(unsigned char *)ccm_tag,
sizeof(ccm_tag));
/*
* Initialise decrypt operation with the cipher & mode,
* nonce length and expected tag parameters.
*/
if (!EVP_DecryptInit_ex2(ctx, cipher, NULL, NULL, params))
goto err;
/* Specify key and IV */
if (!EVP_DecryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce))
goto err;
/* Set ciphertext length: only needed if we have AAD */
if (!EVP_DecryptUpdate(ctx, NULL, &outlen, NULL, sizeof(ccm_ct)))
goto err;
/* Zero or one call to specify any AAD */
if (!EVP_DecryptUpdate(ctx, NULL, &outlen, ccm_adata, sizeof(ccm_adata)))
goto err;
/* Decrypt plaintext, verify tag: can only be called once */
rv = EVP_DecryptUpdate(ctx, outbuf, &outlen, ccm_ct, sizeof(ccm_ct));
/* Output decrypted block: if tag verify failed we get nothing */
if (rv > 0) {
printf("Tag verify successful!\nPlaintext:\n");
BIO_dump_fp(stdout, outbuf, outlen);
} else {
printf("Tag verify failed!\nPlaintext not available\n");
goto err;
}
ret = 1;
err:
if (!ret)
ERR_print_errors_fp(stderr);
EVP_CIPHER_free(cipher);
EVP_CIPHER_CTX_free(ctx);
return ret;
}
int main(int argc, char **argv)
{
if (!aes_ccm_encrypt())
return 1;
if (!aes_ccm_decrypt())
return 1;
return 0;
}

228
deps/openssl/openssl/demos/cipher/aesgcm.c vendored
View File

@ -1,228 +0,0 @@
/*
* Copyright 2012-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Simple AES GCM authenticated encryption with additional data (AEAD)
* demonstration program.
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/core_names.h>
/* AES-GCM test data obtained from NIST public test vectors */
/* AES key */
static const unsigned char gcm_key[] = {
0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66,
0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69,
0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f
};
/* Unique initialisation vector */
static const unsigned char gcm_iv[] = {
0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84
};
/* Example plaintext to encrypt */
static const unsigned char gcm_pt[] = {
0xf5, 0x6e, 0x87, 0x05, 0x5b, 0xc3, 0x2d, 0x0e, 0xeb, 0x31, 0xb2, 0xea,
0xcc, 0x2b, 0xf2, 0xa5
};
/*
* Example of Additional Authenticated Data (AAD), i.e. unencrypted data
* which can be authenticated using the generated Tag value.
*/
static const unsigned char gcm_aad[] = {
0x4d, 0x23, 0xc3, 0xce, 0xc3, 0x34, 0xb4, 0x9b, 0xdb, 0x37, 0x0c, 0x43,
0x7f, 0xec, 0x78, 0xde
};
/* Expected ciphertext value */
static const unsigned char gcm_ct[] = {
0xf7, 0x26, 0x44, 0x13, 0xa8, 0x4c, 0x0e, 0x7c, 0xd5, 0x36, 0x86, 0x7e,
0xb9, 0xf2, 0x17, 0x36
};
/* Expected AEAD Tag value */
static const unsigned char gcm_tag[] = {
0x67, 0xba, 0x05, 0x10, 0x26, 0x2a, 0xe4, 0x87, 0xd7, 0x37, 0xee, 0x62,
0x98, 0xf7, 0x7e, 0x0c
};
/*
* A library context and property query can be used to select & filter
* algorithm implementations. If they are NULL then the default library
* context and properties are used.
*/
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
int aes_gcm_encrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
EVP_CIPHER *cipher = NULL;
int outlen, tmplen;
size_t gcm_ivlen = sizeof(gcm_iv);
unsigned char outbuf[1024];
unsigned char outtag[16];
OSSL_PARAM params[2] = {
OSSL_PARAM_END, OSSL_PARAM_END
};
printf("AES GCM Encrypt:\n");
printf("Plaintext:\n");
BIO_dump_fp(stdout, gcm_pt, sizeof(gcm_pt));
/* Create a context for the encrypt operation */
if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
goto err;
/* Fetch the cipher implementation */
if ((cipher = EVP_CIPHER_fetch(libctx, "AES-256-GCM", propq)) == NULL)
goto err;
/* Set IV length if default 96 bits is not appropriate */
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN,
&gcm_ivlen);
/*
* Initialise an encrypt operation with the cipher/mode, key, IV and
* IV length parameter.
* For demonstration purposes the IV is being set here. In a compliant
* application the IV would be generated internally so the iv passed in
* would be NULL.
*/
if (!EVP_EncryptInit_ex2(ctx, cipher, gcm_key, gcm_iv, params))
goto err;
/* Zero or more calls to specify any AAD */
if (!EVP_EncryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad)))
goto err;
/* Encrypt plaintext */
if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, gcm_pt, sizeof(gcm_pt)))
goto err;
/* Output encrypted block */
printf("Ciphertext:\n");
BIO_dump_fp(stdout, outbuf, outlen);
/* Finalise: note get no output for GCM */
if (!EVP_EncryptFinal_ex(ctx, outbuf, &tmplen))
goto err;
/* Get tag */
params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
outtag, 16);
if (!EVP_CIPHER_CTX_get_params(ctx, params))
goto err;
/* Output tag */
printf("Tag:\n");
BIO_dump_fp(stdout, outtag, 16);
ret = 1;
err:
if (!ret)
ERR_print_errors_fp(stderr);
EVP_CIPHER_free(cipher);
EVP_CIPHER_CTX_free(ctx);
return ret;
}
int aes_gcm_decrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
EVP_CIPHER *cipher = NULL;
int outlen, rv;
size_t gcm_ivlen = sizeof(gcm_iv);
unsigned char outbuf[1024];
OSSL_PARAM params[2] = {
OSSL_PARAM_END, OSSL_PARAM_END
};
printf("AES GCM Decrypt:\n");
printf("Ciphertext:\n");
BIO_dump_fp(stdout, gcm_ct, sizeof(gcm_ct));
if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
goto err;
/* Fetch the cipher implementation */
if ((cipher = EVP_CIPHER_fetch(libctx, "AES-256-GCM", propq)) == NULL)
goto err;
/* Set IV length if default 96 bits is not appropriate */
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN,
&gcm_ivlen);
/*
* Initialise an encrypt operation with the cipher/mode, key, IV and
* IV length parameter.
*/
if (!EVP_DecryptInit_ex2(ctx, cipher, gcm_key, gcm_iv, params))
goto err;
/* Zero or more calls to specify any AAD */
if (!EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad)))
goto err;
/* Decrypt plaintext */
if (!EVP_DecryptUpdate(ctx, outbuf, &outlen, gcm_ct, sizeof(gcm_ct)))
goto err;
/* Output decrypted block */
printf("Plaintext:\n");
BIO_dump_fp(stdout, outbuf, outlen);
/* Set expected tag value. */
params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
(void*)gcm_tag, sizeof(gcm_tag));
if (!EVP_CIPHER_CTX_set_params(ctx, params))
goto err;
/* Finalise: note get no output for GCM */
rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen);
/*
* Print out return value. If this is not successful authentication
* failed and plaintext is not trustworthy.
*/
printf("Tag Verify %s\n", rv > 0 ? "Successful!" : "Failed!");
ret = 1;
err:
if (!ret)
ERR_print_errors_fp(stderr);
EVP_CIPHER_free(cipher);
EVP_CIPHER_CTX_free(ctx);
return ret;
}
int main(int argc, char **argv)
{
if (!aes_gcm_encrypt())
return 1;
if (!aes_gcm_decrypt())
return 1;
return 0;
}

181
deps/openssl/openssl/demos/cipher/aeskeywrap.c vendored
View File

@ -1,181 +0,0 @@
/*
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Simple aes wrap encryption demonstration program.
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/crypto.h>
#include <openssl/core_names.h>
/* aes key */
static const unsigned char wrap_key[] = {
0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66,
0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69,
0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f
};
/* Unique initialisation vector */
static const unsigned char wrap_iv[] = {
0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84,
0x99, 0xaa, 0x3e, 0x68,
};
/* Example plaintext to encrypt */
static const unsigned char wrap_pt[] = {
0xad, 0x4f, 0xc9, 0xfc, 0x77, 0x69, 0xc9, 0xea, 0xfc, 0xdf, 0x00, 0xac,
0x34, 0xec, 0x40, 0xbc, 0x28, 0x3f, 0xa4, 0x5e, 0xd8, 0x99, 0xe4, 0x5d,
0x5e, 0x7a, 0xc4, 0xe6, 0xca, 0x7b, 0xa5, 0xb7,
};
/* Expected ciphertext value */
static const unsigned char wrap_ct[] = {
0x97, 0x99, 0x55, 0xca, 0xf6, 0x3e, 0x95, 0x54, 0x39, 0xd6, 0xaf, 0x63, 0xff, 0x2c, 0xe3, 0x96,
0xf7, 0x0d, 0x2c, 0x9c, 0xc7, 0x43, 0xc0, 0xb6, 0x31, 0x43, 0xb9, 0x20, 0xac, 0x6b, 0xd3, 0x67,
0xad, 0x01, 0xaf, 0xa7, 0x32, 0x74, 0x26, 0x92,
};
/*
* A library context and property query can be used to select & filter
* algorithm implementations. If they are NULL then the default library
* context and properties are used.
*/
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
int aes_wrap_encrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
EVP_CIPHER *cipher = NULL;
int outlen, tmplen;
unsigned char outbuf[1024];
printf("aes wrap Encrypt:\n");
printf("Plaintext:\n");
BIO_dump_fp(stdout, wrap_pt, sizeof(wrap_pt));
/* Create a context for the encrypt operation */
if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
goto err;
EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
/* Fetch the cipher implementation */
if ((cipher = EVP_CIPHER_fetch(libctx, "AES-256-WRAP", propq)) == NULL)
goto err;
/*
* Initialise an encrypt operation with the cipher/mode, key and IV.
* We are not setting any custom params so let params be just NULL.
*/
if (!EVP_EncryptInit_ex2(ctx, cipher, wrap_key, wrap_iv, /* params */ NULL))
goto err;
/* Encrypt plaintext */
if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, wrap_pt, sizeof(wrap_pt)))
goto err;
/* Finalise: there can be some additional output from padding */
if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen))
goto err;
outlen += tmplen;
/* Output encrypted block */
printf("Ciphertext (outlen:%d):\n", outlen);
BIO_dump_fp(stdout, outbuf, outlen);
if (sizeof(wrap_ct) == outlen && !CRYPTO_memcmp(outbuf, wrap_ct, outlen))
printf("Final ciphertext matches expected ciphertext\n");
else
printf("Final ciphertext differs from expected ciphertext\n");
ret = 1;
err:
if (!ret)
ERR_print_errors_fp(stderr);
EVP_CIPHER_free(cipher);
EVP_CIPHER_CTX_free(ctx);
return ret;
}
int aes_wrap_decrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
EVP_CIPHER *cipher = NULL;
int outlen, tmplen;
unsigned char outbuf[1024];
printf("aes wrap Decrypt:\n");
printf("Ciphertext:\n");
BIO_dump_fp(stdout, wrap_ct, sizeof(wrap_ct));
if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
goto err;
EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
/* Fetch the cipher implementation */
if ((cipher = EVP_CIPHER_fetch(libctx, "aes-256-wrap", propq)) == NULL)
goto err;
/*
* Initialise an encrypt operation with the cipher/mode, key and IV.
* We are not setting any custom params so let params be just NULL.
*/
if (!EVP_DecryptInit_ex2(ctx, cipher, wrap_key, wrap_iv, /* params */ NULL))
goto err;
/* Decrypt plaintext */
if (!EVP_DecryptUpdate(ctx, outbuf, &outlen, wrap_ct, sizeof(wrap_ct)))
goto err;
/* Finalise: there can be some additional output from padding */
if (!EVP_DecryptFinal_ex(ctx, outbuf + outlen, &tmplen))
goto err;
outlen += tmplen;
/* Output decrypted block */
printf("Plaintext (outlen:%d):\n", outlen);
BIO_dump_fp(stdout, outbuf, outlen);
if (sizeof(wrap_pt) == outlen && !CRYPTO_memcmp(outbuf, wrap_pt, outlen))
printf("Final plaintext matches original plaintext\n");
else
printf("Final plaintext differs from original plaintext\n");
ret = 1;
err:
if (!ret)
ERR_print_errors_fp(stderr);
EVP_CIPHER_free(cipher);
EVP_CIPHER_CTX_free(ctx);
return ret;
}
int main(int argc, char **argv)
{
if (!aes_wrap_encrypt())
return 1;
if (!aes_wrap_decrypt())
return 1;
return 0;
}

178
deps/openssl/openssl/demos/cipher/ariacbc.c vendored
View File

@ -1,178 +0,0 @@
/*
* Copyright 2012-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Simple ARIA CBC encryption demonstration program.
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/crypto.h>
#include <openssl/core_names.h>
/* ARIA key */
static const unsigned char cbc_key[] = {
0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66,
0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69,
0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f
};
/* Unique initialisation vector */
static const unsigned char cbc_iv[] = {
0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84,
0x99, 0xaa, 0x3e, 0x68,
};
/* Example plaintext to encrypt */
static const unsigned char cbc_pt[] = {
0xf5, 0x6e, 0x87, 0x05, 0x5b, 0xc3, 0x2d, 0x0e, 0xeb, 0x31, 0xb2, 0xea,
0xcc, 0x2b, 0xf2, 0xa5
};
/* Expected ciphertext value */
static const unsigned char cbc_ct[] = {
0x9a, 0x44, 0xe6, 0x85, 0x94, 0x26, 0xff, 0x30, 0x03, 0xd3, 0x7e, 0xc6,
0xb5, 0x4a, 0x09, 0x66, 0x39, 0x28, 0xf3, 0x67, 0x14, 0xbc, 0xe8, 0xe2,
0xcf, 0x31, 0xb8, 0x60, 0x42, 0x72, 0x6d, 0xc8
};
/*
* A library context and property query can be used to select & filter
* algorithm implementations. If they are NULL then the default library
* context and properties are used.
*/
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
int aria_cbc_encrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
EVP_CIPHER *cipher = NULL;
int outlen, tmplen;
size_t cbc_ivlen = sizeof(cbc_iv);
unsigned char outbuf[1024];
unsigned char outtag[16];
printf("ARIA CBC Encrypt:\n");
printf("Plaintext:\n");
BIO_dump_fp(stdout, cbc_pt, sizeof(cbc_pt));
/* Create a context for the encrypt operation */
if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
goto err;
/* Fetch the cipher implementation */
if ((cipher = EVP_CIPHER_fetch(libctx, "ARIA-256-CBC", propq)) == NULL)
goto err;
/*
* Initialise an encrypt operation with the cipher/mode, key and IV.
* We are not setting any custom params so let params be just NULL.
*/
if (!EVP_EncryptInit_ex2(ctx, cipher, cbc_key, cbc_iv, /* params */ NULL))
goto err;
/* Encrypt plaintext */
if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, cbc_pt, sizeof(cbc_pt)))
goto err;
/* Finalise: there can be some additional output from padding */
if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen))
goto err;
outlen += tmplen;
/* Output encrypted block */
printf("Ciphertext (outlen:%d):\n", outlen);
BIO_dump_fp(stdout, outbuf, outlen);
if (sizeof(cbc_ct) == outlen && !CRYPTO_memcmp(outbuf, cbc_ct, outlen))
printf("Final ciphertext matches expected ciphertext\n");
else
printf("Final ciphertext differs from expected ciphertext\n");
ret = 1;
err:
if (!ret)
ERR_print_errors_fp(stderr);
EVP_CIPHER_free(cipher);
EVP_CIPHER_CTX_free(ctx);
return ret;
}
int aria_cbc_decrypt(void)
{
int ret = 0;
EVP_CIPHER_CTX *ctx;
EVP_CIPHER *cipher = NULL;
int outlen, tmplen, rv;
size_t cbc_ivlen = sizeof(cbc_iv);
unsigned char outbuf[1024];
printf("ARIA CBC Decrypt:\n");
printf("Ciphertext:\n");
BIO_dump_fp(stdout, cbc_ct, sizeof(cbc_ct));
if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
goto err;
/* Fetch the cipher implementation */
if ((cipher = EVP_CIPHER_fetch(libctx, "ARIA-256-CBC", propq)) == NULL)
goto err;
/*
* Initialise an encrypt operation with the cipher/mode, key and IV.
* We are not setting any custom params so let params be just NULL.
*/
if (!EVP_DecryptInit_ex2(ctx, cipher, cbc_key, cbc_iv, /* params */ NULL))
goto err;
/* Decrypt plaintext */
if (!EVP_DecryptUpdate(ctx, outbuf, &outlen, cbc_ct, sizeof(cbc_ct)))
goto err;
/* Finalise: there can be some additional output from padding */
if (!EVP_DecryptFinal_ex(ctx, outbuf + outlen, &tmplen))
goto err;
outlen += tmplen;
/* Output decrypted block */
printf("Plaintext (outlen:%d):\n", outlen);
BIO_dump_fp(stdout, outbuf, outlen);
if (sizeof(cbc_pt) == outlen && !CRYPTO_memcmp(outbuf, cbc_pt, outlen))
printf("Final plaintext matches original plaintext\n");
else
printf("Final plaintext differs from original plaintext\n");
ret = 1;
err:
if (!ret)
ERR_print_errors_fp(stderr);
EVP_CIPHER_free(cipher);
EVP_CIPHER_CTX_free(ctx);
return ret;
}
int main(int argc, char **argv)
{
if (!aria_cbc_encrypt())
return 1;
if (!aria_cbc_decrypt())
return 1;
return 0;
}

29
deps/openssl/openssl/demos/cms/cacert.pem vendored
View File

@ -1,29 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIFBjCCA26gAwIBAgIUM/WihZJZUTZvqoyNaUlp59DOaWYwDQYJKoZIhvcNAQEL
BQAwVzELMAkGA1UEBhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwN
T3BlblNTTCBHcm91cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0x
ODA2MTQxMjQ2MjhaGA8yMTE4MDYxNDEyNDYyOFowVzELMAkGA1UEBhMCVUsxEjAQ
BgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91cDEcMBoGA1UE
AwwTVGVzdCBTL01JTUUgUm9vdCBDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCC
AYoCggGBAMzxOVHZFVxN9XQIVW3y1bK5ir3jKpKkU6zKrw8MdRvm233eqWSOYJvs
3rgdT59iv+CaPcBT5offbP0eH43H96CubJji/vQLMUzc/cLrJuCbLHREbSCsFNpf
lYw5mkT98dCFV66HuN6Nwqi5kW8TxGSXkD4OZqklbbicrXoXh5qhREID5hgbrijy
BiIHyp6bDq5zUCcmHP/Gdw2aTMEQZNsdw4MavtB65vI7dYxo2zEzdmJ3NnjlG7qZ
6Od6V4IW8yRAK9GLj0TUCZl28pq6rNio+F5Lst3clX9PDxh7LphNrXXYiHjXp2Kn
LZbOnz1SJSmCeisy/EFN6fRtwdwqcM1AcKNBU+UqFq0Mv0sgNdRwghYWGQht0mT9
+Pg5HxTzDlOOmBT1kAduxJNLiRQlgysPDN94Os0EpzJyA87Z6yJRGvYGZ5mrdfx2
8p6bHptf46h1WzCX4wDy2J86y+odgWMnSkmF9h8ySj66rgmLrz40n+mDm8bhUblK
AV8IqN8WmQIDAQABo4HHMIHEMB0GA1UdDgQWBBSkmMaBYQPTEGcqe1maU2IDOMLQ
ezCBlAYDVR0jBIGMMIGJgBSkmMaBYQPTEGcqe1maU2IDOMLQe6FbpFkwVzELMAkG
A1UEBhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBH
cm91cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQYIUM/WihZJZUTZvqoyN
aUlp59DOaWYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAqP1CQRGM
roHvk6dhI4ElNae5seRdSQNTtwAhlP1RoSoFz8xybMgDksKE07t77gDsKvU2SuXV
fdICqVpjpN9cRYKM6VmiREdU6OGsPQ74u4sOg4cT/tuou0RsD/uQaznb5NOvo2T0
8rmX0Ai3+lbEuMBCaGNU0KYJifYy4QrSqEapq4W3NbqH85msOiKHEDh1vz9IWz6z
WKjdv9lst56XuLTZrJ/O0T0qD6aMXyqK6ZART/FELjDXc+9Ey4TH+msOEKq0uQWt
y7Grfmz52dTnAjBw+6/ggE9sA8Wo6DhwbEUaOA9BB5YP+XWsIkUUbiVHU7D8TyiE
KHt2DkaWvjl1/RdtzQUO/vGI4yuFTZfLf23KcwgtHJI3JxLNAMLM3I2jmoWhKm/d
GkVYsGH1GWonv0UTv/TKlOXaTYWK9fQVoYkFc+FrwUd2lev5FizJNigL9qatGyRZ
giJmWWlf0bMMIxwWZzQswxLyKdkNlvkKf9T6BjEmGLeOHZCn0x2sOyUi
-----END CERTIFICATE-----

39
deps/openssl/openssl/demos/cms/cakey.pem vendored
View File

@ -1,39 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIG5QIBAAKCAYEAzPE5UdkVXE31dAhVbfLVsrmKveMqkqRTrMqvDwx1G+bbfd6p
ZI5gm+zeuB1Pn2K/4Jo9wFPmh99s/R4fjcf3oK5smOL+9AsxTNz9wusm4JssdERt
IKwU2l+VjDmaRP3x0IVXroe43o3CqLmRbxPEZJeQPg5mqSVtuJyteheHmqFEQgPm
GBuuKPIGIgfKnpsOrnNQJyYc/8Z3DZpMwRBk2x3Dgxq+0Hrm8jt1jGjbMTN2Ync2
eOUbupno53pXghbzJEAr0YuPRNQJmXbymrqs2Kj4Xkuy3dyVf08PGHsumE2tddiI
eNenYqctls6fPVIlKYJ6KzL8QU3p9G3B3CpwzUBwo0FT5SoWrQy/SyA11HCCFhYZ
CG3SZP34+DkfFPMOU46YFPWQB27Ek0uJFCWDKw8M33g6zQSnMnIDztnrIlEa9gZn
mat1/Hbynpsem1/jqHVbMJfjAPLYnzrL6h2BYydKSYX2HzJKPrquCYuvPjSf6YOb
xuFRuUoBXwio3xaZAgMBAAECggGBAJrqILzozke2ujpablEtBTITJHgC9lRgmMt9
bjR+4ysTJ4kOvZbANPDIbVZY+a3uVEIv9UujYBgG4Hi4w3tF074G+xnaRIQuzbZf
OgaUABA527GLY74VtbGYHRAhHqbWGmrX0H6iIzE/kQw/MVr4YzTyiFsQQbPMEhNB
g7RNgvh0vIb2MYC5s71JrS8eGqAnb0KY8daV7ce9upJyt2Acx1AGQJqipegrbtVd
8q4PONkJIIyvtmJONNaprq8DAJDaTNdcZu7f7mymF5UFpp4Lh6raAvOZAZjgkPYW
PsX2uMAsYchXTmSDGOHNafqeyTS0UEaw6FRhpxzMoSxRXX4/RhjeShadYwHxbh7s
UwFU7S9EWlj8CjgGs00KFM1eMV0sEYsL8sRf7ZiWM5XJsmXKbRZjA5V+7OoSGElB
zJcERK6NFCISijApZlVveEVZS0qESivKd9bspOzbMdoJyjBW1LZdMH85YIwM8Dox
VqGR0QD3UP8RpZBRwTiFenqOpwARnQKBwQD1NBGcTxLLUUluEBG/TD9KM5sCnkm8
cn5RomwTeBrUr9SXOJuUPa8RNLrAeosuWCrx9JkF25IBExQbbs1NRHuziOIOyI0+
hvqP85zJln7kUDtiDMFfUdS8Q6PF3b3wJl6cbipowWwsahvUSkx3W8UWrzZHsvrO
LBtvEZdwetNWN50FK040uM6y/x71xfvUhlKBsuZBgDFU9aXJZAGpkCklZnByURN6
LZudDQETdYo7/X8qqPlcHwHStGj9YXg/e38CgcEA1fdVA6s+KlRUGRTUDaUFPDji
MciTcvA3teXJWNAsFWd71oLT5eQNI50afF242ikTT6JuXFH0mMYKoVe/LFo7m2mf
uLcW4yM/FiKTkhnBQGm7KNqyvXB0T0DWTDSeS7hTzD6KjuJPf7JVH5I4In8jSKJd
3mzTA9keIosnxjX7EOsZNQd0+MKaJYHnvJsxYaoT9FXoONuyzQu96TQ8Q+fkVHXh
I/ENAw0qfoJ5mw5dQnU2UtjP6cSNVQ9Rsr48GNnnAoHBAJcI65AMZNc3yrMw0r2y
iYl7IBAMz/5zx7shANE9OcmoRJqhE7PMCvneMOo+kVyKkmlW8KrbBKQEzG3ZYjwl
4sxDlHrmrZnGKrBgrkK9oIuhn/JVSQcdsJwGTeqjG0vBVqWkdhrwiWESOvIYkeEz
dcLzScwAQtyb7ooLm+x8u5Bv0RhOBG4VJ7y5yKg6u1O9KTUarRnLjJd4eBYEs8Fu
Oun+n2TK6+RmE2Q5jmAeFne9PYdZbb+Ame7fkYwBbcAsoQKBwQC1KHQSZyp7LGsH
0Vq5Mr77/i2FeQ1eg4SnvaZ8S8UHWla/iIVgX3XAcYO7SJ76F00CX8SQ5dLyhrr5
YBG8u6k8LHHPMzVtmqoPU7cePDAjGWIddQ1g15WihILsgqCD+8z3YPxvfa1RsOvh
jyt4Ca0WEmLnr7v5xhp9pNRIPewUpvjwrR+cfyeEGjjat4tX5Wh/tzym51y7vvVM
Pa3I0M3BtQyqIa2ip8MS2eWcIs1TN2qHOorOolwHaLEDZY38fIECgcAKns98A2G3
tLvZaDZlVsJWZsdSDUrFCKvx9QbTZHbyOL5JU/8TgLBgfOgV2yxLXn9Pq+0Quvb2
EjaFuA3GKOFi50WtfwR6Yo1DaFcx5n0bDShnaHOF+dUi0BVQd2V1DsqAwF5/Eh3A
lX+XuWeSam4/91WhmNMCZpfYv0GErs4ZBHHsl54jmvrrjbhg/efUvpWKi/9vlKm+
+ITH+nG1xCnyEEVZ+vm9Qq57lCLBZGyGT4PetllpsRrGcdO4/gfK8lY=
-----END RSA PRIVATE KEY-----

64
deps/openssl/openssl/demos/cms/cms_comp.c vendored
View File

@ -1,64 +0,0 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Simple S/MIME compress example */
#include <openssl/pem.h>
#include <openssl/cms.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
/*
* On OpenSSL 1.0.0+ only:
* for streaming set CMS_STREAM
*/
int flags = CMS_STREAM;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Open content being compressed */
in = BIO_new_file("comp.txt", "r");
if (!in)
goto err;
/* compress content */
cms = CMS_compress(in, NID_zlib_compression, flags);
if (!cms)
goto err;
out = BIO_new_file("smcomp.txt", "w");
if (!out)
goto err;
/* Write out S/MIME message */
if (!SMIME_write_CMS(out, cms, in, flags))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Compressing Data\n");
ERR_print_errors_fp(stderr);
}
CMS_ContentInfo_free(cms);
BIO_free(in);
BIO_free(out);
return ret;
}

88
deps/openssl/openssl/demos/cms/cms_ddec.c vendored
View File

@ -1,88 +0,0 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* S/MIME detached data decrypt example: rarely done but should the need
* arise this is an example....
*/
#include <openssl/pem.h>
#include <openssl/cms.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL, *dcont = NULL;
X509 *rcert = NULL;
EVP_PKEY *rkey = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Read in recipient certificate and private key */
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
if (!rcert || !rkey)
goto err;
/* Open PEM file containing enveloped data */
in = BIO_new_file("smencr.pem", "r");
if (!in)
goto err;
/* Parse PEM content */
cms = PEM_read_bio_CMS(in, NULL, 0, NULL);
if (!cms)
goto err;
/* Open file containing detached content */
dcont = BIO_new_file("smencr.out", "rb");
if (!in)
goto err;
out = BIO_new_file("encrout.txt", "w");
if (!out)
goto err;
/* Decrypt S/MIME message */
if (!CMS_decrypt(cms, rkey, rcert, dcont, out, 0))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Decrypting Data\n");
ERR_print_errors_fp(stderr);
}
CMS_ContentInfo_free(cms);
X509_free(rcert);
EVP_PKEY_free(rkey);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
BIO_free(dcont);
return ret;
}

78
deps/openssl/openssl/demos/cms/cms_dec.c vendored
View File

@ -1,78 +0,0 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Simple S/MIME decryption example */
#include <openssl/pem.h>
#include <openssl/cms.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL;
X509 *rcert = NULL;
EVP_PKEY *rkey = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Read in recipient certificate and private key */
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
if (!rcert || !rkey)
goto err;
/* Open S/MIME message to decrypt */
in = BIO_new_file("smencr.txt", "r");
if (!in)
goto err;
/* Parse message */
cms = SMIME_read_CMS(in, NULL);
if (!cms)
goto err;
out = BIO_new_file("decout.txt", "w");
if (!out)
goto err;
/* Decrypt S/MIME message */
if (!CMS_decrypt(cms, rkey, rcert, NULL, out, 0))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Decrypting Data\n");
ERR_print_errors_fp(stderr);
}
CMS_ContentInfo_free(cms);
X509_free(rcert);
EVP_PKEY_free(rkey);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
return ret;
}

97
deps/openssl/openssl/demos/cms/cms_denc.c vendored
View File

@ -1,97 +0,0 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* S/MIME detached data encrypt example: rarely done but should the need
* arise this is an example....
*/
#include <openssl/pem.h>
#include <openssl/cms.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL, *dout = NULL;
X509 *rcert = NULL;
STACK_OF(X509) *recips = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
int flags = CMS_STREAM | CMS_DETACHED;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Read in recipient certificate */
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
if (!rcert)
goto err;
/* Create recipient STACK and add recipient cert to it */
recips = sk_X509_new_null();
if (!recips || !sk_X509_push(recips, rcert))
goto err;
/*
* sk_X509_pop_free will free up recipient STACK and its contents so set
* rcert to NULL so it isn't freed up twice.
*/
rcert = NULL;
/* Open content being encrypted */
in = BIO_new_file("encr.txt", "r");
dout = BIO_new_file("smencr.out", "wb");
if (!in)
goto err;
/* encrypt content */
cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
if (!cms)
goto err;
out = BIO_new_file("smencr.pem", "w");
if (!out)
goto err;
if (!CMS_final(cms, in, dout, flags))
goto err;
/* Write out CMS structure without content */
if (!PEM_write_bio_CMS(out, cms))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Encrypting Data\n");
ERR_print_errors_fp(stderr);
}
CMS_ContentInfo_free(cms);
X509_free(rcert);
sk_X509_pop_free(recips, X509_free);
BIO_free(in);
BIO_free(out);
BIO_free(dout);
BIO_free(tbio);
return ret;
}

92
deps/openssl/openssl/demos/cms/cms_enc.c vendored
View File

@ -1,92 +0,0 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Simple S/MIME encrypt example */
#include <openssl/pem.h>
#include <openssl/cms.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL;
X509 *rcert = NULL;
STACK_OF(X509) *recips = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
/*
* On OpenSSL 1.0.0 and later only:
* for streaming set CMS_STREAM
*/
int flags = CMS_STREAM;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Read in recipient certificate */
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
if (!rcert)
goto err;
/* Create recipient STACK and add recipient cert to it */
recips = sk_X509_new_null();
if (!recips || !sk_X509_push(recips, rcert))
goto err;
/*
* sk_X509_pop_free will free up recipient STACK and its contents so set
* rcert to NULL so it isn't freed up twice.
*/
rcert = NULL;
/* Open content being encrypted */
in = BIO_new_file("encr.txt", "r");
if (!in)
goto err;
/* encrypt content */
cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
if (!cms)
goto err;
out = BIO_new_file("smencr.txt", "w");
if (!out)
goto err;
/* Write out S/MIME message */
if (!SMIME_write_CMS(out, cms, in, flags))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Encrypting Data\n");
ERR_print_errors_fp(stderr);
}
CMS_ContentInfo_free(cms);
X509_free(rcert);
sk_X509_pop_free(recips, X509_free);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
return ret;
}

88
deps/openssl/openssl/demos/cms/cms_sign.c vendored
View File

@ -1,88 +0,0 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Simple S/MIME signing example */
#include <openssl/pem.h>
#include <openssl/cms.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL;
X509 *scert = NULL;
EVP_PKEY *skey = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
/*
* For simple S/MIME signing use CMS_DETACHED. On OpenSSL 1.0.0 only: for
* streaming detached set CMS_DETACHED|CMS_STREAM for streaming
* non-detached set CMS_STREAM
*/
int flags = CMS_DETACHED | CMS_STREAM;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Read in signer certificate and private key */
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
if (!scert || !skey)
goto err;
/* Open content being signed */
in = BIO_new_file("sign.txt", "r");
if (!in)
goto err;
/* Sign content */
cms = CMS_sign(scert, skey, NULL, in, flags);
if (!cms)
goto err;
out = BIO_new_file("smout.txt", "w");
if (!out)
goto err;
if (!(flags & CMS_STREAM))
BIO_reset(in);
/* Write out S/MIME message */
if (!SMIME_write_CMS(out, cms, in, flags))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Signing Data\n");
ERR_print_errors_fp(stderr);
}
CMS_ContentInfo_free(cms);
X509_free(scert);
EVP_PKEY_free(skey);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
return ret;
}

98
deps/openssl/openssl/demos/cms/cms_sign2.c vendored
View File

@ -1,98 +0,0 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* S/MIME signing example: 2 signers */
#include <openssl/pem.h>
#include <openssl/cms.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL;
X509 *scert = NULL, *scert2 = NULL;
EVP_PKEY *skey = NULL, *skey2 = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
BIO_free(tbio);
tbio = BIO_new_file("signer2.pem", "r");
if (!tbio)
goto err;
scert2 = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
skey2 = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
if (!scert2 || !skey2)
goto err;
in = BIO_new_file("sign.txt", "r");
if (!in)
goto err;
cms = CMS_sign(NULL, NULL, NULL, in, CMS_STREAM | CMS_PARTIAL);
if (!cms)
goto err;
/* Add each signer in turn */
if (!CMS_add1_signer(cms, scert, skey, NULL, 0))
goto err;
if (!CMS_add1_signer(cms, scert2, skey2, NULL, 0))
goto err;
out = BIO_new_file("smout.txt", "w");
if (!out)
goto err;
/* NB: content included and finalized by SMIME_write_CMS */
if (!SMIME_write_CMS(out, cms, in, CMS_STREAM))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Signing Data\n");
ERR_print_errors_fp(stderr);
}
CMS_ContentInfo_free(cms);
X509_free(scert);
EVP_PKEY_free(skey);
X509_free(scert2);
EVP_PKEY_free(skey2);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
return ret;
}

58
deps/openssl/openssl/demos/cms/cms_uncomp.c vendored
View File

@ -1,58 +0,0 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Simple S/MIME uncompression example */
#include <openssl/pem.h>
#include <openssl/cms.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Open compressed content */
in = BIO_new_file("smcomp.txt", "r");
if (!in)
goto err;
/* Sign content */
cms = SMIME_read_CMS(in, NULL);
if (!cms)
goto err;
out = BIO_new_file("smuncomp.txt", "w");
if (!out)
goto err;
/* Uncompress S/MIME message */
if (!CMS_uncompress(cms, out, NULL, 0))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Uncompressing Data\n");
ERR_print_errors_fp(stderr);
}
CMS_ContentInfo_free(cms);
BIO_free(in);
BIO_free(out);
return ret;
}

88
deps/openssl/openssl/demos/cms/cms_ver.c vendored
View File

@ -1,88 +0,0 @@
/*
* Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Simple S/MIME verification example */
#include <openssl/pem.h>
#include <openssl/cms.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL;
X509_STORE *st = NULL;
X509 *cacert = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Set up trusted CA certificate store */
st = X509_STORE_new();
if (st == NULL)
goto err;
/* Read in CA certificate */
tbio = BIO_new_file("cacert.pem", "r");
if (tbio == NULL)
goto err;
cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
if (cacert == NULL)
goto err;
if (!X509_STORE_add_cert(st, cacert))
goto err;
/* Open message being verified */
in = BIO_new_file("smout.txt", "r");
if (in == NULL)
goto err;
/* parse message */
cms = SMIME_read_CMS(in, &cont);
if (cms == NULL)
goto err;
/* File to output verified content to */
out = BIO_new_file("smver.txt", "w");
if (out == NULL)
goto err;
if (!CMS_verify(cms, NULL, st, cont, out, 0)) {
fprintf(stderr, "Verification Failure\n");
goto err;
}
fprintf(stderr, "Verification Successful\n");
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Verifying Data\n");
ERR_print_errors_fp(stderr);
}
X509_STORE_free(st);
CMS_ContentInfo_free(cms);
X509_free(cacert);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
return ret;
}

22
deps/openssl/openssl/demos/cms/comp.txt vendored
View File

@ -1,22 +0,0 @@
Content-type: text/plain
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed
Some Text To be Compressed

3
deps/openssl/openssl/demos/cms/encr.txt vendored
View File

@ -1,3 +0,0 @@
Content-type: text/plain
Sample OpenSSL Data for CMS encryption

3
deps/openssl/openssl/demos/cms/sign.txt vendored
View File

@ -1,3 +0,0 @@
Content-type: text/plain
Test OpenSSL CMS Signed Content

52
deps/openssl/openssl/demos/cms/signer.pem vendored
View File

@ -1,52 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIELDCCApSgAwIBAgIIcsOElVeHzfQwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UE
BhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91
cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0xODA2MTQxMjQ2Mjha
GA8yMTE4MDYxNDEyNDYyOFowVjELMAkGA1UEBhMCVUsxJTAjBgNVBAMMHE9wZW5T
U0wgdGVzdCBTL01JTUUgc2lnbmVyIDExIDAeBgkqhkiG9w0BCQEWEXRlc3QxQG9w
ZW5zc2wub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vvSgaL1
byi9AE8Ep3v7Yv36JxYywaZhUy8dEFRiYn6NsVhhNo6SK1Mp8daQ0MZoMzbT1aKp
JTLTgDJZHit2t1d6l3aWJG+cbcLua+XKowaZjj6rirB390fuL4qt5PiAb571QFtu
L8apcydwGEdkaPRuCnvctN8VcZPTKh+M8VEESyxk5K37QYKaAB6ItWR5KhjiAuDt
zsJbjEtOvGtmu2FRCU47GzfkdjYo7tY38WTY+2WWh+idKErtmYSinmhE0H7+yoJB
s1VCI+cq5tVW+oEO9HF4vEDEUykEFFPsCEkIWM+RjCgK8cRSCpg6VQr+ZTii6k7C
m9CP81QhUoV3QwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P
cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUg1DE7OaNqMQQ
8Z1bvjhnlisxfsMwHwYDVR0jBBgwFoAUpJjGgWED0xBnKntZmlNiAzjC0HswDQYJ
KoZIhvcNAQELBQADggGBAGxAivCwPsAYmMZfVJTELWNNMBzKzmeRvrp6k/6S74Pw
LDEhTnslCV4U1gTSd3nQ+LRm1fkzxLA12A/rlqN51P8B+hyVSMN9dj54YUcFd+KO
XhkSDrSpph6hRqGy8zqELzlb1Q8yoIBclEmyv+CkXMrpnm+4JL4kzyj/iBRkZTDz
ns15jJD9KHgrOnclaoDRkOT6lGbsd3j+aviKEj8ZILufSMw+W2YORy3nSAencjbO
ezivVujqm+pjkfqdCS1HcFB7LhQEILfFqkssw8YmtJVrM9LF8VIcqueXbVZmeS/1
QV5B7OEmtsM+NkoLF5ldWdPQvmftbShh+AAlpcsmqiRefQgA3aQn6YOnOHnnQwgB
oQRNjQXsjgxV4t2HFYpwkK41kx4HToVGciPNMkndzfY/GJmgXsXfB6/AfUfhLTDv
tbws1MZhaCNOffw3/SVS2nLREMFCGn5uAgNkqssWqeWJu3910XF640tqPBj5YGFc
fykwWNhG5xS04EHpztgKdQ==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA1vvSgaL1byi9AE8Ep3v7Yv36JxYywaZhUy8dEFRiYn6NsVhh
No6SK1Mp8daQ0MZoMzbT1aKpJTLTgDJZHit2t1d6l3aWJG+cbcLua+XKowaZjj6r
irB390fuL4qt5PiAb571QFtuL8apcydwGEdkaPRuCnvctN8VcZPTKh+M8VEESyxk
5K37QYKaAB6ItWR5KhjiAuDtzsJbjEtOvGtmu2FRCU47GzfkdjYo7tY38WTY+2WW
h+idKErtmYSinmhE0H7+yoJBs1VCI+cq5tVW+oEO9HF4vEDEUykEFFPsCEkIWM+R
jCgK8cRSCpg6VQr+ZTii6k7Cm9CP81QhUoV3QwIDAQABAoIBAQC6LCWmIisNcmgK
RmOvbszKc0sYYj7eOGl8EgbHR2xUA2hNNk4pYtnuLvzZ84hBZDCEeWyFS3HTRuql
z/QhDl6mc1k0pXtsXkNHQlIamksbVvHPnzIKzrt1J5N7FEt3SERhZXTZoNQRB6di
k7qdK+YmhdZtucnt0GrPisaJaf0yU/EjLuX+MU/0Xrc23lVhR3yqYhaOhWvrxTHM
evykI0kOL+gU58eN2eWE4ELjS2z+njKDqcEyeIy00FdBAtCoKjMsWpRytKNmcFm9
LdtMmizskF8VS3+XsDbkseIODx1xJ65IFmHHMV2xLG5/+bQppkB8JuE3EDrtFiUJ
lGdfmBlxAoGBAP3Asg0drdunv7imeEOGpyj5JwF1hCVQ71IBGdqTr3aPqOlDH/io
up7t+VBuSLqj1P20HygNjow+ALw/Ko+a0icodg7QA2Co0/RiBwa+u2SgpYDqC9Kt
KIdRcv+NXkhXF/DLIn0jJvI53OtKsbgTv/C+aCipblofnO9sF4AhShq1AoGBANjj
Ou0czloNORbk3qAxLi4b5P/YOyZBJDa0zijFdD1jImfOeyNFXeg2ID+8ZjDkP/eP
pLy/Gt/8bVb+O+9wMOho3kWKZBN3O2VsLJYakAehDsC5ax7i2HtEqg1L1krW2duS
POiKg3qNjETM30zTA4pHwkNAETIktResze7SRm0XAoGABH7KaLMS5mZFXjcMwF19
TpuDVmJHkgWqB7DfTWD6ZcZLvr4irdwHWlNq7ELX5P6MAmaTerkqwk9C4hLYZSzf
9jOgS8jhlm/HOXgXGcZ9OV4jMHJ0/Sl2I1eNCvvtJKjuUqS2mrLpuLbPtBdhqJoo
91HYNIgz3ULcG921WN6+GlUCgYEA066T6LDgxgt52NpwXrEhfWdETmDg+ilCCxLU
0/5DwVZsUhy5Gmeti+Kn/w0GQFnGBP1xr7ZlqI9auDlSjhNV6L/RkNXNbyJEGm1F
5wrt4ERVfcx6vJ5y43zU7D1EXa7s2t0UDXKDeK2GZe//UZ/yKJh5BeIV5nblOMI0
DA+3JOkCgYEA80QGLjGlCvxKceVbuohbIZ1+/EoXPq993ER9S8D2MTGATsEcygtF
rM8JcHTv75sjycqu68BAQr1Z5qwwrMyY0vWVEorKzvAXEWolC67asR4cDutOd+qy
WlEIyojX45GwHCHpcbVRiGRWuj3kwkc+WzdgusBoAJrPCigES/Cr8uA=
-----END RSA PRIVATE KEY-----

52
deps/openssl/openssl/demos/cms/signer2.pem vendored
View File

@ -1,52 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIELDCCApSgAwIBAgIIcsOElVeHzfUwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UE
BhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91
cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0xODA2MTQxMjQ2Mjha
GA8yMTE4MDYxNDEyNDYyOFowVjELMAkGA1UEBhMCVUsxJTAjBgNVBAMMHE9wZW5T
U0wgdGVzdCBTL01JTUUgc2lnbmVyIDIxIDAeBgkqhkiG9w0BCQEWEXRlc3QyQG9w
ZW5zc2wub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ledrM9R
3x3bZypZAEi00DJYAmLS5F6Gg3+xpjE745UWKrjDAY5KswavKKa3vZxoUz2omNSg
4nYfLSowq7AI3VnZ8LwNo8lAeo7AX9elrsmzQzhr2DCdCdbRhCWoiS/ba5tKIhlb
gFnP+pB8jhC9qZuQJkpVaivywMW8rA9DRbeDcQjDKhUi0ukVDYHDd9+FtNM3H1t3
AUGWBecjWYa4hXC3CsH3+cFBZKjAepL74hqiEfsEyzKesft3NFd1AcVY9W5MRCK4
lUFiDbBtIgPkvPJeoEs/kFp3+OvJFDwi4K4Z6XzALyT0LXNx6w3kSfx0TLdNjXLD
O9a2dzwhHhPtCQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P
cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUYJEUXnMb/ux0
WrzSh+bnhpi6GS0wHwYDVR0jBBgwFoAUpJjGgWED0xBnKntZmlNiAzjC0HswDQYJ
KoZIhvcNAQELBQADggGBAFbrwfsSciDFI97c7oqS8jtxOSa3c4B7xhmcgUkYCiaD
7mbZuqTUf4ltJJZXP/TJ44fhL0zVAvRXSXw1LE3YvLGOlBc6dM3D7DyL5pfUTUBY
ICt+NLfG5iHtkiZPPSfK2t5f4UGFwU/ERT62sLu4keLI5igi9J2jKSykN3u5SQ3s
Zsennow5zUsFkcz9hkB4RczlHRogA0SgVhELQbN1nYIqJJDRFZL+CmarDRTFMilk
7dXCacw6xt9vIc3ZXO+pu2g1ezgSPwOoUykQcL3UhAEIIyt+TRe3fafh5TXwd8tr
FAecAuz5Mqsmek5nEW9ZeYmxNz5VFwc4F61y4xFj7lI0frLCCAu3gVoqiQrW+WwR
e27z1Nm4uUcduFqj45Pu2eTyV3LZtLUbFvL5ZSPUCSk1wVmC2otX8ksFDDTO1rIy
l5Qd1g1P8bLuj8NG98J2zVOabtaxYCAIBPZ3dUh2eNrPKoLAvrgKh1MH+K2Eh5Oy
z1T4Eu+e5Kq/uQkZpI5QzA==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEA1ledrM9R3x3bZypZAEi00DJYAmLS5F6Gg3+xpjE745UWKrjD
AY5KswavKKa3vZxoUz2omNSg4nYfLSowq7AI3VnZ8LwNo8lAeo7AX9elrsmzQzhr
2DCdCdbRhCWoiS/ba5tKIhlbgFnP+pB8jhC9qZuQJkpVaivywMW8rA9DRbeDcQjD
KhUi0ukVDYHDd9+FtNM3H1t3AUGWBecjWYa4hXC3CsH3+cFBZKjAepL74hqiEfsE
yzKesft3NFd1AcVY9W5MRCK4lUFiDbBtIgPkvPJeoEs/kFp3+OvJFDwi4K4Z6XzA
LyT0LXNx6w3kSfx0TLdNjXLDO9a2dzwhHhPtCQIDAQABAoIBAGMEGJfTMiwS+979
ph3GeJjRGO0JQAk1TYiDvcpbZiItJg9YSOV4GTP4u4PY+HqEPYFus2relu/mx2Iy
4kb9zCqNLmvSQ67M8pdrSJ093pEPJlvAPbmiQ3lfHmyghOnTDNb55tY3xphVZQmI
I7HxM9ydO4skva6NXNgGwLDvYBFc6z6d95ai/WEFWHOt5Mt7OVOWAHQ0lAOofWLA
2BwKmrQnCwMvm1TMoKaAU/ngTToUGBMIN1HwRcY6qDraZte5o3EDRABHB78OHrSu
I/Eoi//5C8A7iZ5Y189lMbahIN6xVMwHwwIqLptTV2GNZOKSiIXnM06vIf4CPZKl
3VlwBgECgYEA/BKnn23KtefA906QNkrIOXASLEE1T77NlTYIRDTsUoz6XTVSvOCI
ARxdsoLwFko5ICMhti9S/1G/MYH0BoJN8rbzvjmZDfwF612p0AYALyBlRgW+ID9L
41CJQcLWxeiQd/GcrUZmudVNUGXa8nsNHmFleGLchXeqU7M6fljJOkECgYEA2a56
yvYQgMF/SIPkxU1+WcQC6+JGc+ax220/lysBsDb4SkXomfGtFWbenxwamuQu+n67
DJWi9oJIi9Vj4eKOXS6vjCAkYeLgCpK6S26frPtxJuZwl/lF7mFl8Z4ZnJeiFJ4h
AXt5r9vqnOZtCnLqRRAlqF5OswWgv/mhJ6jpMMkCgYBMPaAxWlXLexMkOcDoiunQ
ZZM5i2eCfSVVEgiiCJfJyBYZhv1FX2wDWf8E9RGEzGJG1BloLxwdWS5I3RNfvJ2y
4Z8LVAR09Fsd+zBXWNlJZ7T53tbIjhx33m4FU9b9+P9pJ8zJo9eCMX+253e3i3xG
ShMUvGIShEUiF72DZXtHgQKBgDi867CfNmn5BW4nQqfSrQ5EsuY80lQ/WzhwX1TN
luERUuI5GomVnqGncHtUXfLlawFLqwF6t0E9cB9SfXhRDv5mvsbtUc5Zzj+zQu+K
ZAA4gaO8CLjz9jBOHr49kTtpootxM/Uo8+zMi3hd7yn8Def2b3pVKnorC10+eazW
sAFRAoGAet6fQbQD+4vZ1oukZcZhmVlIWTSZJ1vAGCcT/3E40pqpPY+Ho56Lcwh0
9f4TAykuGwFgqvZvR8yD2gpuISYGYplWqa1N6qxMaiVzmY5q1XW+O74xRH5Kz5fr
D+3j2x4EiyG7AYyZMOphDtBd/TSQQMYmGW6PiyM9ceIVnDK1Dd4=
-----END RSA PRIVATE KEY-----

122
deps/openssl/openssl/demos/digest/BIO_f_md.c vendored
View File

@ -1,122 +0,0 @@
/*-
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*-
* Example of using EVP_MD_fetch and EVP_Digest* methods to calculate
* a digest of static buffers
* You can find SHA3 test vectors from NIST here:
* https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/sha3/sha-3bytetestvectors.zip
* For example, contains these lines:
Len = 80
Msg = 1ca984dcc913344370cf
MD = 6915ea0eeffb99b9b246a0e34daf3947852684c3d618260119a22835659e4f23d4eb66a15d0affb8e93771578f5e8f25b7a5f2a55f511fb8b96325ba2cd14816
* use xxd convert the hex message string to binary input for BIO_f_md:
* echo "1ca984dcc913344370cf" | xxd -r -p | ./BIO_f_md
* and then verify the output matches MD above.
*/
#include <string.h>
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
/*-
* This demonstration will show how to digest data using
* a BIO configured with a message digest
* A message digest name may be passed as an argument.
* The default digest is SHA3-512
*/
int main(int argc, char * argv[])
{
int result = 1;
OSSL_LIB_CTX *library_context = NULL;
BIO *input = NULL;
BIO *bio_digest = NULL;
EVP_MD *md = NULL;
unsigned char buffer[512];
size_t readct, writect;
size_t digest_size;
char *digest_value=NULL;
int j;
input = BIO_new_fd( fileno(stdin), 1 );
if (input == NULL) {
fprintf(stderr, "BIO_new_fd() for stdin returned NULL\n");
goto cleanup;
}
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto cleanup;
}
/*
* Fetch a message digest by name
* The algorithm name is case insensitive.
* See providers(7) for details about algorithm fetching
*/
md = EVP_MD_fetch( library_context, "SHA3-512", NULL );
if (md == NULL) {
fprintf(stderr, "EVP_MD_fetch did not find SHA3-512.\n");
goto cleanup;
}
digest_size = EVP_MD_get_size(md);
digest_value = OPENSSL_malloc(digest_size);
if (digest_value == NULL) {
fprintf(stderr, "Can't allocate %lu bytes for the digest value.\n", (unsigned long)digest_size);
goto cleanup;
}
/* Make a bio that uses the digest */
bio_digest = BIO_new(BIO_f_md());
if (bio_digest == NULL) {
fprintf(stderr, "BIO_new(BIO_f_md()) returned NULL\n");
goto cleanup;
}
/* set our bio_digest BIO to digest data */
if (BIO_set_md(bio_digest,md) != 1) {
fprintf(stderr, "BIO_set_md failed.\n");
goto cleanup;
}
/*-
* We will use BIO chaining so that as we read, the digest gets updated
* See the man page for BIO_push
*/
BIO *reading = BIO_push( bio_digest, input );
while( BIO_read(reading, buffer, sizeof(buffer)) > 0 )
;
/*-
* BIO_gets must be used to calculate the final
* digest value and then copy it to digest_value.
*/
if (BIO_gets(bio_digest, digest_value, digest_size) != digest_size) {
fprintf(stderr, "BIO_gets(bio_digest) failed\n");
goto cleanup;
}
for (j=0; j<digest_size; j++) {
fprintf(stdout, "%02x", (unsigned char)digest_value[j]);
}
fprintf(stdout, "\n");
result = 0;
cleanup:
if (result != 0)
ERR_print_errors_fp(stderr);
OPENSSL_free(digest_value);
BIO_free(input);
BIO_free(bio_digest);
EVP_MD_free(md);
OSSL_LIB_CTX_free(library_context);
return result;
}

183
deps/openssl/openssl/demos/digest/EVP_MD_demo.c vendored
View File

@ -1,183 +0,0 @@
/*-
* Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Example of using EVP_MD_fetch and EVP_Digest* methods to calculate
* a digest of static buffers
*/
#include <string.h>
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
/*-
* This demonstration will show how to digest data using
* the soliloqy from Hamlet scene 1 act 3
* The soliloqy is split into two parts to demonstrate using EVP_DigestUpdate
* more than once.
*/
const char * hamlet_1 =
"To be, or not to be, that is the question,\n"
"Whether tis nobler in the minde to suffer\n"
"The ſlings and arrowes of outragious fortune,\n"
"Or to take Armes again in a sea of troubles,\n"
"And by opposing, end them, to die to sleep;\n"
"No more, and by a sleep, to say we end\n"
"The heart-ache, and the thousand natural shocks\n"
"That flesh is heir to? tis a consumation\n"
"Devoutly to be wished. To die to sleep,\n"
"To sleepe, perchance to dreame, Aye, there's the rub,\n"
"For in that sleep of death what dreams may come\n"
"When we haue shuffled off this mortal coil\n"
"Must give us pause. There's the respect\n"
"That makes calamity of so long life:\n"
"For who would bear the Ships and Scorns of time,\n"
"The oppressor's wrong, the proud man's Contumely,\n"
"The pangs of dispised love, the Law's delay,\n"
;
const char * hamlet_2 =
"The insolence of Office, and the spurns\n"
"That patient merit of the'unworthy takes,\n"
"When he himself might his Quietas make\n"
"With a bare bodkin? Who would fardels bear,\n"
"To grunt and sweat under a weary life,\n"
"But that the dread of something after death,\n"
"The undiscovered country, from whose bourn\n"
"No traveller returns, puzzles the will,\n"
"And makes us rather bear those ills we have,\n"
"Then fly to others we know not of?\n"
"Thus conscience does make cowards of us all,\n"
"And thus the native hue of Resolution\n"
"Is sickled o'er with the pale cast of Thought,\n"
"And enterprises of great pith and moment,\n"
"With this regard their currents turn awry,\n"
"And lose the name of Action. Soft you now,\n"
"The fair Ophelia? Nymph in thy Orisons\n"
"Be all my sins remember'd.\n"
;
/* The known value of the SHA3-512 digest of the above soliloqy */
const unsigned char known_answer[] = {
0xbb, 0x69, 0xf8, 0x09, 0x9c, 0x2e, 0x00, 0x3d,
0xa4, 0x29, 0x5f, 0x59, 0x4b, 0x89, 0xe4, 0xd9,
0xdb, 0xa2, 0xe5, 0xaf, 0xa5, 0x87, 0x73, 0x9d,
0x83, 0x72, 0xcf, 0xea, 0x84, 0x66, 0xc1, 0xf9,
0xc9, 0x78, 0xef, 0xba, 0x3d, 0xe9, 0xc1, 0xff,
0xa3, 0x75, 0xc7, 0x58, 0x74, 0x8e, 0x9c, 0x1d,
0x14, 0xd9, 0xdd, 0xd1, 0xfd, 0x24, 0x30, 0xd6,
0x81, 0xca, 0x8f, 0x78, 0x29, 0x19, 0x9a, 0xfe,
};
int demonstrate_digest(void)
{
OSSL_LIB_CTX *library_context;
int result = 0;
const char *option_properties = NULL;
EVP_MD *message_digest = NULL;
EVP_MD_CTX *digest_context = NULL;
int digest_length;
unsigned char *digest_value = NULL;
int j;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto cleanup;
}
/*
* Fetch a message digest by name
* The algorithm name is case insensitive.
* See providers(7) for details about algorithm fetching
*/
message_digest = EVP_MD_fetch(library_context,
"SHA3-512", option_properties);
if (message_digest == NULL) {
fprintf(stderr, "EVP_MD_fetch could not find SHA3-512.");
goto cleanup;
}
/* Determine the length of the fetched digest type */
digest_length = EVP_MD_get_size(message_digest);
if (digest_length <= 0) {
fprintf(stderr, "EVP_MD_get_size returned invalid size.\n");
goto cleanup;
}
digest_value = OPENSSL_malloc(digest_length);
if (digest_value == NULL) {
fprintf(stderr, "No memory.\n");
goto cleanup;
}
/*
* Make a message digest context to hold temporary state
* during digest creation
*/
digest_context = EVP_MD_CTX_new();
if (digest_context == NULL) {
fprintf(stderr, "EVP_MD_CTX_new failed.\n");
goto cleanup;
}
/*
* Initialize the message digest context to use the fetched
* digest provider
*/
if (EVP_DigestInit(digest_context, message_digest) != 1) {
fprintf(stderr, "EVP_DigestInit failed.\n");
goto cleanup;
}
/* Digest parts one and two of the soliloqy */
if (EVP_DigestUpdate(digest_context, hamlet_1, strlen(hamlet_1)) != 1) {
fprintf(stderr, "EVP_DigestUpdate(hamlet_1) failed.\n");
goto cleanup;
}
if (EVP_DigestUpdate(digest_context, hamlet_2, strlen(hamlet_2)) != 1) {
fprintf(stderr, "EVP_DigestUpdate(hamlet_2) failed.\n");
goto cleanup;
}
if (EVP_DigestFinal(digest_context, digest_value, &digest_length) != 1) {
fprintf(stderr, "EVP_DigestFinal() failed.\n");
goto cleanup;
}
for (j=0; j<digest_length; j++) {
fprintf(stdout, "%02x", digest_value[j]);
}
fprintf(stdout, "\n");
/* Check digest_value against the known answer */
if ((size_t)digest_length != sizeof(known_answer)) {
fprintf(stdout, "Digest length(%d) not equal to known answer length(%lu).\n",
digest_length, sizeof(known_answer));
} else if (memcmp(digest_value, known_answer, digest_length) != 0) {
for (j=0; j<sizeof(known_answer); j++) {
fprintf(stdout, "%02x", known_answer[j] );
}
fprintf(stdout, "\nDigest does not match known answer\n");
} else {
fprintf(stdout, "Digest computed properly.\n");
result = 1;
}
cleanup:
if (result != 1)
ERR_print_errors_fp(stderr);
/* OpenSSL free functions will ignore NULL arguments */
EVP_MD_CTX_free(digest_context);
OPENSSL_free(digest_value);
EVP_MD_free(message_digest);
OSSL_LIB_CTX_free(library_context);
return result;
}
int main(void)
{
return demonstrate_digest() == 0;
}

134
deps/openssl/openssl/demos/digest/EVP_MD_stdin.c vendored
View File

@ -1,134 +0,0 @@
/*-
* Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*-
* Example of using EVP_MD_fetch and EVP_Digest* methods to calculate
* a digest of static buffers
* You can find SHA3 test vectors from NIST here:
* https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/sha3/sha-3bytetestvectors.zip
* For example, contains these lines:
Len = 80
Msg = 1ca984dcc913344370cf
MD = 6915ea0eeffb99b9b246a0e34daf3947852684c3d618260119a22835659e4f23d4eb66a15d0affb8e93771578f5e8f25b7a5f2a55f511fb8b96325ba2cd14816
* use xxd convert the hex message string to binary input for EVP_MD_stdin:
* echo "1ca984dcc913344370cf" | xxd -r -p | ./EVP_MD_stdin
* and then verify the output matches MD above.
*/
#include <string.h>
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
/*-
* This demonstration will show how to digest data using
* a BIO created to read from stdin
*/
int demonstrate_digest(BIO *input)
{
OSSL_LIB_CTX *library_context = NULL;
int result = 0;
const char * option_properties = NULL;
EVP_MD *message_digest = NULL;
EVP_MD_CTX *digest_context = NULL;
int digest_length;
unsigned char *digest_value = NULL;
unsigned char buffer[512];
int ii;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto cleanup;
}
/*
* Fetch a message digest by name
* The algorithm name is case insensitive.
* See providers(7) for details about algorithm fetching
*/
message_digest = EVP_MD_fetch(library_context,
"SHA3-512", option_properties);
if (message_digest == NULL) {
fprintf(stderr, "EVP_MD_fetch could not find SHA3-512.");
ERR_print_errors_fp(stderr);
OSSL_LIB_CTX_free(library_context);
return 0;
}
/* Determine the length of the fetched digest type */
digest_length = EVP_MD_get_size(message_digest);
if (digest_length <= 0) {
fprintf(stderr, "EVP_MD_get_size returned invalid size.\n");
goto cleanup;
}
digest_value = OPENSSL_malloc(digest_length);
if (digest_value == NULL) {
fprintf(stderr, "No memory.\n");
goto cleanup;
}
/*
* Make a message digest context to hold temporary state
* during digest creation
*/
digest_context = EVP_MD_CTX_new();
if (digest_context == NULL) {
fprintf(stderr, "EVP_MD_CTX_new failed.\n");
ERR_print_errors_fp(stderr);
goto cleanup;
}
/*
* Initialize the message digest context to use the fetched
* digest provider
*/
if (EVP_DigestInit(digest_context, message_digest) != 1) {
fprintf(stderr, "EVP_DigestInit failed.\n");
ERR_print_errors_fp(stderr);
goto cleanup;
}
while ((ii = BIO_read(input, buffer, sizeof(buffer))) > 0) {
if (EVP_DigestUpdate(digest_context, buffer, ii) != 1) {
fprintf(stderr, "EVP_DigestUpdate() failed.\n");
goto cleanup;
}
}
if (EVP_DigestFinal(digest_context, digest_value, &digest_length) != 1) {
fprintf(stderr, "EVP_DigestFinal() failed.\n");
goto cleanup;
}
result = 1;
for (ii=0; ii<digest_length; ii++) {
fprintf(stdout, "%02x", digest_value[ii]);
}
fprintf(stdout, "\n");
cleanup:
if (result != 1)
ERR_print_errors_fp(stderr);
/* OpenSSL free functions will ignore NULL arguments */
EVP_MD_CTX_free(digest_context);
OPENSSL_free(digest_value);
EVP_MD_free(message_digest);
OSSL_LIB_CTX_free(library_context);
return result;
}
int main(void)
{
int result = 1;
BIO *input = BIO_new_fd( fileno(stdin), 1 );
if (input != NULL) {
result = demonstrate_digest(input);
BIO_free(input);
}
return result;
}

132
deps/openssl/openssl/demos/digest/EVP_MD_xof.c vendored
View File

@ -1,132 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <string.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/core_names.h>
/*
* Example of using an extendable-output hash function (XOF). A XOF is a hash
* function with configurable output length and which can generate an
* arbitrarily large output.
*
* This example uses SHAKE256, an extendable output variant of SHA3 (Keccak).
*
* To generate different output lengths, you can pass a single integer argument
* on the command line, which is the output size in bytes. By default, a 20-byte
* output is generated and (for this length only) a known answer test is
* performed.
*/
/* Our input to the XOF hash function. */
const char message[] = "This is a test message.";
/* Expected output when an output length of 20 bytes is used. */
static const char known_answer[] = {
0x52, 0x97, 0x93, 0x78, 0x27, 0x58, 0x7d, 0x62,
0x8b, 0x00, 0x25, 0xb5, 0xec, 0x39, 0x5e, 0x2d,
0x7f, 0x3e, 0xd4, 0x19
};
/*
* A property query used for selecting the SHAKE256 implementation.
*/
static const char *propq = NULL;
int main(int argc, char **argv)
{
int rv = 1;
OSSL_LIB_CTX *libctx = NULL;
EVP_MD *md = NULL;
EVP_MD_CTX *ctx = NULL;
unsigned int digest_len = 20;
int digest_len_i;
unsigned char *digest = NULL;
/* Allow digest length to be changed for demonstration purposes. */
if (argc > 1) {
digest_len_i = atoi(argv[1]);
if (digest_len_i <= 0) {
fprintf(stderr, "Specify a non-negative digest length\n");
goto end;
}
digest_len = (unsigned int)digest_len_i;
}
/*
* Retrieve desired algorithm. This must be a hash algorithm which supports
* XOF.
*/
md = EVP_MD_fetch(libctx, "SHAKE256", propq);
if (md == NULL) {
fprintf(stderr, "Failed to retrieve SHAKE256 algorithm\n");
goto end;
}
/* Create context. */
ctx = EVP_MD_CTX_new();
if (ctx == NULL) {
fprintf(stderr, "Failed to create digest context\n");
goto end;
}
/* Initialize digest context. */
if (EVP_DigestInit(ctx, md) == 0) {
fprintf(stderr, "Failed to initialize digest\n");
goto end;
}
/*
* Feed our message into the digest function.
* This may be called multiple times.
*/
if (EVP_DigestUpdate(ctx, message, sizeof(message)) == 0) {
fprintf(stderr, "Failed to hash input message\n");
goto end;
}
/* Allocate enough memory for our digest length. */
digest = OPENSSL_malloc(digest_len);
if (digest == NULL) {
fprintf(stderr, "Failed to allocate memory for digest\n");
goto end;
}
/* Get computed digest. The digest will be of whatever length we specify. */
if (EVP_DigestFinalXOF(ctx, digest, digest_len) == 0) {
fprintf(stderr, "Failed to finalize hash\n");
goto end;
}
printf("Output digest:\n");
BIO_dump_indent_fp(stdout, digest, digest_len, 2);
/* If digest length is 20 bytes, check it matches our known answer. */
if (digest_len == 20) {
/*
* Always use a constant-time function such as CRYPTO_memcmp
* when comparing cryptographic values. Do not use memcmp(3).
*/
if (CRYPTO_memcmp(digest, known_answer, sizeof(known_answer)) != 0) {
fprintf(stderr, "Output does not match expected result\n");
goto end;
}
}
rv = 0;
end:
OPENSSL_free(digest);
EVP_MD_CTX_free(ctx);
EVP_MD_free(md);
OSSL_LIB_CTX_free(libctx);
return rv;
}

23
deps/openssl/openssl/demos/digest/Makefile vendored
View File

@ -1,23 +0,0 @@
#
# To run the demos when linked with a shared library (default):
#
# LD_LIBRARY_PATH=../.. ./EVP_MD_demo
CFLAGS = -I../../include -g -Wall
LDFLAGS = -L../..
LDLIBS = -lcrypto
all: EVP_MD_demo EVP_MD_stdin EVP_MD_xof BIO_f_md
%.o: %.c
$(CC) $(CFLAGS) -c $<
EVP_MD_demo: EVP_MD_demo.o
EVP_MD_stdin: EVP_MD_stdin.o
EVP_MD_xof: EVP_MD_xof.o
BIO_f_md: BIO_f_md.o
test: ;
clean:
$(RM) *.o EVP_MD_demo EVP_MD_stdin EVP_MD_xof BIO_f_md

20
deps/openssl/openssl/demos/encode/Makefile vendored
View File

@ -1,20 +0,0 @@
#
# To run the demos when linked with a shared library (default):
#
# LD_LIBRARY_PATH=../.. ./rsa_encode
CFLAGS = -I../../include -g -Wall
LDFLAGS = -L../..
LDLIBS = -lcrypto
all: ec_encode rsa_encode
%.o: %.c
$(CC) $(CFLAGS) -c $<
%_encode: %_encode.o
test: ;
clean:
$(RM) *.o rsa_encode ec_encode

205
deps/openssl/openssl/demos/encode/ec_encode.c vendored
View File

@ -1,205 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h>
#include <openssl/decoder.h>
#include <openssl/encoder.h>
#include <openssl/evp.h>
/*
* Example showing the encoding and decoding of EC public and private keys. A
* PEM-encoded EC key is read in from stdin, decoded, and then re-encoded and
* output for demonstration purposes. Both public and private keys are accepted.
*
* This can be used to load EC keys from a file or save EC keys to a file.
*/
/* A property query used for selecting algorithm implementations. */
static const char *propq = NULL;
/*
* Load a PEM-encoded EC key from a file, optionally decrypting it with a
* supplied passphrase.
*/
static EVP_PKEY *load_key(OSSL_LIB_CTX *libctx, FILE *f, const char *passphrase)
{
int rv = 0;
EVP_PKEY *pkey = NULL;
OSSL_DECODER_CTX *dctx = NULL;
int selection = 0;
/*
* Create PEM decoder context expecting an EC key.
*
* For raw (non-PEM-encoded) keys, change "PEM" to "DER".
*
* The selection argument here specifies whether we are willing to accept a
* public key, private key, or either. If it is set to zero, either will be
* accepted. If set to EVP_PKEY_KEYPAIR, a private key will be required, and
* if set to EVP_PKEY_PUBLIC_KEY, a public key will be required.
*/
dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, "PEM", NULL, "EC",
selection,
libctx, propq);
if (dctx == NULL) {
fprintf(stderr, "OSSL_DECODER_CTX_new_for_pkey() failed\n");
goto cleanup;
}
/*
* Set passphrase if provided; needed to decrypt encrypted PEM files.
* If the input is not encrypted, any passphrase provided is ignored.
*
* Alternative methods for specifying passphrases exist, such as a callback
* (see OSSL_DECODER_CTX_set_passphrase_cb(3)), which may be more useful for
* interactive applications which do not know if a passphrase should be
* prompted for in advance, or for GUI applications.
*/
if (passphrase != NULL) {
if (OSSL_DECODER_CTX_set_passphrase(dctx,
(const unsigned char *)passphrase,
strlen(passphrase)) == 0) {
fprintf(stderr, "OSSL_DECODER_CTX_set_passphrase() failed\n");
goto cleanup;
}
}
/* Do the decode, reading from file. */
if (OSSL_DECODER_from_fp(dctx, f) == 0) {
fprintf(stderr, "OSSL_DECODER_from_fp() failed\n");
goto cleanup;
}
rv = 1;
cleanup:
OSSL_DECODER_CTX_free(dctx);
/*
* pkey is created by OSSL_DECODER_CTX_new_for_pkey, but we
* might fail subsequently, so ensure it's properly freed
* in this case.
*/
if (rv == 0) {
EVP_PKEY_free(pkey);
pkey = NULL;
}
return pkey;
}
/*
* Store a EC public or private key to a file using PEM encoding.
*
* If a passphrase is supplied, the file is encrypted, otherwise
* it is unencrypted.
*/
static int store_key(EVP_PKEY *pkey, FILE *f, const char *passphrase)
{
int rv = 0;
int selection;
OSSL_ENCODER_CTX *ectx = NULL;
/*
* Create a PEM encoder context.
*
* For raw (non-PEM-encoded) output, change "PEM" to "DER".
*
* The selection argument controls whether the private key is exported
* (EVP_PKEY_KEYPAIR), or only the public key (EVP_PKEY_PUBLIC_KEY). The
* former will fail if we only have a public key.
*
* Note that unlike the decode API, you cannot specify zero here.
*
* Purely for the sake of demonstration, here we choose to export the whole
* key if a passphrase is provided and the public key otherwise.
*/
selection = (passphrase != NULL)
? EVP_PKEY_KEYPAIR
: EVP_PKEY_PUBLIC_KEY;
ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "PEM", NULL, propq);
if (ectx == NULL) {
fprintf(stderr, "OSSL_ENCODER_CTX_new_for_pkey() failed\n");
goto cleanup;
}
/*
* Set passphrase if provided; the encoded output will then be encrypted
* using the passphrase.
*
* Alternative methods for specifying passphrases exist, such as a callback
* (see OSSL_ENCODER_CTX_set_passphrase_cb(3), just as for OSSL_DECODER_CTX;
* however you are less likely to need them as you presumably know whether
* encryption is desired in advance.
*
* Note that specifying a passphrase alone is not enough to cause the
* key to be encrypted. You must set both a cipher and a passphrase.
*/
if (passphrase != NULL) {
/*
* Set cipher. Let's use AES-256-CBC, because it is
* more quantum resistant.
*/
if (OSSL_ENCODER_CTX_set_cipher(ectx, "AES-256-CBC", propq) == 0) {
fprintf(stderr, "OSSL_ENCODER_CTX_set_cipher() failed\n");
goto cleanup;
}
/* Set passphrase. */
if (OSSL_ENCODER_CTX_set_passphrase(ectx,
(const unsigned char *)passphrase,
strlen(passphrase)) == 0) {
fprintf(stderr, "OSSL_ENCODER_CTX_set_passphrase() failed\n");
goto cleanup;
}
}
/* Do the encode, writing to the given file. */
if (OSSL_ENCODER_to_fp(ectx, f) == 0) {
fprintf(stderr, "OSSL_ENCODER_to_fp() failed\n");
goto cleanup;
}
rv = 1;
cleanup:
OSSL_ENCODER_CTX_free(ectx);
return rv;
}
int main(int argc, char **argv)
{
int rv = 1;
OSSL_LIB_CTX *libctx = NULL;
EVP_PKEY *pkey = NULL;
const char *passphrase_in = NULL, *passphrase_out = NULL;
/* usage: ec_encode <passphrase-in> <passphrase-out> */
if (argc > 1 && argv[1][0])
passphrase_in = argv[1];
if (argc > 2 && argv[2][0])
passphrase_out = argv[2];
/* Decode PEM key from stdin and then PEM encode it to stdout. */
pkey = load_key(libctx, stdin, passphrase_in);
if (pkey == NULL) {
fprintf(stderr, "Failed to decode key\n");
goto cleanup;
}
if (store_key(pkey, stdout, passphrase_out) == 0) {
fprintf(stderr, "Failed to encode key\n");
goto cleanup;
}
rv = 0;
cleanup:
EVP_PKEY_free(pkey);
OSSL_LIB_CTX_free(libctx);
return rv;
}

202
deps/openssl/openssl/demos/encode/rsa_encode.c vendored
View File

@ -1,202 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h>
#include <openssl/decoder.h>
#include <openssl/encoder.h>
#include <openssl/evp.h>
/*
* Example showing the encoding and decoding of RSA public and private keys. A
* PEM-encoded RSA key is read in from stdin, decoded, and then re-encoded and
* output for demonstration purposes. Both public and private keys are accepted.
*
* This can be used to load RSA keys from a file or save RSA keys to a file.
*/
/* A property query used for selecting algorithm implementations. */
static const char *propq = NULL;
/*
* Load a PEM-encoded RSA key from a file, optionally decrypting it with a
* supplied passphrase.
*/
static EVP_PKEY *load_key(OSSL_LIB_CTX *libctx, FILE *f, const char *passphrase)
{
int rv = 0;
EVP_PKEY *pkey = NULL;
OSSL_DECODER_CTX *dctx = NULL;
int selection = 0;
/*
* Create PEM decoder context expecting an RSA key.
*
* For raw (non-PEM-encoded) keys, change "PEM" to "DER".
*
* The selection argument here specifies whether we are willing to accept a
* public key, private key, or either. If it is set to zero, either will be
* accepted. If set to EVP_PKEY_KEYPAIR, a private key will be required, and
* if set to EVP_PKEY_PUBLIC_KEY, a public key will be required.
*/
dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, "PEM", NULL, "RSA",
selection,
libctx, propq);
if (dctx == NULL) {
fprintf(stderr, "OSSL_DECODER_CTX_new_for_pkey() failed\n");
goto cleanup;
}
/*
* Set passphrase if provided; needed to decrypt encrypted PEM files.
* If the input is not encrypted, any passphrase provided is ignored.
*
* Alternative methods for specifying passphrases exist, such as a callback
* (see OSSL_DECODER_CTX_set_passphrase_cb(3)), which may be more useful for
* interactive applications which do not know if a passphrase should be
* prompted for in advance, or for GUI applications.
*/
if (passphrase != NULL) {
if (OSSL_DECODER_CTX_set_passphrase(dctx,
(const unsigned char *)passphrase,
strlen(passphrase)) == 0) {
fprintf(stderr, "OSSL_DECODER_CTX_set_passphrase() failed\n");
goto cleanup;
}
}
/* Do the decode, reading from file. */
if (OSSL_DECODER_from_fp(dctx, f) == 0) {
fprintf(stderr, "OSSL_DECODER_from_fp() failed\n");
goto cleanup;
}
rv = 1;
cleanup:
OSSL_DECODER_CTX_free(dctx);
/*
* pkey is created by OSSL_DECODER_CTX_new_for_pkey, but we
* might fail subsequently, so ensure it's properly freed
* in this case.
*/
if (rv == 0) {
EVP_PKEY_free(pkey);
pkey = NULL;
}
return pkey;
}
/*
* Store an RSA public or private key to a file using PEM encoding.
*
* If a passphrase is supplied, the file is encrypted, otherwise
* it is unencrypted.
*/
static int store_key(EVP_PKEY *pkey, FILE *f, const char *passphrase)
{
int rv = 0;
int selection;
OSSL_ENCODER_CTX *ectx = NULL;
/*
* Create a PEM encoder context.
*
* For raw (non-PEM-encoded) output, change "PEM" to "DER".
*
* The selection argument controls whether the private key is exported
* (EVP_PKEY_KEYPAIR), or only the public key (EVP_PKEY_PUBLIC_KEY). The
* former will fail if we only have a public key.
*
* Note that unlike the decode API, you cannot specify zero here.
*
* Purely for the sake of demonstration, here we choose to export the whole
* key if a passphrase is provided and the public key otherwise.
*/
selection = (passphrase != NULL)
? EVP_PKEY_KEYPAIR
: EVP_PKEY_PUBLIC_KEY;
ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "PEM", NULL, propq);
if (ectx == NULL) {
fprintf(stderr, "OSSL_ENCODER_CTX_new_for_pkey() failed\n");
goto cleanup;
}
/*
* Set passphrase if provided; the encoded output will then be encrypted
* using the passphrase.
*
* Alternative methods for specifying passphrases exist, such as a callback
* (see OSSL_ENCODER_CTX_set_passphrase_cb(3), just as for OSSL_DECODER_CTX;
* however you are less likely to need them as you presumably know whether
* encryption is desired in advance.
*
* Note that specifying a passphrase alone is not enough to cause the
* key to be encrypted. You must set both a cipher and a passphrase.
*/
if (passphrase != NULL) {
/* Set cipher. AES-128-CBC is a reasonable default. */
if (OSSL_ENCODER_CTX_set_cipher(ectx, "AES-128-CBC", propq) == 0) {
fprintf(stderr, "OSSL_ENCODER_CTX_set_cipher() failed\n");
goto cleanup;
}
/* Set passphrase. */
if (OSSL_ENCODER_CTX_set_passphrase(ectx,
(const unsigned char *)passphrase,
strlen(passphrase)) == 0) {
fprintf(stderr, "OSSL_ENCODER_CTX_set_passphrase() failed\n");
goto cleanup;
}
}
/* Do the encode, writing to the given file. */
if (OSSL_ENCODER_to_fp(ectx, f) == 0) {
fprintf(stderr, "OSSL_ENCODER_to_fp() failed\n");
goto cleanup;
}
rv = 1;
cleanup:
OSSL_ENCODER_CTX_free(ectx);
return rv;
}
int main(int argc, char **argv)
{
int rv = 1;
OSSL_LIB_CTX *libctx = NULL;
EVP_PKEY *pkey = NULL;
const char *passphrase_in = NULL, *passphrase_out = NULL;
/* usage: rsa_encode <passphrase-in> <passphrase-out> */
if (argc > 1 && argv[1][0])
passphrase_in = argv[1];
if (argc > 2 && argv[2][0])
passphrase_out = argv[2];
/* Decode PEM key from stdin and then PEM encode it to stdout. */
pkey = load_key(libctx, stdin, passphrase_in);
if (pkey == NULL) {
fprintf(stderr, "Failed to decode key\n");
goto cleanup;
}
if (store_key(pkey, stdout, passphrase_out) == 0) {
fprintf(stderr, "Failed to encode key\n");
goto cleanup;
}
rv = 0;
cleanup:
EVP_PKEY_free(pkey);
OSSL_LIB_CTX_free(libctx);
return rv;
}

22
deps/openssl/openssl/demos/kdf/Makefile vendored
View File

@ -1,22 +0,0 @@
#
# To run the demos when linked with a shared library (default):
#
# LD_LIBRARY_PATH=../.. ./hkdf
CFLAGS = -I../../include -g
LDFLAGS = -L../..
LDLIBS = -lcrypto
all: hkdf pbkdf2 scrypt
%.o: %.c
$(CC) $(CFLAGS) -c $<
hkdf: hkdf.o
pbkdf2: pbkdf2.o
scrypt: scrypt.o
test: ;
clean:
$(RM) *.o hkdf pbkdf2 scrypt

104
deps/openssl/openssl/demos/kdf/hkdf.c vendored
View File

@ -1,104 +0,0 @@
/*
* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/core_names.h>
#include <openssl/crypto.h>
#include <openssl/kdf.h>
#include <openssl/obj_mac.h>
#include <openssl/params.h>
/*
* test vector from
* https://datatracker.ietf.org/doc/html/rfc5869
*/
static unsigned char hkdf_salt[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
0x0c
};
static unsigned char hkdf_ikm[] = {
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b
};
static unsigned char hkdf_info[] = {
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9
};
/* Expected output keying material */
static unsigned char hkdf_okm[] = {
0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, 0x90, 0x43, 0x4f, 0x64,
0xd0, 0x36, 0x2f, 0x2a, 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, 0x34, 0x00, 0x72, 0x08,
0xd5, 0xb8, 0x87, 0x18, 0x58, 0x65
};
int main(int argc, char **argv)
{
int rv = 1;
EVP_KDF *kdf = NULL;
EVP_KDF_CTX *kctx = NULL;
unsigned char out[42];
OSSL_PARAM params[5], *p = params;
OSSL_LIB_CTX *library_context = NULL;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto end;
}
/* Fetch the key derivation function implementation */
kdf = EVP_KDF_fetch(library_context, "HKDF", NULL);
if (kdf == NULL) {
fprintf(stderr, "EVP_KDF_fetch() returned NULL\n");
goto end;
}
/* Create a context for the key derivation operation */
kctx = EVP_KDF_CTX_new(kdf);
if (kctx == NULL) {
fprintf(stderr, "EVP_KDF_CTX_new() returned NULL\n");
goto end;
}
/* Set the underlying hash function used to derive the key */
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
"SHA256", 0);
/* Set input keying material */
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, hkdf_ikm,
sizeof(hkdf_ikm));
/* Set application specific information */
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, hkdf_info,
sizeof(hkdf_info));
/* Set salt */
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, hkdf_salt,
sizeof(hkdf_salt));
*p = OSSL_PARAM_construct_end();
/* Derive the key */
if (EVP_KDF_derive(kctx, out, sizeof(out), params) != 1) {
fprintf(stderr, "EVP_KDF_derive() failed\n");
goto end;
}
if (CRYPTO_memcmp(hkdf_okm, out, sizeof(hkdf_okm)) != 0) {
fprintf(stderr, "Generated key does not match expected value\n");
goto end;
}
rv = 0;
end:
EVP_KDF_CTX_free(kctx);
EVP_KDF_free(kdf);
OSSL_LIB_CTX_free(library_context);
return rv;
}

117
deps/openssl/openssl/demos/kdf/pbkdf2.c vendored
View File

@ -1,117 +0,0 @@
/*
* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/core_names.h>
#include <openssl/crypto.h>
#include <openssl/kdf.h>
#include <openssl/obj_mac.h>
#include <openssl/params.h>
/*
* test vector from
* https://datatracker.ietf.org/doc/html/rfc7914
*/
/*
* Hard coding a password into an application is very bad.
* It is done here solely for educational purposes.
*/
static unsigned char password[] = {
'P', 'a', 's', 's', 'w', 'o', 'r', 'd'
};
/*
* The salt is better not being hard coded too. Each password should have a
* different salt if possible. The salt is not considered secret information
* and is safe to store with an encrypted password.
*/
static unsigned char pbkdf2_salt[] = {
'N', 'a', 'C', 'l'
};
/*
* The iteration parameter can be variable or hard coded. The disadvantage with
* hard coding them is that they cannot easily be adjusted for future
* technological improvements appear.
*/
static unsigned int pbkdf2_iterations = 80000;
static const unsigned char expected_output[] = {
0x4d, 0xdc, 0xd8, 0xf6, 0x0b, 0x98, 0xbe, 0x21,
0x83, 0x0c, 0xee, 0x5e, 0xf2, 0x27, 0x01, 0xf9,
0x64, 0x1a, 0x44, 0x18, 0xd0, 0x4c, 0x04, 0x14,
0xae, 0xff, 0x08, 0x87, 0x6b, 0x34, 0xab, 0x56,
0xa1, 0xd4, 0x25, 0xa1, 0x22, 0x58, 0x33, 0x54,
0x9a, 0xdb, 0x84, 0x1b, 0x51, 0xc9, 0xb3, 0x17,
0x6a, 0x27, 0x2b, 0xde, 0xbb, 0xa1, 0xd0, 0x78,
0x47, 0x8f, 0x62, 0xb3, 0x97, 0xf3, 0x3c, 0x8d
};
int main(int argc, char **argv)
{
int rv = 1;
EVP_KDF *kdf = NULL;
EVP_KDF_CTX *kctx = NULL;
unsigned char out[64];
OSSL_PARAM params[5], *p = params;
OSSL_LIB_CTX *library_context = NULL;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto end;
}
/* Fetch the key derivation function implementation */
kdf = EVP_KDF_fetch(library_context, "PBKDF2", NULL);
if (kdf == NULL) {
fprintf(stderr, "EVP_KDF_fetch() returned NULL\n");
goto end;
}
/* Create a context for the key derivation operation */
kctx = EVP_KDF_CTX_new(kdf);
if (kctx == NULL) {
fprintf(stderr, "EVP_KDF_CTX_new() returned NULL\n");
goto end;
}
/* Set password */
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, password,
sizeof(password));
/* Set salt */
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, pbkdf2_salt,
sizeof(pbkdf2_salt));
/* Set iteration count (default 2048) */
*p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_ITER, &pbkdf2_iterations);
/* Set the underlying hash function used to derive the key */
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
"SHA256", 0);
*p = OSSL_PARAM_construct_end();
/* Derive the key */
if (EVP_KDF_derive(kctx, out, sizeof(out), params) != 1) {
fprintf(stderr, "EVP_KDF_derive() failed\n");
goto end;
}
if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
fprintf(stderr, "Generated key does not match expected value\n");
goto end;
}
rv = 0;
end:
EVP_KDF_CTX_free(kctx);
EVP_KDF_free(kdf);
OSSL_LIB_CTX_free(library_context);
return rv;
}

120
deps/openssl/openssl/demos/kdf/scrypt.c vendored
View File

@ -1,120 +0,0 @@
/*
* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/core_names.h>
#include <openssl/crypto.h>
#include <openssl/kdf.h>
#include <openssl/obj_mac.h>
#include <openssl/params.h>
/*
* test vector from
* https://datatracker.ietf.org/doc/html/rfc7914
*/
/*
* Hard coding a password into an application is very bad.
* It is done here solely for educational purposes.
*/
static unsigned char password[] = {
'p', 'a', 's', 's', 'w', 'o', 'r', 'd'
};
/*
* The salt is better not being hard coded too. Each password should have a
* different salt if possible. The salt is not considered secret information
* and is safe to store with an encrypted password.
*/
static unsigned char scrypt_salt[] = {
'N', 'a', 'C', 'l'
};
/*
* The SCRYPT parameters can be variable or hard coded. The disadvantage with
* hard coding them is that they cannot easily be adjusted for future
* technological improvements appear.
*/
static unsigned int scrypt_n = 1024;
static unsigned int scrypt_r = 8;
static unsigned int scrypt_p = 16;
static const unsigned char expected_output[] = {
0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
};
int main(int argc, char **argv)
{
int rv = 1;
EVP_KDF *kdf = NULL;
EVP_KDF_CTX *kctx = NULL;
unsigned char out[64];
OSSL_PARAM params[6], *p = params;
OSSL_LIB_CTX *library_context = NULL;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto end;
}
/* Fetch the key derivation function implementation */
kdf = EVP_KDF_fetch(library_context, "SCRYPT", NULL);
if (kdf == NULL) {
fprintf(stderr, "EVP_KDF_fetch() returned NULL\n");
goto end;
}
/* Create a context for the key derivation operation */
kctx = EVP_KDF_CTX_new(kdf);
if (kctx == NULL) {
fprintf(stderr, "EVP_KDF_CTX_new() returned NULL\n");
goto end;
}
/* Set password */
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, password,
sizeof(password));
/* Set salt */
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, scrypt_salt,
sizeof(scrypt_salt));
/* Set N (default 1048576) */
*p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_N, &scrypt_n);
/* Set R (default 8) */
*p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_R, &scrypt_r);
/* Set P (default 1) */
*p++ = OSSL_PARAM_construct_uint(OSSL_KDF_PARAM_SCRYPT_P, &scrypt_p);
*p = OSSL_PARAM_construct_end();
/* Derive the key */
if (EVP_KDF_derive(kctx, out, sizeof(out), params) != 1) {
fprintf(stderr, "EVP_KDF_derive() failed\n");
goto end;
}
if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
fprintf(stderr, "Generated key does not match expected value\n");
goto end;
}
rv = 0;
end:
EVP_KDF_CTX_free(kctx);
EVP_KDF_free(kdf);
OSSL_LIB_CTX_free(library_context);
return rv;
}

278
deps/openssl/openssl/demos/keyexch/x25519.c vendored
View File

@ -1,278 +0,0 @@
/*
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <string.h>
#include <openssl/core_names.h>
#include <openssl/evp.h>
/*
* This is a demonstration of key exchange using X25519.
*
* The variables beginning `peer1_` / `peer2_` are data which would normally be
* accessible to that peer.
*
* Ordinarily you would use random keys, which are demonstrated
* below when use_kat=0. A known answer test is demonstrated
* when use_kat=1.
*/
/* A property query used for selecting the X25519 implementation. */
static const char *propq = NULL;
static const unsigned char peer1_privk_data[32] = {
0x80, 0x5b, 0x30, 0x20, 0x25, 0x4a, 0x70, 0x2c,
0xad, 0xa9, 0x8d, 0x7d, 0x47, 0xf8, 0x1b, 0x20,
0x89, 0xd2, 0xf9, 0x14, 0xac, 0x92, 0x27, 0xf2,
0x10, 0x7e, 0xdb, 0x21, 0xbd, 0x73, 0x73, 0x5d
};
static const unsigned char peer2_privk_data[32] = {
0xf8, 0x84, 0x19, 0x69, 0x79, 0x13, 0x0d, 0xbd,
0xb1, 0x76, 0xd7, 0x0e, 0x7e, 0x0f, 0xb6, 0xf4,
0x8c, 0x4a, 0x8c, 0x5f, 0xd8, 0x15, 0x09, 0x0a,
0x71, 0x78, 0x74, 0x92, 0x0f, 0x85, 0xc8, 0x43
};
static const unsigned char expected_result[32] = {
0x19, 0x71, 0x26, 0x12, 0x74, 0xb5, 0xb1, 0xce,
0x77, 0xd0, 0x79, 0x24, 0xb6, 0x0a, 0x5c, 0x72,
0x0c, 0xa6, 0x56, 0xc0, 0x11, 0xeb, 0x43, 0x11,
0x94, 0x3b, 0x01, 0x45, 0xca, 0x19, 0xfe, 0x09
};
typedef struct peer_data_st {
const char *name; /* name of peer */
EVP_PKEY *privk; /* privk generated for peer */
unsigned char pubk_data[32]; /* generated pubk to send to other peer */
unsigned char *secret; /* allocated shared secret buffer */
size_t secret_len;
} PEER_DATA;
/*
* Prepare for X25519 key exchange. The public key to be sent to the remote peer
* is put in pubk_data, which should be a 32-byte buffer. Returns 1 on success.
*/
static int keyexch_x25519_before(
OSSL_LIB_CTX *libctx,
const unsigned char *kat_privk_data,
PEER_DATA *local_peer)
{
int rv = 0;
size_t pubk_data_len = 0;
/* Generate or load X25519 key for the peer */
if (kat_privk_data != NULL)
local_peer->privk =
EVP_PKEY_new_raw_private_key_ex(libctx, "X25519", propq,
kat_privk_data,
sizeof(peer1_privk_data));
else
local_peer->privk = EVP_PKEY_Q_keygen(libctx, propq, "X25519");
if (local_peer->privk == NULL) {
fprintf(stderr, "Could not load or generate private key\n");
goto end;
}
/* Get public key corresponding to the private key */
if (EVP_PKEY_get_octet_string_param(local_peer->privk,
OSSL_PKEY_PARAM_PUB_KEY,
local_peer->pubk_data,
sizeof(local_peer->pubk_data),
&pubk_data_len) == 0) {
fprintf(stderr, "EVP_PKEY_get_octet_string_param() failed\n");
goto end;
}
/* X25519 public keys are always 32 bytes */
if (pubk_data_len != 32) {
fprintf(stderr, "EVP_PKEY_get_octet_string_param() "
"yielded wrong length\n");
goto end;
}
rv = 1;
end:
if (rv == 0) {
EVP_PKEY_free(local_peer->privk);
local_peer->privk = NULL;
}
return rv;
}
/*
* Complete X25519 key exchange. remote_peer_pubk_data should be the 32 byte
* public key value received from the remote peer. On success, returns 1 and the
* secret is pointed to by *secret. The caller must free it.
*/
static int keyexch_x25519_after(
OSSL_LIB_CTX *libctx,
int use_kat,
PEER_DATA *local_peer,
const unsigned char *remote_peer_pubk_data)
{
int rv = 0;
EVP_PKEY *remote_peer_pubk = NULL;
EVP_PKEY_CTX *ctx = NULL;
local_peer->secret = NULL;
/* Load public key for remote peer. */
remote_peer_pubk =
EVP_PKEY_new_raw_public_key_ex(libctx, "X25519", propq,
remote_peer_pubk_data, 32);
if (remote_peer_pubk == NULL) {
fprintf(stderr, "EVP_PKEY_new_raw_public_key_ex() failed\n");
goto end;
}
/* Create key exchange context. */
ctx = EVP_PKEY_CTX_new_from_pkey(libctx, local_peer->privk, propq);
if (ctx == NULL) {
fprintf(stderr, "EVP_PKEY_CTX_new_from_pkey() failed\n");
goto end;
}
/* Initialize derivation process. */
if (EVP_PKEY_derive_init(ctx) == 0) {
fprintf(stderr, "EVP_PKEY_derive_init() failed\n");
goto end;
}
/* Configure each peer with the other peer's public key. */
if (EVP_PKEY_derive_set_peer(ctx, remote_peer_pubk) == 0) {
fprintf(stderr, "EVP_PKEY_derive_set_peer() failed\n");
goto end;
}
/* Determine the secret length. */
if (EVP_PKEY_derive(ctx, NULL, &local_peer->secret_len) == 0) {
fprintf(stderr, "EVP_PKEY_derive() failed\n");
goto end;
}
/*
* We are using X25519, so the secret generated will always be 32 bytes.
* However for exposition, the code below demonstrates a generic
* implementation for arbitrary lengths.
*/
if (local_peer->secret_len != 32) { /* unreachable */
fprintf(stderr, "Secret is always 32 bytes for X25519\n");
goto end;
}
/* Allocate memory for shared secrets. */
local_peer->secret = OPENSSL_malloc(local_peer->secret_len);
if (local_peer->secret == NULL) {
fprintf(stderr, "Could not allocate memory for secret\n");
goto end;
}
/* Derive the shared secret. */
if (EVP_PKEY_derive(ctx, local_peer->secret,
&local_peer->secret_len) == 0) {
fprintf(stderr, "EVP_PKEY_derive() failed\n");
goto end;
}
printf("Shared secret (%s):\n", local_peer->name);
BIO_dump_indent_fp(stdout, local_peer->secret, local_peer->secret_len, 2);
putchar('\n');
rv = 1;
end:
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(remote_peer_pubk);
if (rv == 0) {
OPENSSL_clear_free(local_peer->secret, local_peer->secret_len);
local_peer->secret = NULL;
}
return rv;
}
static int keyexch_x25519(int use_kat)
{
int rv = 0;
OSSL_LIB_CTX *libctx = NULL;
PEER_DATA peer1 = {"peer 1"}, peer2 = {"peer 2"};
/*
* Each peer generates its private key and sends its public key
* to the other peer. The private key is stored locally for
* later use.
*/
if (keyexch_x25519_before(libctx, use_kat ? peer1_privk_data : NULL,
&peer1) == 0)
return 0;
if (keyexch_x25519_before(libctx, use_kat ? peer2_privk_data : NULL,
&peer2) == 0)
return 0;
/*
* Each peer uses the other peer's public key to perform key exchange.
* After this succeeds, each peer has the same secret in its
* PEER_DATA.
*/
if (keyexch_x25519_after(libctx, use_kat, &peer1, peer2.pubk_data) == 0)
return 0;
if (keyexch_x25519_after(libctx, use_kat, &peer2, peer1.pubk_data) == 0)
return 0;
/*
* Here we demonstrate the secrets are equal for exposition purposes.
*
* Although in practice you will generally not need to compare secrets
* produced through key exchange, if you do compare cryptographic secrets,
* always do so using a constant-time function such as CRYPTO_memcmp, never
* using memcmp(3).
*/
if (CRYPTO_memcmp(peer1.secret, peer2.secret, peer1.secret_len) != 0) {
fprintf(stderr, "Negotiated secrets do not match\n");
goto end;
}
/* If we are doing the KAT, the secret should equal our reference result. */
if (use_kat && CRYPTO_memcmp(peer1.secret, expected_result,
peer1.secret_len) != 0) {
fprintf(stderr, "Did not get expected result\n");
goto end;
}
rv = 1;
end:
/* The secrets are sensitive, so ensure they are erased before freeing. */
OPENSSL_clear_free(peer1.secret, peer1.secret_len);
OPENSSL_clear_free(peer2.secret, peer2.secret_len);
EVP_PKEY_free(peer1.privk);
EVP_PKEY_free(peer2.privk);
OSSL_LIB_CTX_free(libctx);
return rv;
}
int main(int argc, char **argv)
{
/* Test X25519 key exchange with known result. */
printf("Key exchange using known answer (deterministic):\n");
if (keyexch_x25519(1) == 0)
return 1;
/* Test X25519 key exchange with random keys. */
printf("Key exchange using random keys:\n");
if (keyexch_x25519(0) == 0)
return 1;
return 0;
}

25
deps/openssl/openssl/demos/mac/Makefile vendored
View File

@ -1,25 +0,0 @@
# Quick instruction:
# To build against an OpenSSL built in the source tree, do this:
#
# make OPENSSL_INCS_LOCATION=-I../../include OPENSSL_LIBS_LOCATION=-L../..
#
# To run the demos when linked with a shared library (default):
#
# LD_LIBRARY_PATH=../.. ./gmac
# LD_LIBRARY_PATH=../.. ./poly1305
CFLAGS = $(OPENSSL_INCS_LOCATION) -Wall
LDFLAGS = $(OPENSSL_LIBS_LOCATION) -lssl -lcrypto
all: gmac hmac-sha512 cmac-aes256 poly1305
gmac: gmac.o
hmac-sha512: hmac-sha512.o
cmac-aes256: cmac-aes256.o
poly1305: poly1305.o
gmac hmac-sha512 cmac-aes256 poly1305:
$(CC) $(CFLAGS) -o $@ $< $(LDFLAGS)
clean:
$(RM) gmac hmac-sha512 cmac-aes256 poly1305 *.o

154
deps/openssl/openssl/demos/mac/cmac-aes256.c vendored
View File

@ -1,154 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Example of using EVP_MAC_ methods to calculate
* a CMAC of static buffers
*/
#include <string.h>
#include <stdio.h>
#include <openssl/crypto.h>
#include <openssl/core_names.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/cmac.h>
#include <openssl/params.h>
/*
* Hard coding the key into an application is very bad.
* It is done here solely for educational purposes.
*/
static unsigned char key[] = {
0x6c, 0xde, 0x14, 0xf5, 0xd5, 0x2a, 0x4a, 0xdf,
0x12, 0x39, 0x1e, 0xbf, 0x36, 0xf9, 0x6a, 0x46,
0x48, 0xd0, 0xb6, 0x51, 0x89, 0xfc, 0x24, 0x85,
0xa8, 0x8d, 0xdf, 0x7e, 0x80, 0x14, 0xc8, 0xce,
};
static const unsigned char data[] =
"To be, or not to be, that is the question,\n"
"Whether tis nobler in the minde to suffer\n"
"The ſlings and arrowes of outragious fortune,\n"
"Or to take Armes again in a sea of troubles,\n"
"And by opposing, end them, to die to sleep;\n"
"No more, and by a sleep, to say we end\n"
"The heart-ache, and the thousand natural shocks\n"
"That flesh is heir to? tis a consumation\n"
"Devoutly to be wished. To die to sleep,\n"
"To sleepe, perchance to dreame, Aye, there's the rub,\n"
"For in that sleep of death what dreams may come\n"
"When we haue shuffled off this mortal coil\n"
"Must give us pause. There's the respect\n"
"That makes calamity of so long life:\n"
"For who would bear the Ships and Scorns of time,\n"
"The oppressor's wrong, the proud man's Contumely,\n"
"The pangs of dispised love, the Law's delay,\n"
;
/* The known value of the CMAC/AES256 MAC of the above soliloqy */
static const unsigned char expected_output[] = {
0x67, 0x92, 0x32, 0x23, 0x50, 0x3d, 0xc5, 0xba,
0x78, 0xd4, 0x6d, 0x63, 0xf2, 0x2b, 0xe9, 0x56,
};
/*
* A property query used for selecting the MAC implementation.
*/
static const char *propq = NULL;
int main(void)
{
int rv = EXIT_FAILURE;
OSSL_LIB_CTX *library_context = NULL;
EVP_MAC *mac = NULL;
EVP_MAC_CTX *mctx = NULL;
unsigned char *out = NULL;
size_t out_len = 0;
OSSL_PARAM params[4], *p = params;
char cipher_name[] = "aes256";
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto end;
}
/* Fetch the CMAC implementation */
mac = EVP_MAC_fetch(library_context, "CMAC", propq);
if (mac == NULL) {
fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");
goto end;
}
/* Create a context for the CMAC operation */
mctx = EVP_MAC_CTX_new(mac);
if (mctx == NULL) {
fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");
goto end;
}
/* The underlying cipher to be used */
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, cipher_name,
sizeof(cipher_name));
*p = OSSL_PARAM_construct_end();
/* Initialise the CMAC operation */
if (!EVP_MAC_init(mctx, key, sizeof(key), params)) {
fprintf(stderr, "EVP_MAC_init() failed\n");
goto end;
}
/* Make one or more calls to process the data to be authenticated */
if (!EVP_MAC_update(mctx, data, sizeof(data))) {
fprintf(stderr, "EVP_MAC_update() failed\n");
goto end;
}
/* Make a call to the final with a NULL buffer to get the length of the MAC */
if (!EVP_MAC_final(mctx, NULL, &out_len, 0)) {
fprintf(stderr, "EVP_MAC_final() failed\n");
goto end;
}
out = OPENSSL_malloc(out_len);
if (out == NULL) {
fprintf(stderr, "malloc failed\n");
goto end;
}
/* Make one call to the final to get the MAC */
if (!EVP_MAC_final(mctx, out, &out_len, out_len)) {
fprintf(stderr, "EVP_MAC_final() failed\n");
goto end;
}
printf("Generated MAC:\n");
BIO_dump_indent_fp(stdout, out, out_len, 2);
putchar('\n');
if (out_len != sizeof(expected_output)) {
fprintf(stderr, "Generated MAC has an unexpected length\n");
goto end;
}
if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
fprintf(stderr, "Generated MAC does not match expected value\n");
goto end;
}
rv = EXIT_SUCCESS;
end:
if (rv != EXIT_SUCCESS)
ERR_print_errors_fp(stderr);
/* OpenSSL free functions will ignore NULL arguments */
OPENSSL_free(out);
EVP_MAC_CTX_free(mctx);
EVP_MAC_free(mac);
OSSL_LIB_CTX_free(library_context);
return rv;
}

145
deps/openssl/openssl/demos/mac/gmac.c vendored
View File

@ -1,145 +0,0 @@
/*
* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <stdlib.h>
#include <openssl/core_names.h>
#include <openssl/evp.h>
#include <openssl/params.h>
#include <openssl/err.h>
/*
* Taken from NIST's GCM Test Vectors
* http://csrc.nist.gov/groups/STM/cavp/
*/
/*
* Hard coding the key into an application is very bad.
* It is done here solely for educational purposes.
*/
static unsigned char key[] = {
0x77, 0xbe, 0x63, 0x70, 0x89, 0x71, 0xc4, 0xe2,
0x40, 0xd1, 0xcb, 0x79, 0xe8, 0xd7, 0x7f, 0xeb
};
/*
* The initialisation vector (IV) is better not being hard coded too.
* Repeating password/IV pairs compromises the integrity of GMAC.
* The IV is not considered secret information and is safe to store with
* an encrypted password.
*/
static unsigned char iv[] = {
0xe0, 0xe0, 0x0f, 0x19, 0xfe, 0xd7, 0xba,
0x01, 0x36, 0xa7, 0x97, 0xf3
};
static unsigned char data[] = {
0x7a, 0x43, 0xec, 0x1d, 0x9c, 0x0a, 0x5a, 0x78,
0xa0, 0xb1, 0x65, 0x33, 0xa6, 0x21, 0x3c, 0xab
};
static const unsigned char expected_output[] = {
0x20, 0x9f, 0xcc, 0x8d, 0x36, 0x75, 0xed, 0x93,
0x8e, 0x9c, 0x71, 0x66, 0x70, 0x9d, 0xd9, 0x46
};
/*
* A property query used for selecting the GMAC implementation and the
* underlying GCM mode cipher.
*/
static char *propq = NULL;
int main(int argc, char **argv)
{
int rv = EXIT_FAILURE;
EVP_MAC *mac = NULL;
EVP_MAC_CTX *mctx = NULL;
unsigned char out[16];
OSSL_PARAM params[4], *p = params;
OSSL_LIB_CTX *library_context = NULL;
size_t out_len = 0;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto end;
}
/* Fetch the GMAC implementation */
mac = EVP_MAC_fetch(library_context, "GMAC", propq);
if (mac == NULL) {
fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");
goto end;
}
/* Create a context for the GMAC operation */
mctx = EVP_MAC_CTX_new(mac);
if (mctx == NULL) {
fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");
goto end;
}
/* GMAC requries a GCM mode cipher to be specified */
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
"AES-128-GCM", 0);
/*
* If a non-default property query is required when fetching the GCM mode
* cipher, it needs to be specified too.
*/
if (propq != NULL)
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_PROPERTIES,
propq, 0);
/* Set the initialisation vector (IV) */
*p++ = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV,
iv, sizeof(iv));
*p = OSSL_PARAM_construct_end();
/* Initialise the GMAC operation */
if (!EVP_MAC_init(mctx, key, sizeof(key), params)) {
fprintf(stderr, "EVP_MAC_init() failed\n");
goto end;
}
/* Make one or more calls to process the data to be authenticated */
if (!EVP_MAC_update(mctx, data, sizeof(data))) {
fprintf(stderr, "EVP_MAC_update() failed\n");
goto end;
}
/* Make one call to the final to get the MAC */
if (!EVP_MAC_final(mctx, out, &out_len, sizeof(out))) {
fprintf(stderr, "EVP_MAC_final() failed\n");
goto end;
}
printf("Generated MAC:\n");
BIO_dump_indent_fp(stdout, out, out_len, 2);
putchar('\n');
if (out_len != sizeof(expected_output)) {
fprintf(stderr, "Generated MAC has an unexpected length\n");
goto end;
}
if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
fprintf(stderr, "Generated MAC does not match expected value\n");
goto end;
}
rv = EXIT_SUCCESS;
end:
EVP_MAC_CTX_free(mctx);
EVP_MAC_free(mac);
OSSL_LIB_CTX_free(library_context);
if (rv != EXIT_SUCCESS)
ERR_print_errors_fp(stderr);
return rv;
}

166
deps/openssl/openssl/demos/mac/hmac-sha512.c vendored
View File

@ -1,166 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Example of using EVP_MAC_ methods to calculate
* a HMAC of static buffers
*/
#include <string.h>
#include <stdio.h>
#include <openssl/crypto.h>
#include <openssl/core_names.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/params.h>
/*
* Hard coding the key into an application is very bad.
* It is done here solely for educational purposes.
*/
static unsigned char key[] = {
0x25, 0xfd, 0x12, 0x99, 0xdf, 0xad, 0x1a, 0x03,
0x0a, 0x81, 0x3c, 0x2d, 0xcc, 0x05, 0xd1, 0x5c,
0x17, 0x7a, 0x36, 0x73, 0x17, 0xef, 0x41, 0x75,
0x71, 0x18, 0xe0, 0x1a, 0xda, 0x99, 0xc3, 0x61,
0x38, 0xb5, 0xb1, 0xe0, 0x82, 0x2c, 0x70, 0xa4,
0xc0, 0x8e, 0x5e, 0xf9, 0x93, 0x9f, 0xcf, 0xf7,
0x32, 0x4d, 0x0c, 0xbd, 0x31, 0x12, 0x0f, 0x9a,
0x15, 0xee, 0x82, 0xdb, 0x8d, 0x29, 0x54, 0x14,
};
static const unsigned char data[] =
"To be, or not to be, that is the question,\n"
"Whether tis nobler in the minde to suffer\n"
"The ſlings and arrowes of outragious fortune,\n"
"Or to take Armes again in a sea of troubles,\n"
"And by opposing, end them, to die to sleep;\n"
"No more, and by a sleep, to say we end\n"
"The heart-ache, and the thousand natural shocks\n"
"That flesh is heir to? tis a consumation\n"
"Devoutly to be wished. To die to sleep,\n"
"To sleepe, perchance to dreame, Aye, there's the rub,\n"
"For in that sleep of death what dreams may come\n"
"When we haue shuffled off this mortal coil\n"
"Must give us pause. There's the respect\n"
"That makes calamity of so long life:\n"
"For who would bear the Ships and Scorns of time,\n"
"The oppressor's wrong, the proud man's Contumely,\n"
"The pangs of dispised love, the Law's delay,\n"
;
/* The known value of the HMAC/SHA3-512 MAC of the above soliloqy */
static const unsigned char expected_output[] = {
0x3b, 0x77, 0x5f, 0xf1, 0x4f, 0x9e, 0xb9, 0x23,
0x8f, 0xdc, 0xa0, 0x68, 0x15, 0x7b, 0x8a, 0xf1,
0x96, 0x23, 0xaa, 0x3c, 0x1f, 0xe9, 0xdc, 0x89,
0x11, 0x7d, 0x58, 0x07, 0xe7, 0x96, 0x17, 0xe3,
0x44, 0x8b, 0x03, 0x37, 0x91, 0xc0, 0x6e, 0x06,
0x7c, 0x54, 0xe4, 0xa4, 0xcc, 0xd5, 0x16, 0xbb,
0x5e, 0x4d, 0x64, 0x7d, 0x88, 0x23, 0xc9, 0xb7,
0x25, 0xda, 0xbe, 0x4b, 0xe4, 0xd5, 0x34, 0x30,
};
/*
* A property query used for selecting the MAC implementation.
*/
static const char *propq = NULL;
int main(void)
{
int rv = EXIT_FAILURE;
OSSL_LIB_CTX *library_context = NULL;
EVP_MAC *mac = NULL;
EVP_MAC_CTX *mctx = NULL;
EVP_MD_CTX *digest_context = NULL;
unsigned char *out = NULL;
size_t out_len = 0;
OSSL_PARAM params[4], *p = params;
char digest_name[] = "SHA3-512";
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto end;
}
/* Fetch the HMAC implementation */
mac = EVP_MAC_fetch(library_context, "HMAC", propq);
if (mac == NULL) {
fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");
goto end;
}
/* Create a context for the HMAC operation */
mctx = EVP_MAC_CTX_new(mac);
if (mctx == NULL) {
fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");
goto end;
}
/* The underlying digest to be used */
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, digest_name,
sizeof(digest_name));
*p = OSSL_PARAM_construct_end();
/* Initialise the HMAC operation */
if (!EVP_MAC_init(mctx, key, sizeof(key), params)) {
fprintf(stderr, "EVP_MAC_init() failed\n");
goto end;
}
/* Make one or more calls to process the data to be authenticated */
if (!EVP_MAC_update(mctx, data, sizeof(data))) {
fprintf(stderr, "EVP_MAC_update() failed\n");
goto end;
}
/* Make a call to the final with a NULL buffer to get the length of the MAC */
if (!EVP_MAC_final(mctx, NULL, &out_len, 0)) {
fprintf(stderr, "EVP_MAC_final() failed\n");
goto end;
}
out = OPENSSL_malloc(out_len);
if (out == NULL) {
fprintf(stderr, "malloc failed\n");
goto end;
}
/* Make one call to the final to get the MAC */
if (!EVP_MAC_final(mctx, out, &out_len, out_len)) {
fprintf(stderr, "EVP_MAC_final() failed\n");
goto end;
}
printf("Generated MAC:\n");
BIO_dump_indent_fp(stdout, out, out_len, 2);
putchar('\n');
if (out_len != sizeof(expected_output)) {
fprintf(stderr, "Generated MAC has an unexpected length\n");
goto end;
}
if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
fprintf(stderr, "Generated MAC does not match expected value\n");
goto end;
}
rv = EXIT_SUCCESS;
end:
if (rv != EXIT_SUCCESS)
ERR_print_errors_fp(stderr);
/* OpenSSL free functions will ignore NULL arguments */
OPENSSL_free(out);
EVP_MD_CTX_free(digest_context);
EVP_MAC_CTX_free(mctx);
EVP_MAC_free(mac);
OSSL_LIB_CTX_free(library_context);
return rv;
}

209
deps/openssl/openssl/demos/mac/poly1305.c vendored
View File

@ -1,209 +0,0 @@
/*
* Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/core_names.h>
#include <openssl/evp.h>
#include <openssl/params.h>
#include <openssl/err.h>
/*
* This is a demonstration of how to compute Poly1305-AES using the OpenSSL
* Poly1305 and AES providers and the EVP API.
*
* Please note that:
*
* - Poly1305 must never be used alone and must be used in conjunction with
* another primitive which processes the input nonce to be secure;
*
* - you must never pass a nonce to the Poly1305 primitive directly;
*
* - Poly1305 exhibits catastrophic failure (that is, can be broken) if a
* nonce is ever reused for a given key.
*
* If you are looking for a general purpose MAC, you should consider using a
* different MAC and looking at one of the other examples, unless you have a
* good familiarity with the details and caveats of Poly1305.
*
* This example uses AES, as described in the original paper, "The Poly1305-AES
* message authentication code":
* https://cr.yp.to/mac/poly1305-20050329.pdf
*
* The test vectors below are from that paper.
*/
/*
* Hard coding the key into an application is very bad.
* It is done here solely for educational purposes.
* These are the "r" and "k" inputs to Poly1305-AES.
*/
static const unsigned char test_r[] = {
0x85, 0x1f, 0xc4, 0x0c, 0x34, 0x67, 0xac, 0x0b,
0xe0, 0x5c, 0xc2, 0x04, 0x04, 0xf3, 0xf7, 0x00
};
static const unsigned char test_k[] = {
0xec, 0x07, 0x4c, 0x83, 0x55, 0x80, 0x74, 0x17,
0x01, 0x42, 0x5b, 0x62, 0x32, 0x35, 0xad, 0xd6
};
/*
* Hard coding a nonce must not be done under any circumstances and is done here
* purely for demonstration purposes. Please note that Poly1305 exhibits
* catastrophic failure (that is, can be broken) if a nonce is ever reused for a
* given key.
*/
static const unsigned char test_n[] = {
0xfb, 0x44, 0x73, 0x50, 0xc4, 0xe8, 0x68, 0xc5,
0x2a, 0xc3, 0x27, 0x5c, 0xf9, 0xd4, 0x32, 0x7e
};
/* Input message. */
static const unsigned char test_m[] = {
0xf3, 0xf6
};
static const unsigned char expected_output[] = {
0xf4, 0xc6, 0x33, 0xc3, 0x04, 0x4f, 0xc1, 0x45,
0xf8, 0x4f, 0x33, 0x5c, 0xb8, 0x19, 0x53, 0xde
};
/*
* A property query used for selecting the POLY1305 implementation.
*/
static char *propq = NULL;
int main(int argc, char **argv)
{
int rv = EXIT_FAILURE;
EVP_CIPHER *aes = NULL;
EVP_CIPHER_CTX *aesctx = NULL;
EVP_MAC *mac = NULL;
EVP_MAC_CTX *mctx = NULL;
unsigned char composite_key[32];
unsigned char out[16];
OSSL_LIB_CTX *library_context = NULL;
size_t out_len = 0;
int aes_len = 0;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto end;
}
/* Fetch the Poly1305 implementation */
mac = EVP_MAC_fetch(library_context, "POLY1305", propq);
if (mac == NULL) {
fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");
goto end;
}
/* Create a context for the Poly1305 operation */
mctx = EVP_MAC_CTX_new(mac);
if (mctx == NULL) {
fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");
goto end;
}
/* Fetch the AES implementation */
aes = EVP_CIPHER_fetch(library_context, "AES-128-ECB", propq);
if (aes == NULL) {
fprintf(stderr, "EVP_CIPHER_fetch() returned NULL\n");
goto end;
}
/* Create a context for AES */
aesctx = EVP_CIPHER_CTX_new();
if (aesctx == NULL) {
fprintf(stderr, "EVP_CIPHER_CTX_new() returned NULL\n");
goto end;
}
/* Initialize the AES cipher with the 128-bit key k */
if (!EVP_EncryptInit_ex(aesctx, aes, NULL, test_k, NULL)) {
fprintf(stderr, "EVP_EncryptInit_ex() failed\n");
goto end;
}
/*
* Disable padding for the AES cipher. We do not strictly need to do this as
* we are encrypting a single block and thus there are no alignment or
* padding concerns, but this ensures that the operation below fails if
* padding would be required for some reason, which in this circumstance
* would indicate an implementation bug.
*/
if (!EVP_CIPHER_CTX_set_padding(aesctx, 0)) {
fprintf(stderr, "EVP_CIPHER_CTX_set_padding() failed\n");
goto end;
}
/*
* Computes the value AES_k(n) which we need for our Poly1305-AES
* computation below.
*/
if (!EVP_EncryptUpdate(aesctx, composite_key + 16, &aes_len,
test_n, sizeof(test_n))) {
fprintf(stderr, "EVP_EncryptUpdate() failed\n");
goto end;
}
/*
* The Poly1305 provider expects the key r to be passed as the first 16
* bytes of the "key" and the processed nonce (that is, AES_k(n)) to be
* passed as the second 16 bytes of the "key". We already put the processed
* nonce in the correct place above, so copy r into place.
*/
memcpy(composite_key, test_r, 16);
/* Initialise the Poly1305 operation */
if (!EVP_MAC_init(mctx, composite_key, sizeof(composite_key), NULL)) {
fprintf(stderr, "EVP_MAC_init() failed\n");
goto end;
}
/* Make one or more calls to process the data to be authenticated */
if (!EVP_MAC_update(mctx, test_m, sizeof(test_m))) {
fprintf(stderr, "EVP_MAC_update() failed\n");
goto end;
}
/* Make one call to the final to get the MAC */
if (!EVP_MAC_final(mctx, out, &out_len, sizeof(out))) {
fprintf(stderr, "EVP_MAC_final() failed\n");
goto end;
}
printf("Generated MAC:\n");
BIO_dump_indent_fp(stdout, out, out_len, 2);
putchar('\n');
if (out_len != sizeof(expected_output)) {
fprintf(stderr, "Generated MAC has an unexpected length\n");
goto end;
}
if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
fprintf(stderr, "Generated MAC does not match expected value\n");
goto end;
}
rv = EXIT_SUCCESS;
end:
EVP_CIPHER_CTX_free(aesctx);
EVP_CIPHER_free(aes);
EVP_MAC_CTX_free(mctx);
EVP_MAC_free(mac);
OSSL_LIB_CTX_free(library_context);
if (rv != EXIT_SUCCESS)
ERR_print_errors_fp(stderr);
return rv;
}

129
deps/openssl/openssl/demos/mac/siphash.c vendored
View File

@ -1,129 +0,0 @@
/*
* Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <stdlib.h>
#include <openssl/core_names.h>
#include <openssl/evp.h>
#include <openssl/params.h>
#include <openssl/err.h>
/*
* Taken from the test vector from the paper "SipHash: a fast short-input PRF".
* https://www.aumasson.jp/siphash/siphash.pdf
*/
/*
* Hard coding the key into an application is very bad.
* It is done here solely for educational purposes.
*/
static unsigned char key[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
};
static unsigned char data[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e
};
static const unsigned char expected_output[] = {
0xe5, 0x45, 0xbe, 0x49, 0x61, 0xca, 0x29, 0xa1
};
/*
* A property query used for selecting the SIPHASH implementation.
*/
static char *propq = NULL;
int main(int argc, char **argv)
{
int rv = EXIT_FAILURE;
EVP_MAC *mac = NULL;
EVP_MAC_CTX *mctx = NULL;
unsigned char out[8];
OSSL_PARAM params[4], *p = params;
OSSL_LIB_CTX *library_context = NULL;
unsigned int digest_len = 8, c_rounds = 2, d_rounds = 4;
size_t out_len = 0;
library_context = OSSL_LIB_CTX_new();
if (library_context == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto end;
}
/* Fetch the SipHash implementation */
mac = EVP_MAC_fetch(library_context, "SIPHASH", propq);
if (mac == NULL) {
fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");
goto end;
}
/* Create a context for the SipHash operation */
mctx = EVP_MAC_CTX_new(mac);
if (mctx == NULL) {
fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");
goto end;
}
/* SipHash can support either 8 or 16-byte digests. */
*p++ = OSSL_PARAM_construct_uint(OSSL_MAC_PARAM_SIZE, &digest_len);
/*
* The number of C-rounds and D-rounds is configurable. Standard SipHash
* uses values of 2 and 4 respectively. The following lines are unnecessary
* as they set the default, but demonstrate how to change these values.
*/
*p++ = OSSL_PARAM_construct_uint(OSSL_MAC_PARAM_C_ROUNDS, &c_rounds);
*p++ = OSSL_PARAM_construct_uint(OSSL_MAC_PARAM_D_ROUNDS, &d_rounds);
*p = OSSL_PARAM_construct_end();
/* Initialise the SIPHASH operation */
if (!EVP_MAC_init(mctx, key, sizeof(key), params)) {
fprintf(stderr, "EVP_MAC_init() failed\n");
goto end;
}
/* Make one or more calls to process the data to be authenticated */
if (!EVP_MAC_update(mctx, data, sizeof(data))) {
fprintf(stderr, "EVP_MAC_update() failed\n");
goto end;
}
/* Make one call to the final to get the MAC */
if (!EVP_MAC_final(mctx, out, &out_len, sizeof(out))) {
fprintf(stderr, "EVP_MAC_final() failed\n");
goto end;
}
printf("Generated MAC:\n");
BIO_dump_indent_fp(stdout, out, out_len, 2);
putchar('\n');
if (out_len != sizeof(expected_output)) {
fprintf(stderr, "Generated MAC has an unexpected length\n");
goto end;
}
if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
fprintf(stderr, "Generated MAC does not match expected value\n");
goto end;
}
rv = EXIT_SUCCESS;
end:
EVP_MAC_CTX_free(mctx);
EVP_MAC_free(mac);
OSSL_LIB_CTX_free(library_context);
if (rv != EXIT_SUCCESS)
ERR_print_errors_fp(stderr);
return rv;
}

111
deps/openssl/openssl/demos/pkcs12/pkread.c vendored
View File

@ -1,111 +0,0 @@
/*
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <stdlib.h>
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/pkcs12.h>
/* Simple PKCS#12 file reader */
static char *find_friendly_name(PKCS12 *p12)
{
STACK_OF(PKCS7) *safes;
int n, m;
char *name = NULL;
PKCS7 *safe;
STACK_OF(PKCS12_SAFEBAG) *bags;
PKCS12_SAFEBAG *bag;
if ((safes = PKCS12_unpack_authsafes(p12)) == NULL)
return NULL;
for (n = 0; n < sk_PKCS7_num(safes) && name == NULL; n++) {
safe = sk_PKCS7_value(safes, n);
if (OBJ_obj2nid(safe->type) != NID_pkcs7_data
|| (bags = PKCS12_unpack_p7data(safe)) == NULL)
continue;
for (m = 0; m < sk_PKCS12_SAFEBAG_num(bags) && name == NULL; m++) {
bag = sk_PKCS12_SAFEBAG_value(bags, m);
name = PKCS12_get_friendlyname(bag);
}
sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
}
sk_PKCS7_pop_free(safes, PKCS7_free);
return name;
}
int main(int argc, char **argv)
{
FILE *fp;
EVP_PKEY *pkey = NULL;
X509 *cert = NULL;
STACK_OF(X509) *ca = NULL;
PKCS12 *p12 = NULL;
char *name = NULL;
int i, ret = EXIT_FAILURE;
if (argc != 4) {
fprintf(stderr, "Usage: pkread p12file password opfile\n");
exit(EXIT_FAILURE);
}
if ((fp = fopen(argv[1], "rb")) == NULL) {
fprintf(stderr, "Error opening file %s\n", argv[1]);
exit(EXIT_FAILURE);
}
p12 = d2i_PKCS12_fp(fp, NULL);
fclose(fp);
if (p12 == NULL) {
fprintf(stderr, "Error reading PKCS#12 file\n");
ERR_print_errors_fp(stderr);
goto err;
}
if (!PKCS12_parse(p12, argv[2], &pkey, &cert, &ca)) {
fprintf(stderr, "Error parsing PKCS#12 file\n");
ERR_print_errors_fp(stderr);
goto err;
}
name = find_friendly_name(p12);
PKCS12_free(p12);
if ((fp = fopen(argv[3], "w")) == NULL) {
fprintf(stderr, "Error opening file %s\n", argv[3]);
goto err;
}
if (name != NULL)
fprintf(fp, "***Friendly Name***\n%s\n", name);
if (pkey != NULL) {
fprintf(fp, "***Private Key***\n");
PEM_write_PrivateKey(fp, pkey, NULL, NULL, 0, NULL, NULL);
}
if (cert != NULL) {
fprintf(fp, "***User Certificate***\n");
PEM_write_X509_AUX(fp, cert);
}
if (ca != NULL && sk_X509_num(ca) > 0) {
fprintf(fp, "***Other Certificates***\n");
for (i = 0; i < sk_X509_num(ca); i++)
PEM_write_X509_AUX(fp, sk_X509_value(ca, i));
}
fclose(fp);
ret = EXIT_SUCCESS;
err:
OPENSSL_free(name);
X509_free(cert);
EVP_PKEY_free(pkey);
sk_X509_pop_free(ca, X509_free);
return ret;
}

53
deps/openssl/openssl/demos/pkcs12/pkwrite.c vendored
View File

@ -1,53 +0,0 @@
/*
* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <stdlib.h>
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/pkcs12.h>
/* Simple PKCS#12 file creator */
int main(int argc, char **argv)
{
FILE *fp;
EVP_PKEY *pkey;
X509 *cert;
PKCS12 *p12;
if (argc != 5) {
fprintf(stderr, "Usage: pkwrite infile password name p12file\n");
exit(1);
}
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
if ((fp = fopen(argv[1], "r")) == NULL) {
fprintf(stderr, "Error opening file %s\n", argv[1]);
exit(1);
}
cert = PEM_read_X509(fp, NULL, NULL, NULL);
rewind(fp);
pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
fclose(fp);
p12 = PKCS12_create(argv[2], argv[3], pkey, cert, NULL, 0, 0, 0, 0, 0);
if (!p12) {
fprintf(stderr, "Error creating PKCS#12 structure\n");
ERR_print_errors_fp(stderr);
exit(1);
}
if ((fp = fopen(argv[4], "wb")) == NULL) {
fprintf(stderr, "Error opening file %s\n", argv[4]);
ERR_print_errors_fp(stderr);
exit(1);
}
i2d_PKCS12_fp(fp, p12);
PKCS12_free(p12);
fclose(fp);
return 0;
}

83
deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_keygen.c vendored
View File

@ -1,83 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Example showing how to generate an DSA key pair.
*/
#include <openssl/evp.h>
#include "dsa.inc"
/*
* Generate dsa params using default values.
* See the EVP_PKEY_DSA_param_fromdata demo if you need
* to load DSA params from raw values.
* See the EVP_PKEY_DSA_paramgen demo if you need to
* use non default parameters.
*/
EVP_PKEY *dsa_genparams(OSSL_LIB_CTX *libctx, const char *propq)
{
EVP_PKEY *dsaparamkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
/* Use the dsa params in a EVP_PKEY ctx */
ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", propq);
if (ctx == NULL) {
fprintf(stderr, "EVP_PKEY_CTX_new_from_name() failed\n");
return NULL;
}
if (EVP_PKEY_paramgen_init(ctx) <= 0
|| EVP_PKEY_paramgen(ctx, &dsaparamkey) <= 0) {
fprintf(stderr, "DSA paramgen failed\n");
goto cleanup;
}
cleanup:
EVP_PKEY_CTX_free(ctx);
return dsaparamkey;
}
int main(int argc, char **argv)
{
int rv = EXIT_FAILURE;
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
EVP_PKEY *dsaparamskey = NULL;
EVP_PKEY *dsakey = NULL;
EVP_PKEY_CTX *ctx = NULL;
/* Generate random dsa params */
dsaparamskey = dsa_genparams(libctx, propq);
if (dsaparamskey == NULL)
goto cleanup;
/* Use the dsa params in a EVP_PKEY ctx */
ctx = EVP_PKEY_CTX_new_from_pkey(libctx, dsaparamskey, propq);
if (ctx == NULL) {
fprintf(stderr, "EVP_PKEY_CTX_new_from_pkey() failed\n");
goto cleanup;
}
/* Generate a key using the dsa params */
if (EVP_PKEY_keygen_init(ctx) <= 0
|| EVP_PKEY_keygen(ctx, &dsakey) <= 0) {
fprintf(stderr, "DSA keygen failed\n");
goto cleanup;
}
if (!dsa_print_key(dsakey, 1, libctx, propq))
goto cleanup;
rv = EXIT_SUCCESS;
cleanup:
EVP_PKEY_free(dsakey);
EVP_PKEY_free(dsaparamskey);
EVP_PKEY_CTX_free(ctx);
return rv;
}

75
deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramfromdata.c vendored
View File

@ -1,75 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Example showing how to load DSA params from raw data
* using EVP_PKEY_fromdata()
*/
#include <openssl/param_build.h>
#include <openssl/evp.h>
#include <openssl/core_names.h>
#include "dsa.inc"
int main(int argc, char **argv)
{
int rv = EXIT_FAILURE;
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
EVP_PKEY_CTX *ctx = NULL;
EVP_PKEY *dsaparamkey = NULL;
OSSL_PARAM_BLD *bld = NULL;
OSSL_PARAM *params = NULL;
BIGNUM *p = NULL, *q = NULL, *g = NULL;
p = BN_bin2bn(dsa_p, sizeof(dsa_p), NULL);
q = BN_bin2bn(dsa_q, sizeof(dsa_q), NULL);
g = BN_bin2bn(dsa_g, sizeof(dsa_g), NULL);
if (p == NULL || q == NULL || g == NULL)
goto cleanup;
/* Use OSSL_PARAM_BLD if you need to handle BIGNUM Parameters */
bld = OSSL_PARAM_BLD_new();
if (bld == NULL)
goto cleanup;
if (!OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p)
|| !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q)
|| !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
goto cleanup;
params = OSSL_PARAM_BLD_to_param(bld);
if (params == NULL)
goto cleanup;
ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", propq);
if (ctx == NULL) {
fprintf(stderr, "EVP_PKEY_CTX_new_from_name() failed\n");
goto cleanup;
}
if (EVP_PKEY_fromdata_init(ctx) <= 0
|| EVP_PKEY_fromdata(ctx, &dsaparamkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) {
fprintf(stderr, "EVP_PKEY_fromdata() failed\n");
goto cleanup;
}
if (!dsa_print_key(dsaparamkey, 0, libctx, propq))
goto cleanup;
rv = EXIT_SUCCESS;
cleanup:
EVP_PKEY_free(dsaparamkey);
EVP_PKEY_CTX_free(ctx);
OSSL_PARAM_free(params);
OSSL_PARAM_BLD_free(bld);
BN_free(g);
BN_free(q);
BN_free(p);
return rv;
}

66
deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramgen.c vendored
View File

@ -1,66 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Example showing how to generate DSA params using
* FIPS 186-4 DSA FFC parameter generation.
*/
#include <openssl/evp.h>
#include "dsa.inc"
int main(int argc, char **argv)
{
int rv = EXIT_FAILURE;
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
EVP_PKEY_CTX *ctx = NULL;
EVP_PKEY *dsaparamkey = NULL;
OSSL_PARAM params[7];
unsigned int pbits = 2048;
unsigned int qbits = 256;
int gindex = 42;
ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", propq);
if (ctx == NULL)
goto cleanup;
/*
* Demonstrate how to set optional DSA fields as params.
* See doc/man7/EVP_PKEY-FFC.pod and doc/man7/EVP_PKEY-DSA.pod
* for more information.
*/
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE,
"fips186_4", 0);
params[1] = OSSL_PARAM_construct_uint(OSSL_PKEY_PARAM_FFC_PBITS, &pbits);
params[2] = OSSL_PARAM_construct_uint(OSSL_PKEY_PARAM_FFC_QBITS, &qbits);
params[3] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_GINDEX, &gindex);
params[4] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_DIGEST,
"SHA384", 0);
params[5] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_DIGEST_PROPS,
"provider=default", 0);
params[6] = OSSL_PARAM_construct_end();
/* Generate a dsa param key using optional params */
if (EVP_PKEY_paramgen_init(ctx) <= 0
|| EVP_PKEY_CTX_set_params(ctx, params) <= 0
|| EVP_PKEY_paramgen(ctx, &dsaparamkey) <= 0) {
fprintf(stderr, "DSA paramgen failed\n");
goto cleanup;
}
if (!dsa_print_key(dsaparamkey, 0, libctx, propq))
goto cleanup;
rv = EXIT_SUCCESS;
cleanup:
EVP_PKEY_free(dsaparamkey);
EVP_PKEY_CTX_free(ctx);
return rv;
}

202
deps/openssl/openssl/demos/pkey/EVP_PKEY_DSA_paramvalidate.c vendored
View File

@ -1,202 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Example showing how to validate DSA parameters.
*
* Proper FIPS 186-4 DSA (FFC) parameter validation requires that all
* the parameters used during parameter generation are supplied
* when doing the validation. Unfortunately saving DSA parameters as
* a PEM or DER file does not write out all required fields. Because
* of this the default provider normally only does a partial
* validation. The FIPS provider will however try to do a full
* validation. To force the default provider to use full
* validation the 'seed' that is output during generation must be
* added to the key. See doc/man7/EVP_PKEY-FFC for more information.
*/
#include <openssl/evp.h>
#include <openssl/core_names.h>
#include <openssl/pem.h>
#include "dsa.inc"
/* The following values were output from the EVP_PKEY_DSA_paramgen demo */
static const char dsapem[] =
"-----BEGIN DSA PARAMETERS-----\n"
"MIICLAKCAQEA1pobSR1FJ3+Tvi0J6Tk1PSV2owZey1Nuo847hGw/59VCS6RPQEqr\n"
"vp5fhbvBjupBeVGA/AMH6rI4i4h6jlhurrqH1CqUHVcDhJzxV668bMLiP3mIxg5o\n"
"9Yq8x6BnSOtH5Je0tpeE0/fEvvLjCwBUbwnwWxzjANcvDUEt9XYeRrtB2v52fr56\n"
"hVYz3wMMNog4CEDOLTvx7/84eVPuUeWDRQFH1EaHMdulP34KBcatEEpEZapkepng\n"
"nohm9sFSPQhq2utpkH7pNXdG0EILBtRDCvUpF5720a48LYofdggh2VEZfgElAGFk\n"
"dW/CkvyBDmGIzil5aTz4MMsdudaVYgzt6wIhAPsSGC42Qa+X0AFGvonb5nmfUVm/\n"
"8aC+tHk7Nb2AYLHXAoIBADx5C0H1+QHsmGKvuOaY+WKUt7aWUrEivD1zBMJAQ6bL\n"
"Wv9lbCq1CFHvVzojeOVpn872NqDEpkx4HTpvqhxWL5CkbN/HaGItsQzkD59AQg3v\n"
"4YsLlkesq9Jq6x/aWetJXWO36fszFv1gpD3NY3wliBvMYHx62jfc5suh9D3ZZvu7\n"
"PLGH4X4kcfzK/R2b0oVbEBjVTe5GMRYZRqnvfSW2f2fA7BzI1OL83UxDDe58cL2M\n"
"GcAoUYXOBAfZ37qLMm2juf+o5gCrT4CXfRPu6kbapt7V/YIc1nsNgeAOKKoFBHBQ\n"
"gc5u5G6G/j79FVoSDq9DYwTJcHPsU+eHj1uWHso1AjQ=\n"
"-----END DSA PARAMETERS-----\n";
static const char hexseed[] =
"cba30ccd905aa7675a0b81769704bf3c"
"ccf2ca1892b2eaf6b9e2b38d9bf6affc"
"42ada55986d8a1772b442770954d0b65";
const int gindex = 42;
const int pcounter = 363;
static const char digest[] = "SHA384";
/*
* Create a new dsa param key that is the combination of an existing param key
* plus extra parameters.
*/
EVP_PKEY_CTX *create_merged_key(EVP_PKEY *dsaparams, const OSSL_PARAM *newparams,
OSSL_LIB_CTX *libctx, const char *propq)
{
EVP_PKEY_CTX *out = NULL;
EVP_PKEY_CTX *ctx = NULL;
EVP_PKEY *pkey = NULL;
OSSL_PARAM *mergedparams = NULL;
OSSL_PARAM *loadedparams = NULL;
/* Specify EVP_PKEY_KEY_PUBLIC here if you have a public key */
if (EVP_PKEY_todata(dsaparams, EVP_PKEY_KEY_PARAMETERS, &loadedparams) <= 0) {
fprintf(stderr, "EVP_PKEY_todata() failed\n");
goto cleanup;
}
mergedparams = OSSL_PARAM_merge(loadedparams, newparams);
if (mergedparams == NULL) {
fprintf(stderr, "OSSL_PARAM_merge() failed\n");
goto cleanup;
}
ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", propq);
if (ctx == NULL) {
fprintf(stderr, "EVP_PKEY_CTX_new_from_name() failed\n");
goto cleanup;
}
if (EVP_PKEY_fromdata_init(ctx) <= 0
|| EVP_PKEY_fromdata(ctx, &pkey,
EVP_PKEY_KEY_PARAMETERS, mergedparams) <= 0) {
fprintf(stderr, "EVP_PKEY_fromdata() failed\n");
goto cleanup;
}
out = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
if (out == NULL) {
fprintf(stderr, "EVP_PKEY_CTX_new_from_pkey() failed\n");
goto cleanup;
}
cleanup:
EVP_PKEY_free(pkey);
OSSL_PARAM_free(loadedparams);
OSSL_PARAM_free(mergedparams);
EVP_PKEY_CTX_free(ctx);
return out;
}
int main(int argc, char **argv)
{
int rv = EXIT_FAILURE;
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
EVP_PKEY *dsaparamskey = NULL;
EVP_PKEY_CTX *ctx = NULL;
EVP_PKEY_CTX *ctx1 = NULL;
EVP_PKEY_CTX *ctx2 = NULL;
BIO *in = NULL;
OSSL_PARAM params[6];
unsigned char seed[64];
size_t seedlen;
if (!OPENSSL_hexstr2buf_ex(seed, sizeof(seed), &seedlen, hexseed, '\0'))
goto cleanup;
/*
* This example loads the PEM data from a memory buffer
* Use BIO_new_fp() to load a PEM file instead
*/
in = BIO_new_mem_buf(dsapem, strlen(dsapem));
if (in == NULL) {
fprintf(stderr, "BIO_new_mem_buf() failed\n");
goto cleanup;
}
/* Load DSA params from pem data */
dsaparamskey = PEM_read_bio_Parameters_ex(in, NULL, libctx, propq);
if (dsaparamskey == NULL) {
fprintf(stderr, "Failed to load dsa params\n");
goto cleanup;
}
ctx = EVP_PKEY_CTX_new_from_pkey(libctx, dsaparamskey, propq);
if (ctx == NULL) {
fprintf(stderr, "EVP_PKEY_CTX_new_from_pkey() failed\n");
goto cleanup;
}
/*
* When using the default provider this only does a partial check to
* make sure that the values of p, q and g are ok.
* This will fail however if the FIPS provider is used since it does
* a proper FIPS 186-4 key validation which requires extra parameters
*/
if (EVP_PKEY_param_check(ctx) <= 0) {
fprintf(stderr, "Simple EVP_PKEY_param_check() failed \n");
goto cleanup;
}
/*
* Setup parameters that we want to add.
* For illustration purposes it deliberately omits a required parameter.
*/
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE,
"fips186_4", 0);
/* Force it to do a proper validation by setting the seed */
params[1] = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_FFC_SEED,
(void *)seed, seedlen);
params[2] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_GINDEX, (int *)&gindex);
params[3] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_PCOUNTER, (int *)&pcounter);
params[4] = OSSL_PARAM_construct_end();
/* generate a new key that is the combination of the existing key and the new params */
ctx1 = create_merged_key(dsaparamskey, params, libctx, propq);
if (ctx1 == NULL)
goto cleanup;
/* This will fail since not all the parameters used for key generation are added */
if (EVP_PKEY_param_check(ctx1) > 0) {
fprintf(stderr, "EVP_PKEY_param_check() should fail\n");
goto cleanup;
}
/*
* Add the missing parameters onto the end of the existing list of params
* If the default was used for the generation then this parameter is not
* needed
*/
params[4] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_DIGEST,
(char *)digest, 0);
params[5] = OSSL_PARAM_construct_end();
ctx2 = create_merged_key(dsaparamskey, params, libctx, propq);
if (ctx2 == NULL)
goto cleanup;
if (EVP_PKEY_param_check(ctx2) <= 0) {
fprintf(stderr, "EVP_PKEY_param_check() failed\n");
goto cleanup;
}
if (!dsa_print_key(EVP_PKEY_CTX_get0_pkey(ctx2), 0, libctx, propq))
goto cleanup;
rv = EXIT_SUCCESS;
cleanup:
EVP_PKEY_free(dsaparamskey);
EVP_PKEY_CTX_free(ctx2);
EVP_PKEY_CTX_free(ctx1);
EVP_PKEY_CTX_free(ctx);
BIO_free(in);
return rv;
}

155
deps/openssl/openssl/demos/pkey/EVP_PKEY_EC_keygen.c vendored
View File

@ -1,155 +0,0 @@
/*-
* Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Example showing how to generate an EC key and extract values from the
* generated key.
*/
#include <string.h>
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/core_names.h>
static int get_key_values(EVP_PKEY *pkey);
/*
* The following code shows how to generate an EC key from a curve name
* with additional parameters. If only the curve name is required then the
* simple helper can be used instead i.e. Either
* pkey = EVP_EC_gen(curvename); OR
* pkey = EVP_PKEY_Q_keygen(libctx, propq, "EC", curvename);
*/
static EVP_PKEY *do_ec_keygen(void)
{
/*
* The libctx and propq can be set if required, they are included here
* to show how they are passed to EVP_PKEY_CTX_new_from_name().
*/
OSSL_LIB_CTX *libctx = NULL;
const char *propq = NULL;
EVP_PKEY *key = NULL;
OSSL_PARAM params[3];
EVP_PKEY_CTX *genctx = NULL;
const char *curvename = "P-256";
int use_cofactordh = 1;
genctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", propq);
if (genctx == NULL) {
fprintf(stderr, "EVP_PKEY_CTX_new_from_name() failed\n");
goto cleanup;
}
if (EVP_PKEY_keygen_init(genctx) <= 0) {
fprintf(stderr, "EVP_PKEY_keygen_init() failed\n");
goto cleanup;
}
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
(char *)curvename, 0);
/*
* This is an optional parameter.
* For many curves where the cofactor is 1, setting this has no effect.
*/
params[1] = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH,
&use_cofactordh);
params[2] = OSSL_PARAM_construct_end();
if (!EVP_PKEY_CTX_set_params(genctx, params)) {
fprintf(stderr, "EVP_PKEY_CTX_set_params() failed\n");
goto cleanup;
}
fprintf(stdout, "Generating EC key\n\n");
if (EVP_PKEY_generate(genctx, &key) <= 0) {
fprintf(stderr, "EVP_PKEY_generate() failed\n");
goto cleanup;
}
cleanup:
EVP_PKEY_CTX_free(genctx);
return key;
}
/*
* The following code shows how retrieve key data from the generated
* EC key. See doc/man7/EVP_PKEY-EC.pod for more information.
*
* EVP_PKEY_print_private() could also be used to display the values.
*/
static int get_key_values(EVP_PKEY *pkey)
{
int result = 0;
char out_curvename[80];
unsigned char out_pubkey[80];
unsigned char out_privkey[80];
BIGNUM *out_priv = NULL;
size_t out_pubkey_len, out_privkey_len = 0;
if (!EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_GROUP_NAME,
out_curvename, sizeof(out_curvename),
NULL)) {
fprintf(stderr, "Failed to get curve name\n");
goto cleanup;
}
if (!EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_PUB_KEY,
out_pubkey, sizeof(out_pubkey),
&out_pubkey_len)) {
fprintf(stderr, "Failed to get public key\n");
goto cleanup;
}
if (!EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &out_priv)) {
fprintf(stderr, "Failed to get private key\n");
goto cleanup;
}
out_privkey_len = BN_bn2bin(out_priv, out_privkey);
if (out_privkey_len <= 0 || out_privkey_len > sizeof(out_privkey)) {
fprintf(stderr, "BN_bn2bin failed\n");
goto cleanup;
}
fprintf(stdout, "Curve name: %s\n", out_curvename);
fprintf(stdout, "Public key:\n");
BIO_dump_indent_fp(stdout, out_pubkey, out_pubkey_len, 2);
fprintf(stdout, "Private Key:\n");
BIO_dump_indent_fp(stdout, out_privkey, out_privkey_len, 2);
result = 1;
cleanup:
/* Zeroize the private key data when we free it */
BN_clear_free(out_priv);
return result;
}
int main(void)
{
int result = 0;
EVP_PKEY *pkey;
pkey = do_ec_keygen();
if (pkey == NULL)
goto cleanup;
if (!get_key_values(pkey))
goto cleanup;
/*
* At this point we can write out the generated key using
* i2d_PrivateKey() and i2d_PublicKey() if required.
*/
result = 1;
cleanup:
if (result != 1)
ERR_print_errors_fp(stderr);
EVP_PKEY_free(pkey);
return result == 0;
}

289
deps/openssl/openssl/demos/pkey/EVP_PKEY_RSA_keygen.c vendored
View File

@ -1,289 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Example showing how to generate an RSA key pair.
*
* When generating an RSA key, you must specify the number of bits in the key. A
* reasonable value would be 4096. Avoid using values below 2048. These values
* are reasonable as of 2022.
*/
#include <string.h>
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/rsa.h>
#include <openssl/core_names.h>
#include <openssl/pem.h>
/* A property query used for selecting algorithm implementations. */
static const char *propq = NULL;
/*
* Generates an RSA public-private key pair and returns it.
* The number of bits is specified by the bits argument.
*
* This uses the long way of generating an RSA key.
*/
static EVP_PKEY *generate_rsa_key_long(OSSL_LIB_CTX *libctx, unsigned int bits)
{
EVP_PKEY_CTX *genctx = NULL;
EVP_PKEY *pkey = NULL;
unsigned int primes = 2;
/* Create context using RSA algorithm. "RSA-PSS" could also be used here. */
genctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", propq);
if (genctx == NULL) {
fprintf(stderr, "EVP_PKEY_CTX_new_from_name() failed\n");
goto cleanup;
}
/* Initialize context for key generation purposes. */
if (EVP_PKEY_keygen_init(genctx) <= 0) {
fprintf(stderr, "EVP_PKEY_keygen_init() failed\n");
goto cleanup;
}
/*
* Here we set the number of bits to use in the RSA key.
* See comment at top of file for information on appropriate values.
*/
if (EVP_PKEY_CTX_set_rsa_keygen_bits(genctx, bits) <= 0) {
fprintf(stderr, "EVP_PKEY_CTX_set_rsa_keygen_bits() failed\n");
goto cleanup;
}
/*
* It is possible to create an RSA key using more than two primes.
* Do not do this unless you know why you need this.
* You ordinarily do not need to specify this, as the default is two.
*
* Both of these parameters can also be set via EVP_PKEY_CTX_set_params, but
* these functions provide a more concise way to do so.
*/
if (EVP_PKEY_CTX_set_rsa_keygen_primes(genctx, primes) <= 0) {
fprintf(stderr, "EVP_PKEY_CTX_set_rsa_keygen_primes() failed\n");
goto cleanup;
}
/*
* Generating an RSA key with a number of bits large enough to be secure for
* modern applications can take a fairly substantial amount of time (e.g.
* one second). If you require fast key generation, consider using an EC key
* instead.
*
* If you require progress information during the key generation process,
* you can set a progress callback using EVP_PKEY_set_cb; see the example in
* EVP_PKEY_generate(3).
*/
fprintf(stderr, "Generating RSA key, this may take some time...\n");
if (EVP_PKEY_generate(genctx, &pkey) <= 0) {
fprintf(stderr, "EVP_PKEY_generate() failed\n");
goto cleanup;
}
/* pkey is now set to an object representing the generated key pair. */
cleanup:
EVP_PKEY_CTX_free(genctx);
return pkey;
}
/*
* Generates an RSA public-private key pair and returns it.
* The number of bits is specified by the bits argument.
*
* This uses a more concise way of generating an RSA key, which is suitable for
* simple cases. It is used if -s is passed on the command line, otherwise the
* long method above is used. The ability to choose between these two methods is
* shown here only for demonstration; the results are equivalent.
*/
static EVP_PKEY *generate_rsa_key_short(OSSL_LIB_CTX *libctx, unsigned int bits)
{
EVP_PKEY *pkey = NULL;
fprintf(stderr, "Generating RSA key, this may take some time...\n");
pkey = EVP_PKEY_Q_keygen(libctx, propq, "RSA", (size_t)bits);
if (pkey == NULL)
fprintf(stderr, "EVP_PKEY_Q_keygen() failed\n");
return pkey;
}
/*
* Prints information on an EVP_PKEY object representing an RSA key pair.
*/
static int dump_key(const EVP_PKEY *pkey)
{
int rv = 0;
int bits = 0;
BIGNUM *n = NULL, *e = NULL, *d = NULL, *p = NULL, *q = NULL;
/*
* Retrieve value of n. This value is not secret and forms part of the
* public key.
*
* Calling EVP_PKEY_get_bn_param with a NULL BIGNUM pointer causes
* a new BIGNUM to be allocated, so these must be freed subsequently.
*/
if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &n) == 0) {
fprintf(stderr, "Failed to retrieve n\n");
goto cleanup;
}
/*
* Retrieve value of e. This value is not secret and forms part of the
* public key. It is typically 65537 and need not be changed.
*/
if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &e) == 0) {
fprintf(stderr, "Failed to retrieve e\n");
goto cleanup;
}
/*
* Retrieve value of d. This value is secret and forms part of the private
* key. It must not be published.
*/
if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &d) == 0) {
fprintf(stderr, "Failed to retrieve d\n");
goto cleanup;
}
/*
* Retrieve value of the first prime factor, commonly known as p. This value
* is secret and forms part of the private key. It must not be published.
*/
if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &p) == 0) {
fprintf(stderr, "Failed to retrieve p\n");
goto cleanup;
}
/*
* Retrieve value of the second prime factor, commonly known as q. This value
* is secret and forms part of the private key. It must not be published.
*
* If you are creating an RSA key with more than two primes for special
* applications, you can retrieve these primes with
* OSSL_PKEY_PARAM_RSA_FACTOR3, etc.
*/
if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &q) == 0) {
fprintf(stderr, "Failed to retrieve q\n");
goto cleanup;
}
/*
* We can also retrieve the key size in bits for informational purposes.
*/
if (EVP_PKEY_get_int_param(pkey, OSSL_PKEY_PARAM_BITS, &bits) == 0) {
fprintf(stderr, "Failed to retrieve bits\n");
goto cleanup;
}
/* Output hexadecimal representations of the BIGNUM objects. */
fprintf(stdout, "\nNumber of bits: %d\n\n", bits);
fprintf(stderr, "Public values:\n");
fprintf(stdout, " n = 0x");
BN_print_fp(stdout, n);
fprintf(stdout, "\n");
fprintf(stdout, " e = 0x");
BN_print_fp(stdout, e);
fprintf(stdout, "\n\n");
fprintf(stdout, "Private values:\n");
fprintf(stdout, " d = 0x");
BN_print_fp(stdout, d);
fprintf(stdout, "\n");
fprintf(stdout, " p = 0x");
BN_print_fp(stdout, p);
fprintf(stdout, "\n");
fprintf(stdout, " q = 0x");
BN_print_fp(stdout, q);
fprintf(stdout, "\n\n");
/* Output a PEM encoding of the public key. */
if (PEM_write_PUBKEY(stdout, pkey) == 0) {
fprintf(stderr, "Failed to output PEM-encoded public key\n");
goto cleanup;
}
/*
* Output a PEM encoding of the private key. Please note that this output is
* not encrypted. You may wish to use the arguments to specify encryption of
* the key if you are storing it on disk. See PEM_write_PrivateKey(3).
*/
if (PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL) == 0) {
fprintf(stderr, "Failed to output PEM-encoded private key\n");
goto cleanup;
}
rv = 1;
cleanup:
BN_free(n); /* not secret */
BN_free(e); /* not secret */
BN_clear_free(d); /* secret - scrub before freeing */
BN_clear_free(p); /* secret - scrub before freeing */
BN_clear_free(q); /* secret - scrub before freeing */
return rv;
}
int main(int argc, char **argv)
{
int rv = 1;
OSSL_LIB_CTX *libctx = NULL;
EVP_PKEY *pkey = NULL;
unsigned int bits = 4096;
int bits_i, use_short = 0;
/* usage: [-s] [<bits>] */
if (argc > 1 && strcmp(argv[1], "-s") == 0) {
--argc;
++argv;
use_short = 1;
}
if (argc > 1) {
bits_i = atoi(argv[1]);
if (bits < 512) {
fprintf(stderr, "Invalid RSA key size\n");
return 1;
}
bits = (unsigned int)bits_i;
}
/* Avoid using key sizes less than 2048 bits; see comment at top of file. */
if (bits < 2048)
fprintf(stderr, "Warning: very weak key size\n\n");
/* Generate RSA key. */
if (use_short)
pkey = generate_rsa_key_short(libctx, bits);
else
pkey = generate_rsa_key_long(libctx, bits);
if (pkey == NULL)
goto cleanup;
/* Dump the integers comprising the key. */
if (dump_key(pkey) == 0) {
fprintf(stderr, "Failed to dump key\n");
goto cleanup;
}
rv = 0;
cleanup:
EVP_PKEY_free(pkey);
OSSL_LIB_CTX_free(libctx);
return rv;
}

37
deps/openssl/openssl/demos/pkey/Makefile vendored
View File

@ -1,37 +0,0 @@
#
# To run the demos when linked with a shared library (default):
#
# LD_LIBRARY_PATH=../.. ./EVP_PKEY_EC_keygen
# LD_LIBRARY_PATH=../.. ./EVP_PKEY_RSA_keygen
# LD_LIBRARY_PATH=../.. ./EVP_PKEY_DSA_keygen
# LD_LIBRARY_PATH=../.. ./EVP_PKEY_DSA_paramgen
# LD_LIBRARY_PATH=../.. ./EVP_PKEY_DSA_paramvalidate
# LD_LIBRARY_PATH=../.. ./EVP_PKEY_DSA_paramfromdata
CFLAGS = -I../../include -g -Wall
LDFLAGS = -L../..
LDLIBS = -lcrypto
all: EVP_PKEY_EC_keygen EVP_PKEY_RSA_keygen EVP_PKEY_DSA_keygen \
EVP_PKEY_DSA_paramgen EVP_PKEY_DSA_paramvalidate EVP_PKEY_DSA_paramfromdata \
%.o: %.c dsa.inc
$(CC) $(CFLAGS) -c $<
EVP_PKEY_EC_keygen: EVP_PKEY_EC_keygen.o
EVP_PKEY_RSA_keygen: EVP_PKEY_RSA_keygen.o
EVP_PKEY_DSA_keygen: EVP_PKEY_DSA_keygen.o
EVP_PKEY_DSA_paramgen: EVP_PKEY_DSA_paramgen.o
EVP_PKEY_DSA_paramvalidate: EVP_PKEY_DSA_paramvalidate.o
EVP_PKEY_DSA_paramfromdata: EVP_PKEY_DSA_paramfromdata.o
test: ;
clean:
$(RM) *.o EVP_PKEY_EC_keygen EVP_PKEY_RSA_keygen EVP_PKEY_DSA_keygen \
EVP_PKEY_DSA_paramgen EVP_PKEY_DSA_paramfromdata EVP_PKEY_DSA_paramvalidate

172
deps/openssl/openssl/demos/pkey/dsa.inc vendored
View File

@ -1,172 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/pem.h>
#include <openssl/core_names.h>
/* Raw DSA params for P, Q and G */
static const unsigned char dsa_p[] = {
0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
};
static const unsigned char dsa_q[] = {
0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
0x18, 0x90, 0x28, 0x67
};
static const unsigned char dsa_g[] = {
0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
};
/* Helper function to retrieve and print a key BIGNUM field */
static void print_bn(BIO *bio, const EVP_PKEY *pkey, const char *name)
{
BIGNUM *bn = NULL;
if (EVP_PKEY_get_bn_param(pkey, name, &bn) == 0)
return;
BIO_printf(bio, " %s = 0x", name);
BN_print(bio, bn);
BIO_printf(bio, "\n");
BN_clear_free(bn);
}
/*
* Print DSA key info
*
* This method shows how to extract DSA data from an EVP_PKEY.
* There are simpler ways to print using EVP_PKEY_print_XXXX().
*/
static int dsa_print_key(const EVP_PKEY *pkey, int keypair,
OSSL_LIB_CTX *libctx, const char *propq)
{
int rv = 0, gindex, counter;
BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE);
unsigned char seed[2048];
size_t seedlen;
if (bio == NULL)
return 0;
/* Output hexadecimal representations of the BIGNUM objects. */
BIO_printf(bio, "\nPublic values:\n");
print_bn(bio, pkey, OSSL_PKEY_PARAM_FFC_P);
print_bn(bio, pkey, OSSL_PKEY_PARAM_FFC_Q);
print_bn(bio, pkey, OSSL_PKEY_PARAM_FFC_G);
if (EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_FFC_SEED, seed,
sizeof(seed), &seedlen) > 0) {
BIO_printf(bio, " %s\n", OSSL_PKEY_PARAM_FFC_SEED);
BIO_dump(bio, seed, seedlen);
}
if (EVP_PKEY_get_int_param(pkey, OSSL_PKEY_PARAM_FFC_GINDEX, &gindex) > 0) {
if (gindex != -1)
BIO_printf(bio, " %s = %d\n", OSSL_PKEY_PARAM_FFC_GINDEX, gindex);
}
if (EVP_PKEY_get_int_param(pkey, OSSL_PKEY_PARAM_FFC_PCOUNTER, &counter) > 0) {
if (counter != -1)
BIO_printf(bio, " %s = %d\n", OSSL_PKEY_PARAM_FFC_PCOUNTER, counter);
}
if (keypair) {
fprintf(stdout, "\nPrivate value:\n");
print_bn(bio, pkey, OSSL_PKEY_PARAM_PRIV_KEY);
/* Output a PEM encoding of the public key. */
if (PEM_write_bio_PUBKEY_ex(bio, pkey, libctx, propq) == 0) {
fprintf(stderr, "Failed to output PEM-encoded public key\n");
goto cleanup;
}
/*
* Output a PEM encoding of the private key. Please note that this output is
* not encrypted. You may wish to use the arguments to specify encryption of
* the key if you are storing it on disk. See PEM_write_bio_PrivateKey_ex(3).
*/
if (PEM_write_bio_PrivateKey_ex(bio, pkey, NULL, NULL, 0, NULL, NULL, libctx, propq) == 0) {
fprintf(stderr, "Failed to output PEM-encoded private key\n");
goto cleanup;
}
} else {
if (PEM_write_bio_Parameters(bio, pkey) == 0) {
fprintf(stderr, "Failed to output PEM-encoded params\n");
goto cleanup;
}
}
rv = 1;
cleanup:
BIO_free(bio);
return rv;
}

235
deps/openssl/openssl/demos/signature/EVP_Signature_demo.c vendored
View File

@ -1,235 +0,0 @@
/*-
* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* An example that uses the EVP_MD*, EVP_DigestSign* and EVP_DigestVerify*
* methods to calculate and verify a signature of two static buffers.
*/
#include <string.h>
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/decoder.h>
#include "EVP_Signature_demo.h"
/*
* This demonstration will calculate and verify a signature of data using
* the soliloquy from Hamlet scene 1 act 3
*/
static const char *hamlet_1 =
"To be, or not to be, that is the question,\n"
"Whether tis nobler in the minde to suffer\n"
"The slings and arrowes of outragious fortune,\n"
"Or to take Armes again in a sea of troubles,\n"
;
static const char *hamlet_2 =
"And by opposing, end them, to die to sleep;\n"
"No more, and by a sleep, to say we end\n"
"The heart-ache, and the thousand natural shocks\n"
"That flesh is heir to? tis a consumation\n"
;
/*
* For demo_sign, load EC private key priv_key from priv_key_der[].
* For demo_verify, load EC public key pub_key from pub_key_der[].
*/
static EVP_PKEY *get_key(OSSL_LIB_CTX *libctx, const char *propq, int public)
{
OSSL_DECODER_CTX *dctx = NULL;
EVP_PKEY *pkey = NULL;
int selection;
const unsigned char *data;
size_t data_len;
if (public) {
selection = EVP_PKEY_PUBLIC_KEY;
data = pub_key_der;
data_len = sizeof(pub_key_der);
} else {
selection = EVP_PKEY_KEYPAIR;
data = priv_key_der;
data_len = sizeof(priv_key_der);
}
dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, "DER", NULL, "EC",
selection, libctx, propq);
(void)OSSL_DECODER_from_data(dctx, &data, &data_len);
OSSL_DECODER_CTX_free(dctx);
if (pkey == NULL)
fprintf(stderr, "Failed to load %s key.\n", public ? "public" : "private");
return pkey;
}
static int demo_sign(OSSL_LIB_CTX *libctx, const char *sig_name,
size_t *sig_out_len, unsigned char **sig_out_value)
{
int result = 0, public = 0;
size_t sig_len;
unsigned char *sig_value = NULL;
const char *propq = NULL;
EVP_MD_CTX *sign_context = NULL;
EVP_PKEY *priv_key = NULL;
/* Get private key */
priv_key = get_key(libctx, propq, public);
if (priv_key == NULL) {
fprintf(stderr, "Get private key failed.\n");
goto cleanup;
}
/*
* Make a message signature context to hold temporary state
* during signature creation
*/
sign_context = EVP_MD_CTX_new();
if (sign_context == NULL) {
fprintf(stderr, "EVP_MD_CTX_new failed.\n");
goto cleanup;
}
/*
* Initialize the sign context to use the fetched
* sign provider.
*/
if (!EVP_DigestSignInit_ex(sign_context, NULL, sig_name,
libctx, NULL, priv_key, NULL)) {
fprintf(stderr, "EVP_DigestSignInit_ex failed.\n");
goto cleanup;
}
/*
* EVP_DigestSignUpdate() can be called several times on the same context
* to include additional data.
*/
if (!EVP_DigestSignUpdate(sign_context, hamlet_1, strlen(hamlet_1))) {
fprintf(stderr, "EVP_DigestSignUpdate(hamlet_1) failed.\n");
goto cleanup;
}
if (!EVP_DigestSignUpdate(sign_context, hamlet_2, strlen(hamlet_2))) {
fprintf(stderr, "EVP_DigestSignUpdate(hamlet_2) failed.\n");
goto cleanup;
}
/* Call EVP_DigestSignFinal to get signature length sig_len */
if (!EVP_DigestSignFinal(sign_context, NULL, &sig_len)) {
fprintf(stderr, "EVP_DigestSignFinal failed.\n");
goto cleanup;
}
if (sig_len <= 0) {
fprintf(stderr, "EVP_DigestSignFinal returned invalid signature length.\n");
goto cleanup;
}
sig_value = OPENSSL_malloc(sig_len);
if (sig_value == NULL) {
fprintf(stderr, "No memory.\n");
goto cleanup;
}
if (!EVP_DigestSignFinal(sign_context, sig_value, &sig_len)) {
fprintf(stderr, "EVP_DigestSignFinal failed.\n");
goto cleanup;
}
*sig_out_len = sig_len;
*sig_out_value = sig_value;
fprintf(stdout, "Generating signature:\n");
BIO_dump_indent_fp(stdout, sig_value, sig_len, 2);
fprintf(stdout, "\n");
result = 1;
cleanup:
/* OpenSSL free functions will ignore NULL arguments */
if (!result)
OPENSSL_free(sig_value);
EVP_PKEY_free(priv_key);
EVP_MD_CTX_free(sign_context);
return result;
}
static int demo_verify(OSSL_LIB_CTX *libctx, const char *sig_name,
size_t sig_len, unsigned char *sig_value)
{
int result = 0, public = 1;
const char *propq = NULL;
EVP_MD_CTX *verify_context = NULL;
EVP_PKEY *pub_key = NULL;
/*
* Make a verify signature context to hold temporary state
* during signature verification
*/
verify_context = EVP_MD_CTX_new();
if (verify_context == NULL) {
fprintf(stderr, "EVP_MD_CTX_new failed.\n");
goto cleanup;
}
/* Get public key */
pub_key = get_key(libctx, propq, public);
if (pub_key == NULL) {
fprintf(stderr, "Get public key failed.\n");
goto cleanup;
}
/* Verify */
if (!EVP_DigestVerifyInit_ex(verify_context, NULL, sig_name,
libctx, NULL, pub_key, NULL)) {
fprintf(stderr, "EVP_DigestVerifyInit failed.\n");
goto cleanup;
}
/*
* EVP_DigestVerifyUpdate() can be called several times on the same context
* to include additional data.
*/
if (!EVP_DigestVerifyUpdate(verify_context, hamlet_1, strlen(hamlet_1))) {
fprintf(stderr, "EVP_DigestVerifyUpdate(hamlet_1) failed.\n");
goto cleanup;
}
if (!EVP_DigestVerifyUpdate(verify_context, hamlet_2, strlen(hamlet_2))) {
fprintf(stderr, "EVP_DigestVerifyUpdate(hamlet_2) failed.\n");
goto cleanup;
}
if (EVP_DigestVerifyFinal(verify_context, sig_value, sig_len) <= 0) {
fprintf(stderr, "EVP_DigestVerifyFinal failed.\n");
goto cleanup;
}
fprintf(stdout, "Signature verified.\n");
result = 1;
cleanup:
/* OpenSSL free functions will ignore NULL arguments */
EVP_PKEY_free(pub_key);
EVP_MD_CTX_free(verify_context);
return result;
}
int main(void)
{
OSSL_LIB_CTX *libctx = NULL;
const char *sig_name = "SHA3-512";
size_t sig_len = 0;
unsigned char *sig_value = NULL;
int result = 0;
libctx = OSSL_LIB_CTX_new();
if (libctx == NULL) {
fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
goto cleanup;
}
if (!demo_sign(libctx, sig_name, &sig_len, &sig_value)) {
fprintf(stderr, "demo_sign failed.\n");
goto cleanup;
}
if (!demo_verify(libctx, sig_name, sig_len, sig_value)) {
fprintf(stderr, "demo_verify failed.\n");
goto cleanup;
}
result = 1;
cleanup:
if (result != 1)
ERR_print_errors_fp(stderr);
/* OpenSSL free functions will ignore NULL arguments */
OSSL_LIB_CTX_free(libctx);
OPENSSL_free(sig_value);
return result == 0;
}

76
deps/openssl/openssl/demos/signature/EVP_Signature_demo.h vendored
View File

@ -1,76 +0,0 @@
/*-
* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Signers private EC key */
static const unsigned char priv_key_der[] = {
0x30, 0x82, 0x01, 0x68, 0x02, 0x01, 0x01, 0x04, 0x20, 0x51, 0x77, 0xae,
0xf4, 0x18, 0xf4, 0x6b, 0xc4, 0xe5, 0xbb, 0xe9, 0xe6, 0x9e, 0x6d, 0xb0,
0xea, 0x12, 0xf9, 0xf3, 0xdb, 0x9d, 0x56, 0x59, 0xf7, 0x5a, 0x17, 0xd7,
0xd1, 0xe4, 0xd7, 0x47, 0x28, 0xa0, 0x81, 0xfa, 0x30, 0x81, 0xf7, 0x02,
0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01,
0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0x30, 0x5b, 0x04, 0x20, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc,
0x04, 0x20, 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7, 0xb3, 0xeb,
0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc, 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53,
0xb0, 0xf6, 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b, 0x03, 0x15,
0x00, 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93, 0x6a, 0x66, 0x78,
0xe1, 0x13, 0x9d, 0x26, 0xb7, 0x81, 0x9f, 0x7e, 0x90, 0x04, 0x41, 0x04,
0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc, 0xe6, 0xe5,
0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96, 0x4f, 0xe3, 0x42, 0xe2,
0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68,
0x37, 0xbf, 0x51, 0xf5, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00,
0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbc,
0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e, 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc,
0x63, 0x25, 0x51, 0x02, 0x01, 0x01, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04,
0x4f, 0xe7, 0x7b, 0xb6, 0xbb, 0x54, 0x42, 0x39, 0xed, 0x5d, 0xe5, 0x40,
0xc8, 0xd8, 0x71, 0xca, 0x6d, 0x83, 0x71, 0xd1, 0x88, 0x2a, 0x65, 0x00,
0x6c, 0xc6, 0x2f, 0x01, 0x31, 0x49, 0xbe, 0x76, 0x7a, 0x67, 0x6a, 0x28,
0x33, 0xc7, 0x5b, 0xb9, 0x24, 0x45, 0x24, 0x6e, 0xf0, 0x6d, 0x2f, 0x34,
0x06, 0x53, 0x73, 0x6a, 0xff, 0x90, 0x90, 0xc1, 0x6d, 0x9b, 0x94, 0x0d,
0x0e, 0x1f, 0x95, 0x65,
};
/* The matching public key used for verifying */
static const unsigned char pub_key_der[] = {
0x30, 0x82, 0x01, 0x4b, 0x30, 0x82, 0x01, 0x03, 0x06, 0x07, 0x2a, 0x86,
0x48, 0xce, 0x3d, 0x02, 0x01, 0x30, 0x81, 0xf7, 0x02, 0x01, 0x01, 0x30,
0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21,
0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x30, 0x5b, 0x04,
0x20, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc, 0x04, 0x20, 0x5a,
0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7, 0xb3, 0xeb, 0xbd, 0x55, 0x76,
0x98, 0x86, 0xbc, 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6, 0x3b,
0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b, 0x03, 0x15, 0x00, 0xc4, 0x9d,
0x36, 0x08, 0x86, 0xe7, 0x04, 0x93, 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d,
0x26, 0xb7, 0x81, 0x9f, 0x7e, 0x90, 0x04, 0x41, 0x04, 0x6b, 0x17, 0xd1,
0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40,
0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39,
0x45, 0xd8, 0x98, 0xc2, 0x96, 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f,
0x9b, 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33,
0x57, 0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51,
0xf5, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbc, 0xe6, 0xfa, 0xad,
0xa7, 0x17, 0x9e, 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51,
0x02, 0x01, 0x01, 0x03, 0x42, 0x00, 0x04, 0x4f, 0xe7, 0x7b, 0xb6, 0xbb,
0x54, 0x42, 0x39, 0xed, 0x5d, 0xe5, 0x40, 0xc8, 0xd8, 0x71, 0xca, 0x6d,
0x83, 0x71, 0xd1, 0x88, 0x2a, 0x65, 0x00, 0x6c, 0xc6, 0x2f, 0x01, 0x31,
0x49, 0xbe, 0x76, 0x7a, 0x67, 0x6a, 0x28, 0x33, 0xc7, 0x5b, 0xb9, 0x24,
0x45, 0x24, 0x6e, 0xf0, 0x6d, 0x2f, 0x34, 0x06, 0x53, 0x73, 0x6a, 0xff,
0x90, 0x90, 0xc1, 0x6d, 0x9b, 0x94, 0x0d, 0x0e, 0x1f, 0x95, 0x65,
};

22
deps/openssl/openssl/demos/signature/Makefile vendored
View File

@ -1,22 +0,0 @@
#
# To run the demos when linked with a shared library (default):
#
# LD_LIBRARY_PATH=../.. ./EVP_Signature_demo
CFLAGS = -I../../include -g -Wall
LDFLAGS = -L../..
LDLIBS = -lcrypto
all: EVP_Signature_demo rsa_pss_direct rsa_pss_hash
%.o: %.c
$(CC) $(CFLAGS) -c $<
EVP_Signature_demo: EVP_Signature_demo.o
rsa_pss_direct: rsa_pss_direct.o
rsa_pss_hash: rsa_pss_hash.o
test: ;
clean:
$(RM) *.o EVP_Signature_demo rsa_pss_direct rsa_pss_hash

256
deps/openssl/openssl/demos/signature/rsa_pss.h vendored
View File

@ -1,256 +0,0 @@
/*-
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* 4096-bit RSA private key, DER. */
static const unsigned char rsa_priv_key[] = {
0x30, 0x82, 0x09, 0x28, 0x02, 0x01, 0x00, 0x02, 0x82, 0x02, 0x01, 0x00,
0xa3, 0x14, 0xe4, 0xb8, 0xd8, 0x58, 0x0d, 0xab, 0xd7, 0x87, 0xa4, 0xf6,
0x84, 0x51, 0x74, 0x60, 0x4c, 0xe3, 0x60, 0x28, 0x89, 0x49, 0x65, 0x18,
0x5c, 0x8f, 0x1a, 0x1b, 0xe9, 0xdb, 0xc1, 0xc1, 0xf7, 0x08, 0x27, 0x44,
0xe5, 0x9d, 0x9a, 0x33, 0xc3, 0xac, 0x5a, 0xca, 0xba, 0x20, 0x5a, 0x9e,
0x3a, 0x18, 0xb5, 0x3d, 0xe3, 0x9d, 0x94, 0x58, 0xa7, 0xa9, 0x5a, 0x0b,
0x4f, 0xb8, 0xe5, 0xa3, 0x7b, 0x01, 0x11, 0x0f, 0x16, 0x11, 0xb8, 0x65,
0x2f, 0xa8, 0x95, 0xf7, 0x58, 0x2c, 0xec, 0x1d, 0x41, 0xad, 0xd1, 0x12,
0xca, 0x4a, 0x80, 0x35, 0x35, 0x43, 0x7e, 0xe0, 0x97, 0xfc, 0x86, 0x8f,
0xcf, 0x4b, 0xdc, 0xbc, 0x15, 0x2c, 0x8e, 0x90, 0x84, 0x26, 0x83, 0xc1,
0x96, 0x97, 0xf4, 0xd7, 0x90, 0xce, 0xfe, 0xd4, 0xf3, 0x70, 0x22, 0xa8,
0xb0, 0x1f, 0xed, 0x08, 0xd7, 0xc5, 0xc0, 0xd6, 0x41, 0x6b, 0x24, 0x68,
0x5c, 0x07, 0x1f, 0x44, 0x97, 0xd8, 0x6e, 0x18, 0x93, 0x67, 0xc3, 0xba,
0x3a, 0xaf, 0xfd, 0xc2, 0x65, 0x00, 0x21, 0x63, 0xdf, 0xb7, 0x28, 0x68,
0xd6, 0xc0, 0x20, 0x86, 0x92, 0xed, 0x68, 0x6a, 0x27, 0x3a, 0x07, 0xec,
0x66, 0x00, 0xfe, 0x51, 0x51, 0x86, 0x41, 0x6f, 0x83, 0x69, 0xd2, 0xf0,
0xe6, 0xf7, 0x61, 0xda, 0x12, 0x45, 0x53, 0x09, 0xdf, 0xf8, 0x42, 0xc7,
0x30, 0x6a, 0xe5, 0xd8, 0x2b, 0xa2, 0x49, 0x7a, 0x05, 0x10, 0xee, 0xb2,
0x59, 0x0a, 0xe5, 0xbe, 0xf8, 0x4d, 0x0f, 0xa8, 0x9e, 0x63, 0x81, 0x39,
0x32, 0xaa, 0xfd, 0xa8, 0x03, 0xf6, 0xd8, 0xc6, 0xaa, 0x02, 0x93, 0x03,
0xeb, 0x15, 0xd3, 0x38, 0xc8, 0x1a, 0x78, 0xcf, 0xf3, 0xa7, 0x9f, 0x98,
0x4b, 0x91, 0x5b, 0x79, 0xf8, 0x4e, 0x53, 0xaf, 0x0c, 0x65, 0xe9, 0xb0,
0x93, 0xc2, 0xcb, 0x5d, 0x3c, 0x5f, 0x6e, 0x39, 0xd2, 0x58, 0x23, 0x50,
0xe5, 0x2e, 0xef, 0x12, 0x00, 0xa4, 0x59, 0x13, 0x2b, 0x2f, 0x2c, 0x0a,
0x7b, 0x36, 0x89, 0xc5, 0xe5, 0x8f, 0x95, 0x5e, 0x14, 0x0f, 0x0f, 0x94,
0x5a, 0xe9, 0xdc, 0x0b, 0x49, 0x14, 0xbe, 0x0a, 0x70, 0x45, 0xc1, 0x7c,
0xbf, 0x83, 0x70, 0xfd, 0x3d, 0x99, 0xe6, 0x8a, 0xf5, 0x9c, 0x09, 0x71,
0x84, 0x9a, 0x18, 0xa0, 0xe0, 0x6c, 0x43, 0x5c, 0x7e, 0x48, 0x33, 0xc8,
0xbe, 0x5d, 0xdd, 0xd8, 0x77, 0xe3, 0xe7, 0x6b, 0x34, 0x4b, 0xa2, 0xb7,
0x54, 0x07, 0x72, 0x2e, 0xab, 0xa9, 0x91, 0x1e, 0x4b, 0xe3, 0xb5, 0xd8,
0xfa, 0x35, 0x64, 0x8a, 0xe9, 0x03, 0xa1, 0xa8, 0x26, 0xbd, 0x72, 0x58,
0x10, 0x6a, 0xec, 0x1a, 0xf6, 0x1e, 0xb8, 0xc0, 0x46, 0x19, 0x31, 0x2c,
0xca, 0xf9, 0x6a, 0xd7, 0x2e, 0xd0, 0xa7, 0x2c, 0x60, 0x58, 0xc4, 0x8f,
0x46, 0x63, 0x61, 0x8d, 0x29, 0x6f, 0xe2, 0x5f, 0xe2, 0x43, 0x90, 0x9c,
0xe6, 0xfc, 0x08, 0x41, 0xc8, 0xb5, 0x23, 0x56, 0x24, 0x3e, 0x3a, 0x2c,
0x41, 0x22, 0x43, 0xda, 0x22, 0x15, 0x2b, 0xad, 0xd0, 0xfa, 0xc8, 0x47,
0x44, 0xe6, 0x2a, 0xf9, 0x38, 0x90, 0x13, 0x62, 0x22, 0xea, 0x06, 0x8c,
0x44, 0x9c, 0xd6, 0xca, 0x50, 0x93, 0xe9, 0xd4, 0x03, 0xd8, 0x3e, 0x71,
0x36, 0x4b, 0xaa, 0xab, 0xbb, 0xe2, 0x48, 0x66, 0x26, 0x53, 0xb1, 0x6d,
0x3b, 0x82, 0x2c, 0x8c, 0x25, 0x05, 0xf0, 0xf8, 0xcf, 0x55, 0xbf, 0x8e,
0x29, 0xf7, 0x54, 0x5b, 0x6f, 0x30, 0x54, 0xa6, 0xad, 0x46, 0xff, 0x22,
0x95, 0xb1, 0x87, 0x98, 0x00, 0x51, 0x69, 0x15, 0x07, 0xbd, 0x3d, 0x9c,
0x6e, 0xaa, 0xaa, 0x3b, 0x0b, 0x74, 0x65, 0x4c, 0x04, 0xe0, 0x80, 0x3e,
0xaf, 0x5e, 0x10, 0xd6, 0x9b, 0x28, 0x37, 0x6f, 0x02, 0x03, 0x01, 0x00,
0x01, 0x02, 0x82, 0x02, 0x00, 0x09, 0x6e, 0xf8, 0xf8, 0x14, 0x53, 0xab,
0x9e, 0xc8, 0x1d, 0xe9, 0x95, 0xf4, 0xfb, 0x7d, 0x3e, 0xe0, 0xd3, 0xba,
0x49, 0x3d, 0xff, 0xc7, 0xe0, 0x4b, 0xe2, 0x5f, 0x41, 0x44, 0x1a, 0xd9,
0x2f, 0x6e, 0x29, 0xc3, 0x93, 0xc1, 0xb0, 0x87, 0x2d, 0xfd, 0x60, 0xa7,
0xf3, 0xd8, 0x26, 0x6c, 0xf7, 0x80, 0x26, 0xd3, 0xbd, 0x1b, 0xc0, 0x8e,
0xc7, 0x3e, 0x13, 0x96, 0xc8, 0xd6, 0xb8, 0xbc, 0x57, 0xe3, 0x92, 0xa1,
0x38, 0xfd, 0x2e, 0xd3, 0x3a, 0xcf, 0x31, 0xf2, 0x52, 0xd7, 0x7f, 0xe9,
0xbc, 0x9b, 0x83, 0x01, 0x78, 0x13, 0xc9, 0x91, 0x77, 0x02, 0x78, 0xc0,
0x0b, 0x1f, 0xdf, 0x94, 0xad, 0x16, 0xf1, 0xad, 0x78, 0x17, 0xc5, 0x77,
0x0d, 0xb7, 0x07, 0x3f, 0x51, 0xe0, 0x73, 0x33, 0xcf, 0x90, 0x69, 0xd8,
0xe5, 0xda, 0x9b, 0x1e, 0xf6, 0x21, 0x12, 0x07, 0xb5, 0x1e, 0x3e, 0x2b,
0x34, 0x79, 0x9e, 0x48, 0x01, 0xdd, 0x68, 0xf0, 0x0f, 0x18, 0xb5, 0x85,
0x50, 0xd8, 0x9e, 0x04, 0xfd, 0x6d, 0xcd, 0xa6, 0x61, 0x2b, 0x54, 0x81,
0x99, 0xf4, 0x63, 0xf4, 0xeb, 0x73, 0x98, 0xb3, 0x88, 0xf5, 0x50, 0xd4,
0x5c, 0x67, 0x9e, 0x7c, 0xbc, 0xd8, 0xfd, 0xaf, 0xb8, 0x66, 0x7d, 0xdc,
0xa5, 0x25, 0xb5, 0xe6, 0x64, 0xd7, 0x07, 0x72, 0x5a, 0x99, 0xf9, 0xf6,
0x9e, 0xb8, 0x9c, 0xf4, 0xc7, 0xee, 0xee, 0x10, 0x13, 0x9c, 0x1a, 0x8c,
0x23, 0x89, 0xcd, 0x7b, 0xf1, 0x47, 0x23, 0x51, 0x3c, 0xe5, 0xc2, 0x17,
0x68, 0xca, 0x98, 0xb8, 0xed, 0xe5, 0x17, 0x6d, 0x0a, 0xde, 0x07, 0xd6,
0x6c, 0x4f, 0x83, 0x4c, 0x9b, 0xca, 0x6a, 0x7d, 0xc8, 0x68, 0x12, 0xd7,
0xf0, 0x37, 0x88, 0xf7, 0xbb, 0x68, 0x8b, 0xa4, 0xfd, 0xfe, 0x36, 0x11,
0xb3, 0x2b, 0x85, 0x6d, 0xaa, 0x30, 0x31, 0xf1, 0x6f, 0x80, 0x72, 0x42,
0x23, 0xfe, 0x93, 0x88, 0xcc, 0x1e, 0x4b, 0x53, 0x4f, 0x8e, 0x24, 0x67,
0x4a, 0x72, 0xb6, 0x3c, 0x13, 0x00, 0x11, 0x4f, 0xe1, 0x30, 0xd6, 0xe7,
0x45, 0x8f, 0xaf, 0xdd, 0xe5, 0xaa, 0xb7, 0x02, 0x17, 0x04, 0xf8, 0xd2,
0xc1, 0x7b, 0x6c, 0x92, 0xec, 0x76, 0x94, 0x1b, 0xb0, 0xe4, 0xc3, 0x0c,
0x9e, 0xee, 0xb5, 0xdc, 0x97, 0xca, 0x10, 0x1d, 0x17, 0x96, 0x45, 0xd4,
0x04, 0x0c, 0xea, 0xca, 0x45, 0xfc, 0x52, 0x54, 0x82, 0x9b, 0xdf, 0x64,
0xd6, 0x59, 0x6c, 0x12, 0x70, 0xf0, 0x19, 0xd8, 0x46, 0xbb, 0x08, 0x43,
0x81, 0xa1, 0x73, 0xa8, 0x00, 0xc9, 0x4e, 0xb9, 0xd5, 0xfd, 0x42, 0x5f,
0xcf, 0x94, 0x14, 0x18, 0xab, 0x9d, 0x11, 0xd0, 0xbd, 0x44, 0x88, 0x2c,
0xd8, 0x29, 0xec, 0x94, 0x70, 0xf9, 0x42, 0x14, 0xf4, 0xb0, 0x3f, 0xfe,
0x27, 0x16, 0x43, 0x59, 0x90, 0x14, 0x48, 0x61, 0x8c, 0x91, 0xd9, 0x37,
0x41, 0xef, 0xf1, 0xe9, 0x15, 0x4a, 0x4f, 0x5e, 0x1f, 0x50, 0x25, 0x20,
0x2d, 0xa6, 0xf8, 0x79, 0x0d, 0x92, 0xb0, 0x00, 0x0b, 0xa2, 0xfb, 0xc3,
0x7b, 0x0f, 0xa6, 0xff, 0x75, 0x5d, 0x70, 0xaa, 0xcf, 0x0a, 0xdf, 0xe1,
0xfc, 0x32, 0x53, 0x1e, 0xf6, 0xe6, 0x69, 0x9f, 0x09, 0xd0, 0xc8, 0xab,
0xaf, 0xec, 0xb0, 0x04, 0xfa, 0x83, 0xe2, 0x29, 0x23, 0x54, 0x37, 0x87,
0x63, 0x47, 0x75, 0x9b, 0xdb, 0x1f, 0x4f, 0x1b, 0x6b, 0xa6, 0xe2, 0x67,
0x1c, 0xb4, 0x74, 0x9e, 0x48, 0x77, 0x61, 0xc2, 0x9a, 0x3e, 0x6b, 0x89,
0xa9, 0x68, 0x74, 0x27, 0x01, 0x29, 0xd6, 0x46, 0xe8, 0x0f, 0xd0, 0x33,
0x22, 0x00, 0x45, 0x6c, 0xde, 0x32, 0x28, 0x42, 0x57, 0xaf, 0x70, 0x28,
0xa0, 0xd5, 0x99, 0xbb, 0x1f, 0xd7, 0x3c, 0x84, 0x20, 0x70, 0x1f, 0xe3,
0xa9, 0x02, 0x82, 0x01, 0x01, 0x00, 0xe6, 0x68, 0xfe, 0x5f, 0x75, 0x71,
0x2a, 0xd8, 0xcf, 0x0d, 0x1d, 0xf4, 0xa1, 0x06, 0x8b, 0xa5, 0x70, 0x6f,
0x29, 0x03, 0xf3, 0x50, 0xd3, 0x83, 0x39, 0xf9, 0xf6, 0xe5, 0x79, 0x7a,
0x29, 0x75, 0xde, 0xda, 0x6a, 0x98, 0x7c, 0x33, 0xf8, 0x64, 0xca, 0x86,
0x5a, 0xda, 0x55, 0x5b, 0x4d, 0x7b, 0x1a, 0xe5, 0x5d, 0x19, 0x7d, 0xf3,
0x57, 0x49, 0x3d, 0x7a, 0xe8, 0x3f, 0x5a, 0x40, 0x8c, 0x15, 0xc7, 0xb0,
0x53, 0xf8, 0x63, 0x42, 0x17, 0x7c, 0x20, 0xb9, 0xfc, 0xff, 0x27, 0xd0,
0xc2, 0x0c, 0x45, 0x52, 0x1b, 0x75, 0x1f, 0x89, 0x87, 0xc4, 0xa8, 0x07,
0x3b, 0x73, 0x16, 0xc7, 0xd7, 0x77, 0x2e, 0x47, 0xa2, 0x7d, 0x12, 0xb4,
0x25, 0x24, 0x5e, 0xa5, 0xb2, 0x12, 0x76, 0x65, 0xd1, 0xcd, 0xa4, 0x66,
0x33, 0x2d, 0xed, 0xb2, 0x85, 0xb0, 0xb3, 0x33, 0x56, 0x18, 0x5a, 0xb3,
0x75, 0x43, 0x4d, 0x40, 0x14, 0x22, 0x55, 0xf6, 0x5a, 0x0c, 0x6a, 0xb3,
0xc3, 0x8a, 0x9b, 0x76, 0x1e, 0x23, 0x8d, 0x4a, 0x8f, 0x38, 0x21, 0x25,
0x43, 0x45, 0xf6, 0x25, 0x46, 0xdb, 0xae, 0x42, 0x43, 0x74, 0x69, 0x15,
0x46, 0xf0, 0x3a, 0x41, 0x4f, 0x9f, 0xfe, 0xda, 0x07, 0x0b, 0x38, 0xbe,
0x6b, 0xad, 0xc2, 0xef, 0x5b, 0x97, 0x18, 0x42, 0x13, 0xac, 0x13, 0x15,
0x70, 0x7b, 0xe2, 0x00, 0xbb, 0x41, 0x22, 0x99, 0xe5, 0xd3, 0x67, 0xfe,
0xfd, 0xbd, 0x8e, 0xc3, 0xca, 0x60, 0x59, 0x3d, 0x8f, 0x85, 0x76, 0x41,
0xf0, 0xb8, 0x09, 0x1a, 0x48, 0x50, 0xe4, 0x9c, 0x4a, 0x56, 0x02, 0x60,
0x76, 0xff, 0xde, 0xd4, 0x8e, 0x76, 0xa3, 0x9c, 0x30, 0xb4, 0xa4, 0x73,
0xe6, 0xb0, 0x70, 0xac, 0x67, 0x5f, 0x25, 0xd2, 0x94, 0xc5, 0x25, 0xb6,
0xbf, 0xf6, 0x0b, 0xd8, 0x9f, 0x35, 0x8c, 0x20, 0xb6, 0xdd, 0x02, 0x82,
0x01, 0x01, 0x00, 0xb5, 0x31, 0x9e, 0xa2, 0x10, 0x38, 0xca, 0x2b, 0x07,
0xc9, 0x3f, 0x0f, 0x18, 0x2c, 0x98, 0x7f, 0x15, 0x87, 0x92, 0x93, 0x2e,
0xce, 0x6b, 0x11, 0x42, 0x2a, 0x94, 0x3e, 0x31, 0xd0, 0xf5, 0xae, 0x9d,
0xc7, 0x67, 0x51, 0x3c, 0x0a, 0x52, 0x04, 0x94, 0x86, 0x2e, 0x50, 0x32,
0xe1, 0x48, 0x83, 0x85, 0xe8, 0x82, 0x04, 0x2f, 0x25, 0xbc, 0xea, 0xfc,
0x3d, 0x4b, 0xd1, 0x53, 0x90, 0x61, 0x97, 0x47, 0x73, 0xcd, 0x1f, 0xa9,
0x5a, 0x3f, 0xfb, 0xbf, 0xc3, 0xd5, 0x19, 0xb6, 0xd3, 0x59, 0x57, 0x37,
0xd9, 0x09, 0x29, 0xd3, 0x80, 0xc4, 0xae, 0x52, 0xce, 0xce, 0x82, 0x29,
0x6b, 0x95, 0x44, 0x69, 0x33, 0xfd, 0x6a, 0x6d, 0x65, 0xf7, 0xa9, 0xc0,
0x65, 0x25, 0x91, 0x05, 0xdf, 0x07, 0xbe, 0x61, 0x5c, 0xaa, 0x8f, 0x87,
0xc8, 0x43, 0xd7, 0x30, 0xd0, 0x8b, 0x25, 0xaf, 0xb8, 0x5d, 0x50, 0x4e,
0x31, 0x4a, 0xc9, 0x79, 0x56, 0xbf, 0x8d, 0xcc, 0x40, 0xa7, 0xea, 0xd4,
0xf7, 0x66, 0x86, 0xe2, 0x0b, 0xf3, 0x13, 0xbc, 0xdc, 0x0d, 0x62, 0x28,
0x4e, 0xb7, 0x31, 0xb4, 0x5a, 0x9b, 0x97, 0x65, 0x76, 0x24, 0xbb, 0xef,
0x90, 0x1b, 0xdb, 0x93, 0x98, 0xae, 0xce, 0xb0, 0x69, 0x82, 0x49, 0x94,
0xc0, 0xc3, 0x8f, 0x9c, 0x5d, 0x26, 0x45, 0xa0, 0xad, 0x15, 0x3b, 0x6e,
0xda, 0x6e, 0x78, 0xc1, 0x78, 0xc3, 0x15, 0x8e, 0x64, 0xaf, 0x50, 0xa6,
0xb7, 0xd9, 0xfb, 0x8f, 0x68, 0xa0, 0x2d, 0x59, 0xa9, 0xce, 0x5b, 0xa7,
0x91, 0x36, 0xb8, 0x05, 0x28, 0x31, 0x25, 0xc7, 0x7e, 0xa4, 0x68, 0x9d,
0xea, 0x5c, 0x71, 0x10, 0x84, 0xab, 0xc4, 0xd7, 0xbe, 0x7d, 0xe9, 0x4a,
0x11, 0x22, 0xa6, 0xd5, 0xa3, 0x6e, 0x46, 0x07, 0x70, 0x78, 0xcc, 0xd5,
0xbc, 0xfe, 0xc4, 0x39, 0x58, 0xf4, 0xbb, 0x02, 0x82, 0x01, 0x01, 0x00,
0xaa, 0x0c, 0x73, 0x30, 0x20, 0x8d, 0x15, 0x02, 0x4e, 0x4d, 0x6f, 0xfe,
0x4b, 0x99, 0x79, 0x16, 0xf0, 0x94, 0x19, 0xc1, 0x40, 0xa2, 0x36, 0x78,
0x73, 0x21, 0x78, 0x86, 0x83, 0xd1, 0x15, 0x28, 0x59, 0x00, 0xfa, 0x0a,
0xf0, 0x1f, 0xab, 0x03, 0x38, 0x35, 0x50, 0x78, 0x32, 0xe6, 0xdf, 0x98,
0x2b, 0x91, 0x7b, 0xd4, 0x84, 0x90, 0x43, 0xab, 0x5a, 0x24, 0x8b, 0xa3,
0xb6, 0x08, 0x4d, 0x5b, 0x05, 0xb5, 0xad, 0x43, 0x74, 0x7e, 0x22, 0xb7,
0x09, 0xb0, 0x3a, 0x78, 0x55, 0xfa, 0x4c, 0x3c, 0xa2, 0x2c, 0xa6, 0xf7,
0x19, 0xff, 0x76, 0xa4, 0x3d, 0x1e, 0x99, 0x51, 0xa7, 0x4e, 0x76, 0x47,
0x0f, 0x70, 0xef, 0x0b, 0x3f, 0xf2, 0x94, 0x36, 0xf3, 0x63, 0x76, 0xb9,
0x09, 0x88, 0xbb, 0xfe, 0xf9, 0x86, 0x33, 0xdf, 0x81, 0xbe, 0x6f, 0xcc,
0xa9, 0x75, 0x09, 0xe5, 0x8f, 0x8b, 0x42, 0xd0, 0x19, 0x03, 0x61, 0xd8,
0xb5, 0x78, 0xcb, 0x9c, 0xbe, 0x63, 0x4d, 0xbd, 0xce, 0x5e, 0xae, 0x7f,
0xae, 0x97, 0x88, 0x7b, 0xf4, 0x7a, 0x7b, 0xdb, 0xf6, 0x7e, 0x2c, 0x7d,
0x95, 0x6e, 0x72, 0x3a, 0x48, 0x13, 0xdb, 0xf7, 0x10, 0x07, 0x83, 0xac,
0xa1, 0x7a, 0x68, 0x18, 0x70, 0x18, 0x99, 0x7f, 0xf4, 0x8e, 0x93, 0x1a,
0x40, 0x5d, 0x04, 0x07, 0xcb, 0x4d, 0xd7, 0x66, 0x96, 0xb5, 0xd3, 0x7d,
0x8e, 0xfb, 0xe6, 0x12, 0xd0, 0x7d, 0xf0, 0xe7, 0x25, 0xa6, 0x7a, 0x86,
0x01, 0x56, 0xdd, 0xc5, 0xb2, 0x31, 0x98, 0x67, 0x3a, 0xd0, 0x9a, 0xee,
0x98, 0xca, 0x80, 0x52, 0x5a, 0x0e, 0xb7, 0xc4, 0xbf, 0xc0, 0x40, 0x24,
0x6f, 0x3b, 0xa6, 0xf6, 0xab, 0x28, 0x9e, 0xe9, 0x39, 0x3f, 0x04, 0x4b,
0xc4, 0xae, 0x55, 0xfd, 0xea, 0x87, 0xa5, 0xc5, 0x01, 0x99, 0x2e, 0x67,
0x66, 0xb3, 0xfe, 0x41, 0x02, 0x82, 0x01, 0x00, 0x05, 0x26, 0x96, 0xf2,
0xd6, 0x71, 0x36, 0xd6, 0x08, 0x4f, 0xa1, 0x3a, 0x45, 0x9e, 0xa6, 0xeb,
0x1d, 0xea, 0x8f, 0xb1, 0x1d, 0x68, 0x82, 0xc4, 0xa7, 0xd3, 0xdc, 0x08,
0xf4, 0x93, 0x93, 0x18, 0x56, 0xa5, 0xdf, 0x7b, 0x00, 0xb0, 0xee, 0x69,
0xf0, 0xea, 0xeb, 0x90, 0x1e, 0x12, 0x27, 0x64, 0x8d, 0xbe, 0xf1, 0x4b,
0x3b, 0x27, 0xe0, 0x79, 0xf1, 0x97, 0xb0, 0x7b, 0x0f, 0xdc, 0x0f, 0xda,
0x24, 0x0e, 0xd7, 0xaa, 0xe9, 0xbe, 0x86, 0x09, 0x1b, 0x07, 0x6f, 0x1c,
0x5f, 0x05, 0x1d, 0x0a, 0x0c, 0xad, 0x5f, 0xc4, 0x4f, 0x9d, 0xde, 0x79,
0x72, 0x23, 0x2c, 0xdd, 0xa8, 0x5d, 0xc5, 0x8d, 0x7f, 0x4c, 0x1a, 0x0d,
0x17, 0x75, 0x09, 0x98, 0x4a, 0xbe, 0xd5, 0x55, 0x8d, 0x0c, 0x2d, 0x05,
0x2d, 0x71, 0x5b, 0xeb, 0xde, 0x99, 0x43, 0xcc, 0x6f, 0x37, 0xce, 0x6c,
0xd0, 0xd4, 0xf5, 0xda, 0x1d, 0x8e, 0xeb, 0x28, 0x55, 0x09, 0xb1, 0x42,
0x4f, 0xa7, 0x1a, 0xde, 0xe3, 0x14, 0xf1, 0x56, 0x2e, 0x40, 0xd6, 0xb5,
0x1d, 0xee, 0x47, 0x77, 0x1d, 0xdc, 0x36, 0xfa, 0xf3, 0xbc, 0x8b, 0xa5,
0xbf, 0x1d, 0x9f, 0xa7, 0xb4, 0x04, 0xad, 0xb6, 0x0d, 0x39, 0x0e, 0xe7,
0x13, 0x3e, 0xbc, 0x94, 0x68, 0xe5, 0x1d, 0xea, 0x0c, 0x30, 0xdd, 0xb0,
0xa7, 0x03, 0xa4, 0x91, 0xde, 0xf1, 0xd8, 0xa8, 0x18, 0x1f, 0xdd, 0xb3,
0xd4, 0x2b, 0x6a, 0x8c, 0x69, 0x60, 0xda, 0x92, 0x7b, 0x1e, 0x27, 0x47,
0x82, 0xbf, 0xff, 0xfc, 0xbd, 0x03, 0xb4, 0xc1, 0x80, 0x6c, 0x07, 0x11,
0xa2, 0xdd, 0x27, 0xc1, 0x4d, 0x93, 0xe6, 0xf2, 0xd3, 0xdc, 0x61, 0xa1,
0xa3, 0xdc, 0x67, 0x69, 0xe5, 0x50, 0x1d, 0x63, 0x0e, 0xb9, 0xa9, 0x9d,
0xd6, 0x02, 0x4d, 0x7c, 0xcd, 0x2a, 0xa5, 0x37, 0x60, 0xc5, 0xf5, 0x97,
0x02, 0x82, 0x01, 0x00, 0x14, 0x8b, 0x04, 0xdb, 0x4e, 0x41, 0x4a, 0xcd,
0x86, 0x2e, 0x5f, 0x13, 0xb3, 0x48, 0x1e, 0x00, 0xdf, 0x8d, 0x0b, 0x35,
0x51, 0x51, 0x1b, 0x16, 0x3d, 0x49, 0x4e, 0xe1, 0xee, 0x4d, 0xc7, 0x03,
0xc0, 0xf6, 0x5c, 0x6c, 0x36, 0xe8, 0x22, 0xa5, 0x79, 0xb4, 0x4c, 0xce,
0xa8, 0x45, 0x12, 0x2c, 0xf3, 0x6a, 0xcd, 0x33, 0xbd, 0xd0, 0x84, 0x4d,
0xf7, 0x8f, 0xb5, 0x80, 0x1f, 0x18, 0x52, 0xad, 0xad, 0xce, 0xcd, 0x94,
0xc9, 0xc6, 0xb4, 0xd2, 0x14, 0x29, 0xe4, 0xc7, 0x40, 0xf1, 0x0b, 0x85,
0x43, 0xaf, 0x11, 0xd3, 0x46, 0x0a, 0xb1, 0x15, 0x87, 0x1f, 0x4e, 0x2e,
0xc1, 0x11, 0xe9, 0x24, 0x70, 0x40, 0xba, 0x0b, 0x0e, 0x4a, 0xac, 0x45,
0x21, 0xcc, 0x6d, 0xa4, 0x1d, 0x55, 0x33, 0x89, 0x4c, 0x65, 0x21, 0x23,
0xab, 0x61, 0x31, 0xcb, 0x11, 0x65, 0xb3, 0x80, 0xa4, 0x5a, 0x2b, 0xf1,
0x65, 0xdb, 0x4c, 0x58, 0x5a, 0xbe, 0xf3, 0x15, 0xcd, 0x94, 0xa1, 0xe4,
0xcb, 0x30, 0xfa, 0xe1, 0x28, 0x51, 0x52, 0xd2, 0xb8, 0xb4, 0x8c, 0xfc,
0x3a, 0xcc, 0xd1, 0x19, 0xa2, 0x27, 0x36, 0xfa, 0xc4, 0x23, 0x96, 0xb9,
0xc7, 0x74, 0xca, 0xf1, 0x45, 0x1f, 0x4b, 0xc2, 0x77, 0x4d, 0x32, 0x3f,
0xab, 0x7a, 0xd9, 0x2b, 0x22, 0x1d, 0xcb, 0x24, 0x58, 0x29, 0xa3, 0xb8,
0x92, 0xdb, 0x1c, 0xda, 0x84, 0x01, 0xca, 0x6d, 0x4a, 0x50, 0xd4, 0x2b,
0x79, 0xfa, 0xc5, 0x4c, 0x9d, 0x79, 0x49, 0xf1, 0xde, 0xbd, 0x3f, 0x50,
0xa7, 0xa6, 0xc6, 0xc7, 0x99, 0x61, 0x9b, 0xda, 0x38, 0xdc, 0xbe, 0x85,
0x75, 0x81, 0xb9, 0x0f, 0x33, 0xd0, 0xd4, 0xd0, 0xaa, 0xbd, 0x32, 0xc9,
0x62, 0xe8, 0x21, 0x24, 0xeb, 0x03, 0x73, 0x46, 0xb3, 0x84, 0x65, 0xf2,
0x40, 0x7d, 0x1b, 0x1b, 0x8f, 0x86, 0x7c, 0xe7
};
/* The corresponding public key, DER. */
static const unsigned char rsa_pub_key[] = {
0x30, 0x82, 0x02, 0x0a, 0x02, 0x82, 0x02, 0x01, 0x00, 0xa3, 0x14, 0xe4,
0xb8, 0xd8, 0x58, 0x0d, 0xab, 0xd7, 0x87, 0xa4, 0xf6, 0x84, 0x51, 0x74,
0x60, 0x4c, 0xe3, 0x60, 0x28, 0x89, 0x49, 0x65, 0x18, 0x5c, 0x8f, 0x1a,
0x1b, 0xe9, 0xdb, 0xc1, 0xc1, 0xf7, 0x08, 0x27, 0x44, 0xe5, 0x9d, 0x9a,
0x33, 0xc3, 0xac, 0x5a, 0xca, 0xba, 0x20, 0x5a, 0x9e, 0x3a, 0x18, 0xb5,
0x3d, 0xe3, 0x9d, 0x94, 0x58, 0xa7, 0xa9, 0x5a, 0x0b, 0x4f, 0xb8, 0xe5,
0xa3, 0x7b, 0x01, 0x11, 0x0f, 0x16, 0x11, 0xb8, 0x65, 0x2f, 0xa8, 0x95,
0xf7, 0x58, 0x2c, 0xec, 0x1d, 0x41, 0xad, 0xd1, 0x12, 0xca, 0x4a, 0x80,
0x35, 0x35, 0x43, 0x7e, 0xe0, 0x97, 0xfc, 0x86, 0x8f, 0xcf, 0x4b, 0xdc,
0xbc, 0x15, 0x2c, 0x8e, 0x90, 0x84, 0x26, 0x83, 0xc1, 0x96, 0x97, 0xf4,
0xd7, 0x90, 0xce, 0xfe, 0xd4, 0xf3, 0x70, 0x22, 0xa8, 0xb0, 0x1f, 0xed,
0x08, 0xd7, 0xc5, 0xc0, 0xd6, 0x41, 0x6b, 0x24, 0x68, 0x5c, 0x07, 0x1f,
0x44, 0x97, 0xd8, 0x6e, 0x18, 0x93, 0x67, 0xc3, 0xba, 0x3a, 0xaf, 0xfd,
0xc2, 0x65, 0x00, 0x21, 0x63, 0xdf, 0xb7, 0x28, 0x68, 0xd6, 0xc0, 0x20,
0x86, 0x92, 0xed, 0x68, 0x6a, 0x27, 0x3a, 0x07, 0xec, 0x66, 0x00, 0xfe,
0x51, 0x51, 0x86, 0x41, 0x6f, 0x83, 0x69, 0xd2, 0xf0, 0xe6, 0xf7, 0x61,
0xda, 0x12, 0x45, 0x53, 0x09, 0xdf, 0xf8, 0x42, 0xc7, 0x30, 0x6a, 0xe5,
0xd8, 0x2b, 0xa2, 0x49, 0x7a, 0x05, 0x10, 0xee, 0xb2, 0x59, 0x0a, 0xe5,
0xbe, 0xf8, 0x4d, 0x0f, 0xa8, 0x9e, 0x63, 0x81, 0x39, 0x32, 0xaa, 0xfd,
0xa8, 0x03, 0xf6, 0xd8, 0xc6, 0xaa, 0x02, 0x93, 0x03, 0xeb, 0x15, 0xd3,
0x38, 0xc8, 0x1a, 0x78, 0xcf, 0xf3, 0xa7, 0x9f, 0x98, 0x4b, 0x91, 0x5b,
0x79, 0xf8, 0x4e, 0x53, 0xaf, 0x0c, 0x65, 0xe9, 0xb0, 0x93, 0xc2, 0xcb,
0x5d, 0x3c, 0x5f, 0x6e, 0x39, 0xd2, 0x58, 0x23, 0x50, 0xe5, 0x2e, 0xef,
0x12, 0x00, 0xa4, 0x59, 0x13, 0x2b, 0x2f, 0x2c, 0x0a, 0x7b, 0x36, 0x89,
0xc5, 0xe5, 0x8f, 0x95, 0x5e, 0x14, 0x0f, 0x0f, 0x94, 0x5a, 0xe9, 0xdc,
0x0b, 0x49, 0x14, 0xbe, 0x0a, 0x70, 0x45, 0xc1, 0x7c, 0xbf, 0x83, 0x70,
0xfd, 0x3d, 0x99, 0xe6, 0x8a, 0xf5, 0x9c, 0x09, 0x71, 0x84, 0x9a, 0x18,
0xa0, 0xe0, 0x6c, 0x43, 0x5c, 0x7e, 0x48, 0x33, 0xc8, 0xbe, 0x5d, 0xdd,
0xd8, 0x77, 0xe3, 0xe7, 0x6b, 0x34, 0x4b, 0xa2, 0xb7, 0x54, 0x07, 0x72,
0x2e, 0xab, 0xa9, 0x91, 0x1e, 0x4b, 0xe3, 0xb5, 0xd8, 0xfa, 0x35, 0x64,
0x8a, 0xe9, 0x03, 0xa1, 0xa8, 0x26, 0xbd, 0x72, 0x58, 0x10, 0x6a, 0xec,
0x1a, 0xf6, 0x1e, 0xb8, 0xc0, 0x46, 0x19, 0x31, 0x2c, 0xca, 0xf9, 0x6a,
0xd7, 0x2e, 0xd0, 0xa7, 0x2c, 0x60, 0x58, 0xc4, 0x8f, 0x46, 0x63, 0x61,
0x8d, 0x29, 0x6f, 0xe2, 0x5f, 0xe2, 0x43, 0x90, 0x9c, 0xe6, 0xfc, 0x08,
0x41, 0xc8, 0xb5, 0x23, 0x56, 0x24, 0x3e, 0x3a, 0x2c, 0x41, 0x22, 0x43,
0xda, 0x22, 0x15, 0x2b, 0xad, 0xd0, 0xfa, 0xc8, 0x47, 0x44, 0xe6, 0x2a,
0xf9, 0x38, 0x90, 0x13, 0x62, 0x22, 0xea, 0x06, 0x8c, 0x44, 0x9c, 0xd6,
0xca, 0x50, 0x93, 0xe9, 0xd4, 0x03, 0xd8, 0x3e, 0x71, 0x36, 0x4b, 0xaa,
0xab, 0xbb, 0xe2, 0x48, 0x66, 0x26, 0x53, 0xb1, 0x6d, 0x3b, 0x82, 0x2c,
0x8c, 0x25, 0x05, 0xf0, 0xf8, 0xcf, 0x55, 0xbf, 0x8e, 0x29, 0xf7, 0x54,
0x5b, 0x6f, 0x30, 0x54, 0xa6, 0xad, 0x46, 0xff, 0x22, 0x95, 0xb1, 0x87,
0x98, 0x00, 0x51, 0x69, 0x15, 0x07, 0xbd, 0x3d, 0x9c, 0x6e, 0xaa, 0xaa,
0x3b, 0x0b, 0x74, 0x65, 0x4c, 0x04, 0xe0, 0x80, 0x3e, 0xaf, 0x5e, 0x10,
0xd6, 0x9b, 0x28, 0x37, 0x6f, 0x02, 0x03, 0x01, 0x00, 0x01
};

204
deps/openssl/openssl/demos/signature/rsa_pss_direct.c vendored
View File

@ -1,204 +0,0 @@
/*
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <stdlib.h>
#include <openssl/core_names.h>
#include <openssl/evp.h>
#include <openssl/rsa.h>
#include <openssl/params.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include "rsa_pss.h"
/*
* The digest to be signed. This should be the output of a hash function.
* Here we sign an all-zeroes digest for demonstration purposes.
*/
static const unsigned char test_digest[32] = {0};
/* A property query used for selecting algorithm implementations. */
static const char *propq = NULL;
/*
* This function demonstrates RSA signing of a SHA-256 digest using the PSS
* padding scheme. You must already have hashed the data you want to sign.
* For a higher-level demonstration which does the hashing for you, see
* rsa_pss_hash.c.
*
* For more information, see RFC 8017 section 9.1. The digest passed in
* (test_digest above) corresponds to the 'mHash' value.
*/
static int sign(OSSL_LIB_CTX *libctx, unsigned char **sig, size_t *sig_len)
{
int rv = 0;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
EVP_MD *md = NULL;
const unsigned char *ppriv_key = NULL;
*sig = NULL;
/* Load DER-encoded RSA private key. */
ppriv_key = rsa_priv_key;
pkey = d2i_PrivateKey_ex(EVP_PKEY_RSA, NULL, &ppriv_key,
sizeof(rsa_priv_key), libctx, propq);
if (pkey == NULL) {
fprintf(stderr, "Failed to load private key\n");
goto end;
}
/* Fetch hash algorithm we want to use. */
md = EVP_MD_fetch(libctx, "SHA256", propq);
if (md == NULL) {
fprintf(stderr, "Failed to fetch hash algorithm\n");
goto end;
}
/* Create signing context. */
ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
if (ctx == NULL) {
fprintf(stderr, "Failed to create signing context\n");
goto end;
}
/* Initialize context for signing and set options. */
if (EVP_PKEY_sign_init(ctx) == 0) {
fprintf(stderr, "Failed to initialize signing context\n");
goto end;
}
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PSS_PADDING) == 0) {
fprintf(stderr, "Failed to configure padding\n");
goto end;
}
if (EVP_PKEY_CTX_set_signature_md(ctx, md) == 0) {
fprintf(stderr, "Failed to configure digest type\n");
goto end;
}
/* Determine length of signature. */
if (EVP_PKEY_sign(ctx, NULL, sig_len,
test_digest, sizeof(test_digest)) == 0) {
fprintf(stderr, "Failed to get signature length\n");
goto end;
}
/* Allocate memory for signature. */
*sig = OPENSSL_malloc(*sig_len);
if (*sig == NULL) {
fprintf(stderr, "Failed to allocate memory for signature\n");
goto end;
}
/* Generate signature. */
if (EVP_PKEY_sign(ctx, *sig, sig_len,
test_digest, sizeof(test_digest)) != 1) {
fprintf(stderr, "Failed to sign\n");
goto end;
}
rv = 1;
end:
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
EVP_MD_free(md);
if (rv == 0)
OPENSSL_free(*sig);
return rv;
}
/*
* This function demonstrates verification of an RSA signature over a SHA-256
* digest using the PSS signature scheme.
*/
static int verify(OSSL_LIB_CTX *libctx, const unsigned char *sig, size_t sig_len)
{
int rv = 0;
const unsigned char *ppub_key = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
EVP_MD *md = NULL;
/* Load DER-encoded RSA public key. */
ppub_key = rsa_pub_key;
pkey = d2i_PublicKey(EVP_PKEY_RSA, NULL, &ppub_key, sizeof(rsa_pub_key));
if (pkey == NULL) {
fprintf(stderr, "Failed to load public key\n");
goto end;
}
/* Fetch hash algorithm we want to use. */
md = EVP_MD_fetch(libctx, "SHA256", propq);
if (md == NULL) {
fprintf(stderr, "Failed to fetch hash algorithm\n");
goto end;
}
/* Create verification context. */
ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
if (ctx == NULL) {
fprintf(stderr, "Failed to create verification context\n");
goto end;
}
/* Initialize context for verification and set options. */
if (EVP_PKEY_verify_init(ctx) == 0) {
fprintf(stderr, "Failed to initialize verification context\n");
goto end;
}
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PSS_PADDING) == 0) {
fprintf(stderr, "Failed to configure padding\n");
goto end;
}
if (EVP_PKEY_CTX_set_signature_md(ctx, md) == 0) {
fprintf(stderr, "Failed to configure digest type\n");
goto end;
}
/* Verify signature. */
if (EVP_PKEY_verify(ctx, sig, sig_len,
test_digest, sizeof(test_digest)) == 0) {
fprintf(stderr, "Failed to verify signature; "
"signature may be invalid\n");
goto end;
}
rv = 1;
end:
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
EVP_MD_free(md);
return rv;
}
int main(int argc, char **argv)
{
int rv = 1;
OSSL_LIB_CTX *libctx = NULL;
unsigned char *sig = NULL;
size_t sig_len = 0;
if (sign(libctx, &sig, &sig_len) == 0)
goto end;
if (verify(libctx, sig, sig_len) == 0)
goto end;
rv = 0;
end:
OPENSSL_free(sig);
OSSL_LIB_CTX_free(libctx);
return rv;
}

189
deps/openssl/openssl/demos/signature/rsa_pss_hash.c vendored
View File

@ -1,189 +0,0 @@
/*
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <stdlib.h>
#include <openssl/core_names.h>
#include <openssl/evp.h>
#include <openssl/rsa.h>
#include <openssl/params.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include "rsa_pss.h"
/* The data to be signed. This will be hashed. */
static const char test_message[] =
"This is an example message to be signed.";
/* A property query used for selecting algorithm implementations. */
static const char *propq = NULL;
/*
* This function demonstrates RSA signing of an arbitrary-length message.
* Hashing is performed automatically. In this example, SHA-256 is used. If you
* have already hashed your message and simply want to sign the hash directly,
* see rsa_pss_direct.c.
*/
static int sign(OSSL_LIB_CTX *libctx, unsigned char **sig, size_t *sig_len)
{
int rv = 0;
EVP_PKEY *pkey = NULL;
EVP_MD_CTX *mctx = NULL;
OSSL_PARAM params[2], *p = params;
const unsigned char *ppriv_key = NULL;
*sig = NULL;
/* Load DER-encoded RSA private key. */
ppriv_key = rsa_priv_key;
pkey = d2i_PrivateKey_ex(EVP_PKEY_RSA, NULL, &ppriv_key,
sizeof(rsa_priv_key), libctx, propq);
if (pkey == NULL) {
fprintf(stderr, "Failed to load private key\n");
goto end;
}
/* Create MD context used for signing. */
mctx = EVP_MD_CTX_new();
if (mctx == NULL) {
fprintf(stderr, "Failed to create MD context\n");
goto end;
}
/* Initialize MD context for signing. */
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE,
OSSL_PKEY_RSA_PAD_MODE_PSS, 0);
*p = OSSL_PARAM_construct_end();
if (EVP_DigestSignInit_ex(mctx, NULL, "SHA256", libctx, propq,
pkey, params) == 0) {
fprintf(stderr, "Failed to initialize signing context\n");
goto end;
}
/*
* Feed data to be signed into the algorithm. This may
* be called multiple times.
*/
if (EVP_DigestSignUpdate(mctx, test_message, sizeof(test_message)) == 0) {
fprintf(stderr, "Failed to hash message into signing context\n");
goto end;
}
/* Determine signature length. */
if (EVP_DigestSignFinal(mctx, NULL, sig_len) == 0) {
fprintf(stderr, "Failed to get signature length\n");
goto end;
}
/* Allocate memory for signature. */
*sig = OPENSSL_malloc(*sig_len);
if (*sig == NULL) {
fprintf(stderr, "Failed to allocate memory for signature\n");
goto end;
}
/* Generate signature. */
if (EVP_DigestSignFinal(mctx, *sig, sig_len) == 0) {
fprintf(stderr, "Failed to sign\n");
goto end;
}
rv = 1;
end:
EVP_MD_CTX_free(mctx);
EVP_PKEY_free(pkey);
if (rv == 0)
OPENSSL_free(*sig);
return rv;
}
/*
* This function demonstrates verification of an RSA signature over an
* arbitrary-length message using the PSS signature scheme. Hashing is performed
* automatically.
*/
static int verify(OSSL_LIB_CTX *libctx, const unsigned char *sig, size_t sig_len)
{
int rv = 0;
EVP_PKEY *pkey = NULL;
EVP_MD_CTX *mctx = NULL;
OSSL_PARAM params[2], *p = params;
const unsigned char *ppub_key = NULL;
/* Load DER-encoded RSA public key. */
ppub_key = rsa_pub_key;
pkey = d2i_PublicKey(EVP_PKEY_RSA, NULL, &ppub_key, sizeof(rsa_pub_key));
if (pkey == NULL) {
fprintf(stderr, "Failed to load public key\n");
goto end;
}
/* Create MD context used for verification. */
mctx = EVP_MD_CTX_new();
if (mctx == NULL) {
fprintf(stderr, "Failed to create MD context\n");
goto end;
}
/* Initialize MD context for verification. */
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE,
OSSL_PKEY_RSA_PAD_MODE_PSS, 0);
*p = OSSL_PARAM_construct_end();
if (EVP_DigestVerifyInit_ex(mctx, NULL, "SHA256", libctx, propq,
pkey, params) == 0) {
fprintf(stderr, "Failed to initialize signing context\n");
goto end;
}
/*
* Feed data to be signed into the algorithm. This may
* be called multiple times.
*/
if (EVP_DigestVerifyUpdate(mctx, test_message, sizeof(test_message)) == 0) {
fprintf(stderr, "Failed to hash message into signing context\n");
goto end;
}
/* Verify signature. */
if (EVP_DigestVerifyFinal(mctx, sig, sig_len) == 0) {
fprintf(stderr, "Failed to verify signature; "
"signature may be invalid\n");
goto end;
}
rv = 1;
end:
EVP_MD_CTX_free(mctx);
EVP_PKEY_free(pkey);
return rv;
}
int main(int argc, char **argv)
{
int rv = 1;
OSSL_LIB_CTX *libctx = NULL;
unsigned char *sig = NULL;
size_t sig_len = 0;
if (sign(libctx, &sig, &sig_len) == 0)
goto end;
if (verify(libctx, sig, sig_len) == 0)
goto end;
rv = 0;
end:
OPENSSL_free(sig);
OSSL_LIB_CTX_free(libctx);
return rv;
}

29
deps/openssl/openssl/demos/smime/cacert.pem vendored
View File

@ -1,29 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIFBjCCA26gAwIBAgIUM/WihZJZUTZvqoyNaUlp59DOaWYwDQYJKoZIhvcNAQEL
BQAwVzELMAkGA1UEBhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwN
T3BlblNTTCBHcm91cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0x
ODA2MTQxMjQ2MjhaGA8yMTE4MDYxNDEyNDYyOFowVzELMAkGA1UEBhMCVUsxEjAQ
BgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91cDEcMBoGA1UE
AwwTVGVzdCBTL01JTUUgUm9vdCBDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCC
AYoCggGBAMzxOVHZFVxN9XQIVW3y1bK5ir3jKpKkU6zKrw8MdRvm233eqWSOYJvs
3rgdT59iv+CaPcBT5offbP0eH43H96CubJji/vQLMUzc/cLrJuCbLHREbSCsFNpf
lYw5mkT98dCFV66HuN6Nwqi5kW8TxGSXkD4OZqklbbicrXoXh5qhREID5hgbrijy
BiIHyp6bDq5zUCcmHP/Gdw2aTMEQZNsdw4MavtB65vI7dYxo2zEzdmJ3NnjlG7qZ
6Od6V4IW8yRAK9GLj0TUCZl28pq6rNio+F5Lst3clX9PDxh7LphNrXXYiHjXp2Kn
LZbOnz1SJSmCeisy/EFN6fRtwdwqcM1AcKNBU+UqFq0Mv0sgNdRwghYWGQht0mT9
+Pg5HxTzDlOOmBT1kAduxJNLiRQlgysPDN94Os0EpzJyA87Z6yJRGvYGZ5mrdfx2
8p6bHptf46h1WzCX4wDy2J86y+odgWMnSkmF9h8ySj66rgmLrz40n+mDm8bhUblK
AV8IqN8WmQIDAQABo4HHMIHEMB0GA1UdDgQWBBSkmMaBYQPTEGcqe1maU2IDOMLQ
ezCBlAYDVR0jBIGMMIGJgBSkmMaBYQPTEGcqe1maU2IDOMLQe6FbpFkwVzELMAkG
A1UEBhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBH
cm91cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQYIUM/WihZJZUTZvqoyN
aUlp59DOaWYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAqP1CQRGM
roHvk6dhI4ElNae5seRdSQNTtwAhlP1RoSoFz8xybMgDksKE07t77gDsKvU2SuXV
fdICqVpjpN9cRYKM6VmiREdU6OGsPQ74u4sOg4cT/tuou0RsD/uQaznb5NOvo2T0
8rmX0Ai3+lbEuMBCaGNU0KYJifYy4QrSqEapq4W3NbqH85msOiKHEDh1vz9IWz6z
WKjdv9lst56XuLTZrJ/O0T0qD6aMXyqK6ZART/FELjDXc+9Ey4TH+msOEKq0uQWt
y7Grfmz52dTnAjBw+6/ggE9sA8Wo6DhwbEUaOA9BB5YP+XWsIkUUbiVHU7D8TyiE
KHt2DkaWvjl1/RdtzQUO/vGI4yuFTZfLf23KcwgtHJI3JxLNAMLM3I2jmoWhKm/d
GkVYsGH1GWonv0UTv/TKlOXaTYWK9fQVoYkFc+FrwUd2lev5FizJNigL9qatGyRZ
giJmWWlf0bMMIxwWZzQswxLyKdkNlvkKf9T6BjEmGLeOHZCn0x2sOyUi
-----END CERTIFICATE-----

39
deps/openssl/openssl/demos/smime/cakey.pem vendored
View File

@ -1,39 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIG5QIBAAKCAYEAzPE5UdkVXE31dAhVbfLVsrmKveMqkqRTrMqvDwx1G+bbfd6p
ZI5gm+zeuB1Pn2K/4Jo9wFPmh99s/R4fjcf3oK5smOL+9AsxTNz9wusm4JssdERt
IKwU2l+VjDmaRP3x0IVXroe43o3CqLmRbxPEZJeQPg5mqSVtuJyteheHmqFEQgPm
GBuuKPIGIgfKnpsOrnNQJyYc/8Z3DZpMwRBk2x3Dgxq+0Hrm8jt1jGjbMTN2Ync2
eOUbupno53pXghbzJEAr0YuPRNQJmXbymrqs2Kj4Xkuy3dyVf08PGHsumE2tddiI
eNenYqctls6fPVIlKYJ6KzL8QU3p9G3B3CpwzUBwo0FT5SoWrQy/SyA11HCCFhYZ
CG3SZP34+DkfFPMOU46YFPWQB27Ek0uJFCWDKw8M33g6zQSnMnIDztnrIlEa9gZn
mat1/Hbynpsem1/jqHVbMJfjAPLYnzrL6h2BYydKSYX2HzJKPrquCYuvPjSf6YOb
xuFRuUoBXwio3xaZAgMBAAECggGBAJrqILzozke2ujpablEtBTITJHgC9lRgmMt9
bjR+4ysTJ4kOvZbANPDIbVZY+a3uVEIv9UujYBgG4Hi4w3tF074G+xnaRIQuzbZf
OgaUABA527GLY74VtbGYHRAhHqbWGmrX0H6iIzE/kQw/MVr4YzTyiFsQQbPMEhNB
g7RNgvh0vIb2MYC5s71JrS8eGqAnb0KY8daV7ce9upJyt2Acx1AGQJqipegrbtVd
8q4PONkJIIyvtmJONNaprq8DAJDaTNdcZu7f7mymF5UFpp4Lh6raAvOZAZjgkPYW
PsX2uMAsYchXTmSDGOHNafqeyTS0UEaw6FRhpxzMoSxRXX4/RhjeShadYwHxbh7s
UwFU7S9EWlj8CjgGs00KFM1eMV0sEYsL8sRf7ZiWM5XJsmXKbRZjA5V+7OoSGElB
zJcERK6NFCISijApZlVveEVZS0qESivKd9bspOzbMdoJyjBW1LZdMH85YIwM8Dox
VqGR0QD3UP8RpZBRwTiFenqOpwARnQKBwQD1NBGcTxLLUUluEBG/TD9KM5sCnkm8
cn5RomwTeBrUr9SXOJuUPa8RNLrAeosuWCrx9JkF25IBExQbbs1NRHuziOIOyI0+
hvqP85zJln7kUDtiDMFfUdS8Q6PF3b3wJl6cbipowWwsahvUSkx3W8UWrzZHsvrO
LBtvEZdwetNWN50FK040uM6y/x71xfvUhlKBsuZBgDFU9aXJZAGpkCklZnByURN6
LZudDQETdYo7/X8qqPlcHwHStGj9YXg/e38CgcEA1fdVA6s+KlRUGRTUDaUFPDji
MciTcvA3teXJWNAsFWd71oLT5eQNI50afF242ikTT6JuXFH0mMYKoVe/LFo7m2mf
uLcW4yM/FiKTkhnBQGm7KNqyvXB0T0DWTDSeS7hTzD6KjuJPf7JVH5I4In8jSKJd
3mzTA9keIosnxjX7EOsZNQd0+MKaJYHnvJsxYaoT9FXoONuyzQu96TQ8Q+fkVHXh
I/ENAw0qfoJ5mw5dQnU2UtjP6cSNVQ9Rsr48GNnnAoHBAJcI65AMZNc3yrMw0r2y
iYl7IBAMz/5zx7shANE9OcmoRJqhE7PMCvneMOo+kVyKkmlW8KrbBKQEzG3ZYjwl
4sxDlHrmrZnGKrBgrkK9oIuhn/JVSQcdsJwGTeqjG0vBVqWkdhrwiWESOvIYkeEz
dcLzScwAQtyb7ooLm+x8u5Bv0RhOBG4VJ7y5yKg6u1O9KTUarRnLjJd4eBYEs8Fu
Oun+n2TK6+RmE2Q5jmAeFne9PYdZbb+Ame7fkYwBbcAsoQKBwQC1KHQSZyp7LGsH
0Vq5Mr77/i2FeQ1eg4SnvaZ8S8UHWla/iIVgX3XAcYO7SJ76F00CX8SQ5dLyhrr5
YBG8u6k8LHHPMzVtmqoPU7cePDAjGWIddQ1g15WihILsgqCD+8z3YPxvfa1RsOvh
jyt4Ca0WEmLnr7v5xhp9pNRIPewUpvjwrR+cfyeEGjjat4tX5Wh/tzym51y7vvVM
Pa3I0M3BtQyqIa2ip8MS2eWcIs1TN2qHOorOolwHaLEDZY38fIECgcAKns98A2G3
tLvZaDZlVsJWZsdSDUrFCKvx9QbTZHbyOL5JU/8TgLBgfOgV2yxLXn9Pq+0Quvb2
EjaFuA3GKOFi50WtfwR6Yo1DaFcx5n0bDShnaHOF+dUi0BVQd2V1DsqAwF5/Eh3A
lX+XuWeSam4/91WhmNMCZpfYv0GErs4ZBHHsl54jmvrrjbhg/efUvpWKi/9vlKm+
+ITH+nG1xCnyEEVZ+vm9Qq57lCLBZGyGT4PetllpsRrGcdO4/gfK8lY=
-----END RSA PRIVATE KEY-----

3
deps/openssl/openssl/demos/smime/encr.txt vendored
View File

@ -1,3 +0,0 @@
Content-type: text/plain
Sample OpenSSL Data for PKCS#7 encryption

3
deps/openssl/openssl/demos/smime/sign.txt vendored
View File

@ -1,3 +0,0 @@
Content-type: text/plain
Test OpenSSL Signed Content

52
deps/openssl/openssl/demos/smime/signer.pem vendored
View File

@ -1,52 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIELDCCApSgAwIBAgIIcsOElVeHzfQwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UE
BhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91
cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0xODA2MTQxMjQ2Mjha
GA8yMTE4MDYxNDEyNDYyOFowVjELMAkGA1UEBhMCVUsxJTAjBgNVBAMMHE9wZW5T
U0wgdGVzdCBTL01JTUUgc2lnbmVyIDExIDAeBgkqhkiG9w0BCQEWEXRlc3QxQG9w
ZW5zc2wub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vvSgaL1
byi9AE8Ep3v7Yv36JxYywaZhUy8dEFRiYn6NsVhhNo6SK1Mp8daQ0MZoMzbT1aKp
JTLTgDJZHit2t1d6l3aWJG+cbcLua+XKowaZjj6rirB390fuL4qt5PiAb571QFtu
L8apcydwGEdkaPRuCnvctN8VcZPTKh+M8VEESyxk5K37QYKaAB6ItWR5KhjiAuDt
zsJbjEtOvGtmu2FRCU47GzfkdjYo7tY38WTY+2WWh+idKErtmYSinmhE0H7+yoJB
s1VCI+cq5tVW+oEO9HF4vEDEUykEFFPsCEkIWM+RjCgK8cRSCpg6VQr+ZTii6k7C
m9CP81QhUoV3QwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P
cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUg1DE7OaNqMQQ
8Z1bvjhnlisxfsMwHwYDVR0jBBgwFoAUpJjGgWED0xBnKntZmlNiAzjC0HswDQYJ
KoZIhvcNAQELBQADggGBAGxAivCwPsAYmMZfVJTELWNNMBzKzmeRvrp6k/6S74Pw
LDEhTnslCV4U1gTSd3nQ+LRm1fkzxLA12A/rlqN51P8B+hyVSMN9dj54YUcFd+KO
XhkSDrSpph6hRqGy8zqELzlb1Q8yoIBclEmyv+CkXMrpnm+4JL4kzyj/iBRkZTDz
ns15jJD9KHgrOnclaoDRkOT6lGbsd3j+aviKEj8ZILufSMw+W2YORy3nSAencjbO
ezivVujqm+pjkfqdCS1HcFB7LhQEILfFqkssw8YmtJVrM9LF8VIcqueXbVZmeS/1
QV5B7OEmtsM+NkoLF5ldWdPQvmftbShh+AAlpcsmqiRefQgA3aQn6YOnOHnnQwgB
oQRNjQXsjgxV4t2HFYpwkK41kx4HToVGciPNMkndzfY/GJmgXsXfB6/AfUfhLTDv
tbws1MZhaCNOffw3/SVS2nLREMFCGn5uAgNkqssWqeWJu3910XF640tqPBj5YGFc
fykwWNhG5xS04EHpztgKdQ==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA1vvSgaL1byi9AE8Ep3v7Yv36JxYywaZhUy8dEFRiYn6NsVhh
No6SK1Mp8daQ0MZoMzbT1aKpJTLTgDJZHit2t1d6l3aWJG+cbcLua+XKowaZjj6r
irB390fuL4qt5PiAb571QFtuL8apcydwGEdkaPRuCnvctN8VcZPTKh+M8VEESyxk
5K37QYKaAB6ItWR5KhjiAuDtzsJbjEtOvGtmu2FRCU47GzfkdjYo7tY38WTY+2WW
h+idKErtmYSinmhE0H7+yoJBs1VCI+cq5tVW+oEO9HF4vEDEUykEFFPsCEkIWM+R
jCgK8cRSCpg6VQr+ZTii6k7Cm9CP81QhUoV3QwIDAQABAoIBAQC6LCWmIisNcmgK
RmOvbszKc0sYYj7eOGl8EgbHR2xUA2hNNk4pYtnuLvzZ84hBZDCEeWyFS3HTRuql
z/QhDl6mc1k0pXtsXkNHQlIamksbVvHPnzIKzrt1J5N7FEt3SERhZXTZoNQRB6di
k7qdK+YmhdZtucnt0GrPisaJaf0yU/EjLuX+MU/0Xrc23lVhR3yqYhaOhWvrxTHM
evykI0kOL+gU58eN2eWE4ELjS2z+njKDqcEyeIy00FdBAtCoKjMsWpRytKNmcFm9
LdtMmizskF8VS3+XsDbkseIODx1xJ65IFmHHMV2xLG5/+bQppkB8JuE3EDrtFiUJ
lGdfmBlxAoGBAP3Asg0drdunv7imeEOGpyj5JwF1hCVQ71IBGdqTr3aPqOlDH/io
up7t+VBuSLqj1P20HygNjow+ALw/Ko+a0icodg7QA2Co0/RiBwa+u2SgpYDqC9Kt
KIdRcv+NXkhXF/DLIn0jJvI53OtKsbgTv/C+aCipblofnO9sF4AhShq1AoGBANjj
Ou0czloNORbk3qAxLi4b5P/YOyZBJDa0zijFdD1jImfOeyNFXeg2ID+8ZjDkP/eP
pLy/Gt/8bVb+O+9wMOho3kWKZBN3O2VsLJYakAehDsC5ax7i2HtEqg1L1krW2duS
POiKg3qNjETM30zTA4pHwkNAETIktResze7SRm0XAoGABH7KaLMS5mZFXjcMwF19
TpuDVmJHkgWqB7DfTWD6ZcZLvr4irdwHWlNq7ELX5P6MAmaTerkqwk9C4hLYZSzf
9jOgS8jhlm/HOXgXGcZ9OV4jMHJ0/Sl2I1eNCvvtJKjuUqS2mrLpuLbPtBdhqJoo
91HYNIgz3ULcG921WN6+GlUCgYEA066T6LDgxgt52NpwXrEhfWdETmDg+ilCCxLU
0/5DwVZsUhy5Gmeti+Kn/w0GQFnGBP1xr7ZlqI9auDlSjhNV6L/RkNXNbyJEGm1F
5wrt4ERVfcx6vJ5y43zU7D1EXa7s2t0UDXKDeK2GZe//UZ/yKJh5BeIV5nblOMI0
DA+3JOkCgYEA80QGLjGlCvxKceVbuohbIZ1+/EoXPq993ER9S8D2MTGATsEcygtF
rM8JcHTv75sjycqu68BAQr1Z5qwwrMyY0vWVEorKzvAXEWolC67asR4cDutOd+qy
WlEIyojX45GwHCHpcbVRiGRWuj3kwkc+WzdgusBoAJrPCigES/Cr8uA=
-----END RSA PRIVATE KEY-----

52
deps/openssl/openssl/demos/smime/signer2.pem vendored
View File

@ -1,52 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIELDCCApSgAwIBAgIIcsOElVeHzfUwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UE
BhMCVUsxEjAQBgNVBAcMCVRlc3QgQ2l0eTEWMBQGA1UECgwNT3BlblNTTCBHcm91
cDEcMBoGA1UEAwwTVGVzdCBTL01JTUUgUm9vdCBDQTAgFw0xODA2MTQxMjQ2Mjha
GA8yMTE4MDYxNDEyNDYyOFowVjELMAkGA1UEBhMCVUsxJTAjBgNVBAMMHE9wZW5T
U0wgdGVzdCBTL01JTUUgc2lnbmVyIDIxIDAeBgkqhkiG9w0BCQEWEXRlc3QyQG9w
ZW5zc2wub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ledrM9R
3x3bZypZAEi00DJYAmLS5F6Gg3+xpjE745UWKrjDAY5KswavKKa3vZxoUz2omNSg
4nYfLSowq7AI3VnZ8LwNo8lAeo7AX9elrsmzQzhr2DCdCdbRhCWoiS/ba5tKIhlb
gFnP+pB8jhC9qZuQJkpVaivywMW8rA9DRbeDcQjDKhUi0ukVDYHDd9+FtNM3H1t3
AUGWBecjWYa4hXC3CsH3+cFBZKjAepL74hqiEfsEyzKesft3NFd1AcVY9W5MRCK4
lUFiDbBtIgPkvPJeoEs/kFp3+OvJFDwi4K4Z6XzALyT0LXNx6w3kSfx0TLdNjXLD
O9a2dzwhHhPtCQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P
cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUYJEUXnMb/ux0
WrzSh+bnhpi6GS0wHwYDVR0jBBgwFoAUpJjGgWED0xBnKntZmlNiAzjC0HswDQYJ
KoZIhvcNAQELBQADggGBAFbrwfsSciDFI97c7oqS8jtxOSa3c4B7xhmcgUkYCiaD
7mbZuqTUf4ltJJZXP/TJ44fhL0zVAvRXSXw1LE3YvLGOlBc6dM3D7DyL5pfUTUBY
ICt+NLfG5iHtkiZPPSfK2t5f4UGFwU/ERT62sLu4keLI5igi9J2jKSykN3u5SQ3s
Zsennow5zUsFkcz9hkB4RczlHRogA0SgVhELQbN1nYIqJJDRFZL+CmarDRTFMilk
7dXCacw6xt9vIc3ZXO+pu2g1ezgSPwOoUykQcL3UhAEIIyt+TRe3fafh5TXwd8tr
FAecAuz5Mqsmek5nEW9ZeYmxNz5VFwc4F61y4xFj7lI0frLCCAu3gVoqiQrW+WwR
e27z1Nm4uUcduFqj45Pu2eTyV3LZtLUbFvL5ZSPUCSk1wVmC2otX8ksFDDTO1rIy
l5Qd1g1P8bLuj8NG98J2zVOabtaxYCAIBPZ3dUh2eNrPKoLAvrgKh1MH+K2Eh5Oy
z1T4Eu+e5Kq/uQkZpI5QzA==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEA1ledrM9R3x3bZypZAEi00DJYAmLS5F6Gg3+xpjE745UWKrjD
AY5KswavKKa3vZxoUz2omNSg4nYfLSowq7AI3VnZ8LwNo8lAeo7AX9elrsmzQzhr
2DCdCdbRhCWoiS/ba5tKIhlbgFnP+pB8jhC9qZuQJkpVaivywMW8rA9DRbeDcQjD
KhUi0ukVDYHDd9+FtNM3H1t3AUGWBecjWYa4hXC3CsH3+cFBZKjAepL74hqiEfsE
yzKesft3NFd1AcVY9W5MRCK4lUFiDbBtIgPkvPJeoEs/kFp3+OvJFDwi4K4Z6XzA
LyT0LXNx6w3kSfx0TLdNjXLDO9a2dzwhHhPtCQIDAQABAoIBAGMEGJfTMiwS+979
ph3GeJjRGO0JQAk1TYiDvcpbZiItJg9YSOV4GTP4u4PY+HqEPYFus2relu/mx2Iy
4kb9zCqNLmvSQ67M8pdrSJ093pEPJlvAPbmiQ3lfHmyghOnTDNb55tY3xphVZQmI
I7HxM9ydO4skva6NXNgGwLDvYBFc6z6d95ai/WEFWHOt5Mt7OVOWAHQ0lAOofWLA
2BwKmrQnCwMvm1TMoKaAU/ngTToUGBMIN1HwRcY6qDraZte5o3EDRABHB78OHrSu
I/Eoi//5C8A7iZ5Y189lMbahIN6xVMwHwwIqLptTV2GNZOKSiIXnM06vIf4CPZKl
3VlwBgECgYEA/BKnn23KtefA906QNkrIOXASLEE1T77NlTYIRDTsUoz6XTVSvOCI
ARxdsoLwFko5ICMhti9S/1G/MYH0BoJN8rbzvjmZDfwF612p0AYALyBlRgW+ID9L
41CJQcLWxeiQd/GcrUZmudVNUGXa8nsNHmFleGLchXeqU7M6fljJOkECgYEA2a56
yvYQgMF/SIPkxU1+WcQC6+JGc+ax220/lysBsDb4SkXomfGtFWbenxwamuQu+n67
DJWi9oJIi9Vj4eKOXS6vjCAkYeLgCpK6S26frPtxJuZwl/lF7mFl8Z4ZnJeiFJ4h
AXt5r9vqnOZtCnLqRRAlqF5OswWgv/mhJ6jpMMkCgYBMPaAxWlXLexMkOcDoiunQ
ZZM5i2eCfSVVEgiiCJfJyBYZhv1FX2wDWf8E9RGEzGJG1BloLxwdWS5I3RNfvJ2y
4Z8LVAR09Fsd+zBXWNlJZ7T53tbIjhx33m4FU9b9+P9pJ8zJo9eCMX+253e3i3xG
ShMUvGIShEUiF72DZXtHgQKBgDi867CfNmn5BW4nQqfSrQ5EsuY80lQ/WzhwX1TN
luERUuI5GomVnqGncHtUXfLlawFLqwF6t0E9cB9SfXhRDv5mvsbtUc5Zzj+zQu+K
ZAA4gaO8CLjz9jBOHr49kTtpootxM/Uo8+zMi3hd7yn8Def2b3pVKnorC10+eazW
sAFRAoGAet6fQbQD+4vZ1oukZcZhmVlIWTSZJ1vAGCcT/3E40pqpPY+Ho56Lcwh0
9f4TAykuGwFgqvZvR8yD2gpuISYGYplWqa1N6qxMaiVzmY5q1XW+O74xRH5Kz5fr
D+3j2x4EiyG7AYyZMOphDtBd/TSQQMYmGW6PiyM9ceIVnDK1Dd4=
-----END RSA PRIVATE KEY-----

78
deps/openssl/openssl/demos/smime/smdec.c vendored
View File

@ -1,78 +0,0 @@
/*
* Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Simple S/MIME signing example */
#include <openssl/pem.h>
#include <openssl/pkcs7.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL;
X509 *rcert = NULL;
EVP_PKEY *rkey = NULL;
PKCS7 *p7 = NULL;
int ret = 1;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Read in recipient certificate and private key */
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
if (!rcert || !rkey)
goto err;
/* Open content being signed */
in = BIO_new_file("smencr.txt", "r");
if (!in)
goto err;
/* Sign content */
p7 = SMIME_read_PKCS7(in, NULL);
if (!p7)
goto err;
out = BIO_new_file("encrout.txt", "w");
if (!out)
goto err;
/* Decrypt S/MIME message */
if (!PKCS7_decrypt(p7, rkey, rcert, out, 0))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Signing Data\n");
ERR_print_errors_fp(stderr);
}
PKCS7_free(p7);
X509_free(rcert);
EVP_PKEY_free(rkey);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
return ret;
}

91
deps/openssl/openssl/demos/smime/smenc.c vendored
View File

@ -1,91 +0,0 @@
/*
* Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Simple S/MIME encrypt example */
#include <openssl/pem.h>
#include <openssl/pkcs7.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL;
X509 *rcert = NULL;
STACK_OF(X509) *recips = NULL;
PKCS7 *p7 = NULL;
int ret = 1;
/*
* On OpenSSL 0.9.9 only:
* for streaming set PKCS7_STREAM
*/
int flags = PKCS7_STREAM;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Read in recipient certificate */
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
if (!rcert)
goto err;
/* Create recipient STACK and add recipient cert to it */
recips = sk_X509_new_null();
if (!recips || !sk_X509_push(recips, rcert))
goto err;
/*
* sk_X509_pop_free will free up recipient STACK and its contents so set
* rcert to NULL so it isn't freed up twice.
*/
rcert = NULL;
/* Open content being encrypted */
in = BIO_new_file("encr.txt", "r");
if (!in)
goto err;
/* encrypt content */
p7 = PKCS7_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
if (!p7)
goto err;
out = BIO_new_file("smencr.txt", "w");
if (!out)
goto err;
/* Write out S/MIME message */
if (!SMIME_write_PKCS7(out, p7, in, flags))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Encrypting Data\n");
ERR_print_errors_fp(stderr);
}
PKCS7_free(p7);
X509_free(rcert);
sk_X509_pop_free(recips, X509_free);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
return ret;
}

88
deps/openssl/openssl/demos/smime/smsign.c vendored
View File

@ -1,88 +0,0 @@
/*
* Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Simple S/MIME signing example */
#include <openssl/pem.h>
#include <openssl/pkcs7.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL;
X509 *scert = NULL;
EVP_PKEY *skey = NULL;
PKCS7 *p7 = NULL;
int ret = 1;
/*
* For simple S/MIME signing use PKCS7_DETACHED. On OpenSSL 0.9.9 only:
* for streaming detached set PKCS7_DETACHED|PKCS7_STREAM for streaming
* non-detached set PKCS7_STREAM
*/
int flags = PKCS7_DETACHED | PKCS7_STREAM;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Read in signer certificate and private key */
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
if (!scert || !skey)
goto err;
/* Open content being signed */
in = BIO_new_file("sign.txt", "r");
if (!in)
goto err;
/* Sign content */
p7 = PKCS7_sign(scert, skey, NULL, in, flags);
if (!p7)
goto err;
out = BIO_new_file("smout.txt", "w");
if (!out)
goto err;
if (!(flags & PKCS7_STREAM))
BIO_reset(in);
/* Write out S/MIME message */
if (!SMIME_write_PKCS7(out, p7, in, flags))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Signing Data\n");
ERR_print_errors_fp(stderr);
}
PKCS7_free(p7);
X509_free(scert);
EVP_PKEY_free(skey);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
return ret;
}

96
deps/openssl/openssl/demos/smime/smsign2.c vendored
View File

@ -1,96 +0,0 @@
/*
* Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* S/MIME signing example: 2 signers. OpenSSL 0.9.9 only */
#include <openssl/pem.h>
#include <openssl/pkcs7.h>
#include <openssl/err.h>
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL;
X509 *scert = NULL, *scert2 = NULL;
EVP_PKEY *skey = NULL, *skey2 = NULL;
PKCS7 *p7 = NULL;
int ret = 1;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
BIO_free(tbio);
tbio = BIO_new_file("signer2.pem", "r");
if (!tbio)
goto err;
scert2 = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
skey2 = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
if (!scert2 || !skey2)
goto err;
in = BIO_new_file("sign.txt", "r");
if (!in)
goto err;
p7 = PKCS7_sign(NULL, NULL, NULL, in, PKCS7_STREAM | PKCS7_PARTIAL);
if (!p7)
goto err;
/* Add each signer in turn */
if (!PKCS7_sign_add_signer(p7, scert, skey, NULL, 0))
goto err;
if (!PKCS7_sign_add_signer(p7, scert2, skey2, NULL, 0))
goto err;
out = BIO_new_file("smout.txt", "w");
if (!out)
goto err;
/* NB: content included and finalized by SMIME_write_PKCS7 */
if (!SMIME_write_PKCS7(out, p7, in, PKCS7_STREAM))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Signing Data\n");
ERR_print_errors_fp(stderr);
}
PKCS7_free(p7);
X509_free(scert);
EVP_PKEY_free(skey);
X509_free(scert2);
EVP_PKEY_free(skey2);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
return ret;
}

Some files were not shown because too many files have changed in this diff Show More