Disclaiemr: I can't by any means give an authorative answer, since I am not part of the development team
But I think you should consider the following: - if you are in the US, you should send every source code contribution in CC to [EMAIL PROTECTED] - I think that it's not so nice to include your own copyright notice in the diffs where you essentially changed openssl example source code (if that is the case - it seems to be so from what I gather by looking at the diff briefly). If you want to officially contribute this port, you should be aware that OpenSSL is licensed with an Apache Style license. - In case this port is appreciated by the developers (can't speak for them), a patch against 0.9.7 might be useful, since 0.9.6d won't be change much as it is now in beta Best Regards, David "Sundaram, Mani" wrote: > Hi, > We ported OpenSSL to our operating system VOS that has a POSIX API. In > addition to OpenSSL, we have successfully ported other open source software > such as Gnu gcc, gdb, Gnu tools(bash, gmake, ...), Apache, Samba, Perl, > Python. OpenSSL was relatively easy port. > > Ben Laurie suggested that we send our OpenSSL diffs to the developers for > review. We would like to call our port as "VOS OpenSSL"; we request your > permission to use the OpenSSL name. > > Our changes include adding header files to compile on VOS - mostly > sys/types.h and sys/select.h. This is because on the Linux OpenSSL code > base, time.h includes types.h and select.h whereas in VOS it does not. > There are two other changes that we did to the code: > > 1. VOS doesn't support getrusage( ) or ftime( ). However, we do support > gettimeofday( ) and times( ). We had to write a new else condition in > speed.c to handle this case. We haven't modified the functionality of the > code. > 2. gcc -Wall warns when sprintf (foo, "%d", foobar) is called (foobar is a > long datatype). We fixed this. > > We believe that these changes are platform specific only and no > functionality of the product has been compromised. We didn't delete any > source code. > > We are enclosing the diff and the self-test results. We would appreciate > your prompt reply with the approval of our changes and the use of the > OpenSSL name. Please do not hesitate to contact us if you need further > information. > > We thank you once again in developing OpenSSL. > > Sincerely, > Bose (Engineering Manager) > Mani (Software Engineer) > ---------------------------------------------------------------------------- > --------------------------------------------------- > > Here is the diff and the OpenSSL self-test results. The porting base was > revision 0.9.6; please note that we have patched md_rand.c with the security > fix posted on your website. > > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/app_rand.c > /p/openssl/porting_base/apps/app_rand.c > 145,147d144 > < #ifdef VOS_DEBUG > < printf("\n file = %s", file); > < #endif /* VOS */ > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/dh.c > /p/openssl/porting_base/apps/dh.c > 63,65d62 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/dhparam.c > /p/openssl/porting_base/apps/dhparam.c > 115,117d114 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/dsa.c > /p/openssl/porting_base/apps/dsa.c > 63,65d62 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/dsaparam.c > /p/openssl/porting_base/apps/dsaparam.c > 62,64d61 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/openssl.cnf > /p/openssl/porting_base/apps/openssl.cnf > 8a9 > > RANDFILE = $ENV::HOME/.rnd > 36c37 > < dir = ./demoCA # Where everything is kept > --- > > dir = ./demoCA # Where everything is kept > 39,40c40,41 > < database = $dir/index.txt # database index file. > < new_certs_dir = $dir/newcerts # default place for new certs. > --- > > database = $dir/index.txt # database index file. > > new_certs_dir = $dir/newcerts # default place for new certs. > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/pkcs7.c > /p/openssl/porting_base/apps/pkcs7.c > 62,64d61 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/req.c > /p/openssl/porting_base/apps/req.c > 61,63d60 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/rsa.c > /p/openssl/porting_base/apps/rsa.c > 63,65d62 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/s_client.c > /p/openssl/porting_base/apps/s_client.c > 63,68d62 > < > < #ifdef __VOS__ > < #include <sys/types.h> > < #include <sys/select.h> > < #endif > < > 444,447d437 > < #ifdef VOS_DEBUG > < printf("\n WIDTH = %d\n", width); > < #endif > < > 495,497d484 > < #ifdef VOS_DEBUG > < printf("\n TTY_ON = %d\n", tty_on); > < #endif > 501,505d487 > < #ifdef VOS_DEBUG > < printf("\n READ_TTY = %d\n", read_tty); > < printf("\n WRITE_TTY = %d\n", write_tty); > < printf("\n fileno(STDIN) = %d\n", fileno(stdin)); > < #endif > 554,556d535 > < #ifdef VOS_DEBUG > < printf("\n readfds = %x, writefds = %x \n", readfds, writefds); > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/s_server.c > /p/openssl/porting_base/apps/s_server.c > 64,68d63 > < > < #ifdef __VOS__ > < #include <sys/select.h> > < #endif > < > 764,766d758 > < #ifdef __VOS__ > < struct fd_set readfds; > < #else > 768d759 > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/s_time.c > /p/openssl/porting_base/apps/s_time.c > 67,70d66 > < #ifdef __VOS__ > < #include <sys/types.h> > < #include <sys/select.h> > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/speed.c > /p/openssl/porting_base/apps/speed.c > 72,80d71 > < #ifdef __VOS__ > < #ifndef _BSD > < #define _BSD /* for gettimeofday() */ > < #endif /* _BSD */ > < #ifndef _SYSV > < #define _SYSV > < #endif /* _SYSV */ > < #endif /*__VOS__ */ > < > 82,85d72 > < #ifdef __VOS__ > < #include <sys/types.h> > < #include <sys/time.h> > < #endif > 107,117d93 > < #ifdef __VOS__ > < #ifndef TIMES > < #define TIMES > < #endif /* TIMES */ > < > < #ifdef TIMEB > < #undef TIMEB > < #endif /* TIMEB */ > < > < #endif /* __VOS__ */ > < > 146,147c122 > < #if defined(sun) || defined(__ultrix) || defined(__VOS__) > < #ifndef _POSIX_SOURCE > --- > > #if defined(sun) || defined(__ultrix) > 149d123 > < #endif /* _POSIX_SOURCE */ > 312c286 > < # endif /* TIMES && TIMEB */ > --- > > # endif > 331,333c305 > < # endif /* TIMEB */ > < # ifdef __VOS__ /* VOS does not have TIMEB, using gettimeofday instead */ > < else > --- > > # endif > 335,352d306 > < { > < static struct timeval tstart,tend; > < long i; > < > < if (s == START) > < { > < gettimeofday(&tstart,NULL); > < return(0); > < } > < else > < { > < gettimeofday(&tend,NULL); > < i=(long)tend.tv_usec-(long)tstart.tv_usec; > < > ret=((double)(tend.tv_sec-tstart.tv_sec))+((double)i)/1000000.0; > < return((ret < 0.001)?0.001:ret); > < } > < } > < #endif /* USE_TOD */ > 519d472 > < else > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/apps/spkac.c > /p/openssl/porting_base/apps/spkac.c > 61,63d60 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/asn1/a_digest.c > /p/openssl/porting_base/crypto/asn1/a_digest.c > 60d59 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/asn1/a_gentm.c > /p/openssl/porting_base/crypto/asn1/a_gentm.c > 62d61 > < #include <sys/types.h> > 222,225c221 > < #ifdef __VOS__ > < sprintf(p,"%04ld%02ld%02ld%02ld%02ld%02ldZ",ts->tm_year + 1900, > < ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec); > < #else > --- > > > 228d223 > < #endif > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/asn1/a_sign.c > /p/openssl/porting_base/crypto/asn1/a_sign.c > 60d59 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/asn1/a_time.c > /p/openssl/porting_base/crypto/asn1/a_time.c > 65d64 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/asn1/a_utctm.c > /p/openssl/porting_base/crypto/asn1/a_utctm.c > 60d59 > < #include <sys/types.h> > 260,263d258 > < #ifdef __VOS__ > < sprintf(p,"%02ld%02ld%02ld%02ld%02ld%02ldZ",ts->tm_year%100, > < ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec); > < #else > 266,267d260 > < #endif /* __VOS__ */ > < > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/asn1/a_verify.c > /p/openssl/porting_base/crypto/asn1/a_verify.c > 60d59 > < #include <sys/types.h> > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/asn1/asn1.h > /p/openssl/porting_base/crypto/asn1/asn1.h > 62,65d61 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > < > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/bn/bn_prime.c > /p/openssl/porting_base/crypto/bn/bn_prime.c > 113d112 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/bn/bn_rand.c > /p/openssl/porting_base/crypto/bn/bn_rand.c > 60,64d59 > < > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > < > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/bn/bntest.c > /p/openssl/porting_base/crypto/bn/bntest.c > 110c110 > < #if defined(linux) || defined(__FreeBSD__) || defined(__VOS__) /* can we > use GNU bc features? */ > --- > > #if defined(linux) || defined(__FreeBSD__) /* can we use GNU bc features? > */ > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/cryptlib.h > /p/openssl/porting_base/crypto/cryptlib.h > 65,68d64 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > < > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/des/des_locl.h > /p/openssl/porting_base/crypto/des/des_locl.h > 69,71d68 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/des/enc_writ.c > /p/openssl/porting_base/crypto/des/enc_writ.c > 60,64d59 > < > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > < > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/des/read_pwd.c > /p/openssl/porting_base/crypto/des/read_pwd.c > 59,64d58 > < #ifdef __VOS__ > < #ifndef _POSIX_SOURCE > < #define _POSIX_SOURCE > < #endif /* _POSIX_SOURCE */ > < #endif /* __VOS__ */ > < > 84c78 > < #define SIGACTION /* Define this if you have sigaction() */ > --- > > /* #define SIGACTION */ /* Define this if you have sigaction() */ > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/dsa/dsa_gen.c > /p/openssl/porting_base/crypto/dsa/dsa_gen.c > 75,79d74 > < > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > < > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/dsa/dsa_key.c > /p/openssl/porting_base/crypto/dsa/dsa_key.c > 61d60 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/err/err_all.c > /p/openssl/porting_base/crypto/err/err_all.c > 60d59 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/evp/evp_pbe.c > /p/openssl/porting_base/crypto/evp/evp_pbe.c > 60d59 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/evp/p5_crpt.c > /p/openssl/porting_base/crypto/evp/p5_crpt.c > 61d60 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/evp/p5_crpt2.c > /p/openssl/porting_base/crypto/evp/p5_crpt2.c > 60d59 > < #include <sys/types.h> > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/mem_dbg.c > /p/openssl/porting_base/crypto/mem_dbg.c > 61,62c61 > < /* VOS */ #include <sys/types.h> > < #include <time.h> > --- > > #include <time.h> > 570,573d568 > < #ifdef __VOS__ > < sprintf(bufp, "[%02ld:%02ld:%02ld] ", > < lcl->tm_hour,lcl->tm_min,lcl->tm_sec); > < #else > 576d570 > < #endif /* __VOS__ */ > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/opensslconf.h > /p/openssl/porting_base/crypto/opensslconf.h > 6,11c6 > < # ifndef NO_IDEA > < # define NO_IDEA > < # endif > < # ifndef NO_RC5 > < # define NO_RC5 > < # endif > --- > > /* no ciphers excluded */ > 16,18d10 > < # ifndef NO_ASM > < # define NO_ASM > < # endif > 28c20 > < #define OPENSSLDIR "/system/openssl" > --- > > #define OPENSSLDIR "/usr/local/ssl" > 77c69 > < #define BN_LLONG > --- > > #undef BN_LLONG > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/rand/md_rand.c > /p/openssl/porting_base/crypto/rand/md_rand.c > 144,148c144,147 > < static unsigned int crypto_lock_rand = 0; /* may be set only when a thread > < * holds CRYPTO_LOCK_RAND > < * (to prevent double locking) > */ > < static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is > set */ > < > --- > > /* This should be set to 1 only when ssleay_rand_add() is called inside > > an already locked state, so it doesn't try to lock and thereby cause > > a hang. And it should always be reset back to 0 before unlocking. */ > > static int add_do_not_lock=0; > 195d193 > < int do_not_lock; > 212,215c210 > < /* check if we already have the lock */ > < do_not_lock = crypto_lock_rand && (locking_thread == > CRYPTO_thread_id()); > < > < if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); > --- > > if (!add_do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); > 247c242 > < if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); > --- > > if (!add_do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); > 289c284 > < if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); > --- > > if (!add_do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); > 300c295 > < if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); > --- > > if (!add_do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); > 316d310 > < int num_ceil; > 337,342d330 > < if (num <= 0) > < return 1; > < > < /* round upwards to multiple of MD_DIGEST_LENGTH/2 */ > < num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * > (MD_DIGEST_LENGTH/2); > < > 348,354c336,343 > < * Input into the hash function the local 'md' (which is initialized > from > < * the global 'md' before any bytes are generated), the bytes that > are to > < * be overwritten by the random bytes, and bytes from the 'state' > < * (incrementing looping index). From this digest output (which is > kept > < * in 'md'), the top (up to) 10 bytes are returned to the caller and > the > < * bottom 10 bytes are xored into the 'state'. > < * > --- > > * Input into the hash function the top 10 bytes from the > > * local 'md' (which is initialized from the global 'md' > > * before any bytes are generated), the bytes that are > > * to be overwritten by the random bytes, and bytes from the > > * 'state' (incrementing looping index). From this digest output > > * (which is kept in 'md'), the top (up to) 10 bytes are > > * returned to the caller and the bottom (up to) 10 bytes are xored > > * into the 'state'. > 361,366d349 > < CRYPTO_w_lock(CRYPTO_LOCK_RAND); > < > < /* prevent ssleay_rand_bytes() from trying to obtain the lock again > */ > < crypto_lock_rand = 1; > < locking_thread = CRYPTO_thread_id(); > < > 368d350 > < { > 370,372c352,357 > < initialized = 1; > < } > < > --- > > > > CRYPTO_w_lock(CRYPTO_LOCK_RAND); > > add_do_not_lock = 1; /* Since we call ssleay_rand_add while in > > this locked state. */ > > > > initialized = 1; > 398,402c383,387 > < /* In the output function only half of 'md' remains secret, > < * so we better make sure that the required entropy gets > < * 'evenly distributed' through 'state', our randomness > pool. > < * The input function (ssleay_rand_add) chains all of 'md', > < * which makes it more suitable for this purpose. > --- > > /* Our output function chains only half of 'md', so we > better > > * make sure that the required entropy gets 'evenly > distributed' > > * through 'state', our randomness pool. The input function > > * (ssleay_rand_add) chains all of 'md', which makes it more > > * suitable for this purpose. > 427c412 > < state_index+=num_ceil; > --- > > state_index+=num; > 431c416 > < /* state[st_idx], ..., state[(st_idx + num_ceil - 1) % st_num] > --- > > /* state[st_idx], ..., state[(st_idx + num - 1) % st_num] > 436,438c421,422 > < /* before unlocking, we must clear 'crypto_lock_rand' */ > < crypto_lock_rand = 0; > < locking_thread = 0; > --- > > add_do_not_lock = 0; /* If this would ever be forgotten, we can > > expect any evil god to eat our souls. */ > 443d426 > < /* num_ceil -= MD_DIGEST_LENGTH/2 */ > 454c437 > < MD_Update(&m,local_md,MD_DIGEST_LENGTH); > --- > > > MD_Update(&m,&(local_md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2); > 459c442 > < k=(st_idx+MD_DIGEST_LENGTH/2)-st_num; > --- > > k=(st_idx+j)-st_num; > 462c445 > < MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k); > --- > > MD_Update(&m,&(state[st_idx]),j-k); > 466c449 > < MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2); > --- > > MD_Update(&m,&(state[st_idx]),j); > 469c452 > < for (i=0; i<MD_DIGEST_LENGTH/2; i++) > --- > > for (i=0; i<j; i++) > 471a455 > > *(buf++)=local_md[i+MD_DIGEST_LENGTH/2]; > 474,475d457 > < if (i < j) > < *(buf++)=local_md[i+MD_DIGEST_LENGTH/2]; > 503,504c485 > < int ret; > < unsigned long err; > --- > > int ret, err; > 520d500 > < int do_not_lock; > 522,534d501 > < /* check if we already have the lock > < * (could happen if a RAND_poll() implementation calls > RAND_status()) */ > < do_not_lock = crypto_lock_rand && (locking_thread == > CRYPTO_thread_id()); > < > < if (!do_not_lock) > < { > < CRYPTO_w_lock(CRYPTO_LOCK_RAND); > < > < /* prevent ssleay_rand_bytes() from trying to obtain the > lock again */ > < crypto_lock_rand = 1; > < locking_thread = CRYPTO_thread_id(); > < } > < > 536d502 > < { > 538,539d503 > < initialized = 1; > < } > 540a505,506 > > CRYPTO_w_lock(CRYPTO_LOCK_RAND); > > initialized = 1; > 541a508 > > CRYPTO_w_unlock(CRYPTO_LOCK_RAND); > 543,551d509 > < if (!do_not_lock) > < { > < /* before unlocking, we must clear 'crypto_lock_rand' */ > < crypto_lock_rand = 0; > < locking_thread = 0; > < > < CRYPTO_w_unlock(CRYPTO_LOCK_RAND); > < } > < > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/rand/rand_egd.c > /p/openssl/porting_base/crypto/rand/rand_egd.c > 62c62 > < #if defined(WIN32) || defined(VMS) || defined(__VMS) || defined (__VOS__) > --- > > #if defined(WIN32) || defined(VMS) || defined(__VMS) > 77,78d76 > < > < #ifndef __VOS__ > 80,81d77 > < #endif > < > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/rand/randfile.c > /p/openssl/porting_base/crypto/rand/randfile.c > 99,103d98 > < > < #ifdef VOS_DEBUG > < printf("\nrandfile: i = %d", i); > < #endif > < > 110,112d104 > < #ifdef VOS_DEBUG > < printf("\nrandfile: in = %d", in); > < #endif > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/rsa/rsa_gen.c > /p/openssl/porting_base/crypto/rsa/rsa_gen.c > 60d59 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/x509/by_dir.c > /p/openssl/porting_base/crypto/x509/by_dir.c > 60d59 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/x509/by_file.c > /p/openssl/porting_base/crypto/x509/by_file.c > 60d59 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/x509/x509_txt.c > /p/openssl/porting_base/crypto/x509/x509_txt.c > 60d59 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/x509/x509_vfy.c > /p/openssl/porting_base/crypto/x509/x509_vfy.c > 60d59 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/crypto/x509v3/v3err.c > /p/openssl/porting_base/crypto/x509v3/v3err.c > 62d61 > < #include <sys/types.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/demos/maurice/example1.c > /p/openssl/porting_base/demos/maurice/example1.c > 1,4d0 > < /* > < COPYRIGHT (c) 2001 Stratus Technologies International, S.a r.l. All > Rights > < Reserved. > < */ > 17c13 > < #include <string.h> > --- > > #include <strings.h> > 45d40 > < Initialize_Random_Gen(); > 71c66 > < unsigned int ekeylen, net_ekeylen; > --- > > int ekeylen, net_ekeylen; > 103,105d97 > < > < /* fprintf(stderr, "encrypt key length is %d\n", ekeylen); */ > < > 155c147 > < read(STDIN, &ekeylen, sizeof(ekeylen)); > --- > > read(STDIN, &ekeylen, sizeof(ekeylen)); > 158,159d149 > < /* fprintf(stderr, "\n Keylength is %d\n", ekeylen); */ > < > 208a199 > > > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/demos/maurice/example2.c > /p/openssl/porting_base/demos/maurice/example2.c > 1,5d0 > < /* > < COPYRIGHT (c) 2001 Stratus Technologies International, S.a r.l. All > Rights > < Reserved. > < */ > < > 43d37 > < Initialize_Random_Gen(); > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/demos/maurice/example3.c > /p/openssl/porting_base/demos/maurice/example3.c > 1,5d0 > < /* > < COPYRIGHT (c) 2001 Stratus Technologies International, S.a r.l. All > Rights > < Reserved. > < */ > < > 20d14 > < #include "loadkeys.h" /* For Initialize_Random_Gen() */ > 36d29 > < Initialize_Random_Gen(); > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/demos/maurice/example4.c > /p/openssl/porting_base/demos/maurice/example4.c > 1,5d0 > < /* > < COPYRIGHT (c) 2001 Stratus Technologies International, S.a r.l. All > Rights > < Reserved. > < */ > < > 20d14 > < #include "loadkeys.h" /* For Initialize_Random_Gen() */ > 33d26 > < Initialize_Random_Gen(); > 54c47 > < char ebuf[2*BUFLEN]; > --- > > char ebuf[BUFLEN+24]; > 88c81 > < char ebuf[2*BUFLEN]; > --- > > char ebuf[BUFLEN+24]; > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/demos/maurice/loadkeys.c > /p/openssl/porting_base/demos/maurice/loadkeys.c > 1,5d0 > < /* > < COPYRIGHT (c) 2001 Stratus Technologies International, S.a r.l. All > Rights > < Reserved. > < */ > < > 22,23d16 > < #include <openssl/crypto.h> > < #include <openssl/rand.h> > 43c36 > < fp, NULL, NULL, NULL); > --- > > fp, NULL, NULL); > 74c67 > < NULL, NULL, NULL); > --- > > NULL, NULL); > 85,108d77 > < void Initialize_Random_Gen() > < { > < char *randfile; > < > < /* Since VOS does not support entropy gathering daemons or a /dev > < random device, the random number generator is seeded with the > help > < of a file containing random data > < */ > < > < if ((randfile = getenv("RANDFILE")) == NULL) > < { > < fprintf(stderr, "Environment variable RANDFILE not > found\n"); > < exit(-1); > < } > < if (RAND_load_file(randfile, -1) <= 0) > < { > < fprintf(stderr, "Cannot load random data from %s\n", > randfile); > < exit(-1); > < } > < if (RAND_write_file(randfile) <= 0) > < { > < fprintf(stderr, "Could not write sufficient random data to > %s\n", randfile); > < } > < } > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/demos/maurice/loadkeys.h > /p/openssl/porting_base/demos/maurice/loadkeys.h > 1,6d0 > < /* > < COPYRIGHT (c) 2001 Stratus Technologies International, S.a r.l. All > Rights > < Reserved. > < Please read the STRATUS_README file before using this program > < */ > < > 23,24d16 > < > < void Initialize_Random_Gen(); > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/demos/ssl/cli.cpp > /p/openssl/porting_base/demos/ssl/cli.cpp > 8a9 > > #include <memory.h> > diff -r -x Makefile* > /p/openssl/dev.0.9/src/openssl-0.9.6/demos/state_machine/state_machine.c > /p/openssl/porting_base/demos/state_machine/state_machine.c > 83,85d82 > < #ifdef __VOS__ > < #include <sys/select.h> > < #endif /* __VOS__ */ > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/ssl/bio_ssl.c > /p/openssl/porting_base/ssl/bio_ssl.c > 60,64d59 > < > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > < > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/ssl/s23_clnt.c > /p/openssl/porting_base/ssl/s23_clnt.c > 60,64d59 > < > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > < > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/ssl/s23_lib.c > /p/openssl/porting_base/ssl/s23_lib.c > 60,64d59 > < > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > < > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/ssl/s3_pkt.c > /p/openssl/porting_base/ssl/s3_pkt.c > 114,118d113 > < > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif /* __VOS__ */ > < > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/ssl/ssl_cert.c > /p/openssl/porting_base/ssl/ssl_cert.c > 115c115 > < #if !defined(WIN32) && !defined(VSM) && !defined(NeXT) && > !defined(MAC_OS_pre_X) && !defined(__VOS__) > --- > > #if !defined(WIN32) && !defined(VSM) && !defined(NeXT) && > !defined(MAC_OS_pre_X) > 709d708 > < #ifndef __VOS__ > 754d752 > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/ssl/ssl_locl.h > /p/openssl/porting_base/ssl/ssl_locl.h > 62,64d61 > < #ifdef __VOS__ > < #include <sys/types.h> > < #endif > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/ssl/ssltest.c > /p/openssl/porting_base/ssl/ssltest.c > 64d63 > < #include <sys/types.h> > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/tcrl > /p/openssl/porting_base/test/tcrl > 80c80 > < /system/gnu_library/bin/rm -f f.* ff.* fff.* > --- > > /bin/rm -f f.* ff.* fff.* > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/testca > /p/openssl/porting_base/test/testca > 10,13c10 > < # VOS Testing > < # echo $PATH > < /system/gnu_library/bin/rm -fr demoCA > < > --- > > /bin/rm -fr demoCA > 21,23d17 > < # VOS Testing > < # echo point1 > < > 31,32d24 > < #VOS testing > < # echo point2 > 44,45d35 > < # VOS Testing > < # echo point3 > 52,55c42 > < # VOS Testing > < # echo point4 > < > < /system/gnu_library/bin/rm -fr demoCA newcert.pem newreq.pem > --- > > /bin/rm -fr demoCA newcert.pem newreq.pem > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/testgen > /p/openssl/porting_base/test/testgen > 7c7 > < /system/gnu_library/bin/rm -f $T.1 $T.2 $T.key > --- > > /bin/rm -f $T.1 $T.2 $T.key > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/tests.com > /p/openssl/porting_base/test/tests.com > 22c22 > < test_des,test_sha,test_md4,test_md5,test_hmac,- > --- > > test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,- > 24c24 > < test_rmd,test_rc2,test_rc4,test_bf,test_cast,- > --- > > test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,- > 32a33 > > $ IDEATEST := ideatest > 42a44 > > $ RC5TEST := rc5test > 63a66,68 > > $ test_idea: > > $ mcr 'texe_dir''ideatest' > > $ return > 96a102,104 > > $ return > > $ test_rc5: > > $ mcr 'texe_dir''rc5test' > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/testss > /p/openssl/porting_base/test/testss > 96c96 > < /system/gnu_library/bin/rm err.ss > --- > > /bin/rm err.ss > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/tpkcs7 > /p/openssl/porting_base/test/tpkcs7 > 50c50 > < /system/gnu_library/bin/rm -f f.* ff.* fff.* > --- > > /bin/rm -f f.* ff.* fff.* > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/tpkcs7d > /p/openssl/porting_base/test/tpkcs7d > 43c43 > < /system/gnu_library/bin/rm -f f.* ff.* fff.* > --- > > /bin/rm -f f.* ff.* fff.* > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/treq > /p/openssl/porting_base/test/treq > 85c85 > < /system/gnu_library/bin/rm -f f.* ff.* fff.* > --- > > /bin/rm -f f.* ff.* fff.* > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/trsa > /p/openssl/porting_base/test/trsa > 85c85 > < /system/gnu_library/bin/rm -f f.* ff.* fff.* > --- > > /bin/rm -f f.* ff.* fff.* > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/tsid > /p/openssl/porting_base/test/tsid > 80c80 > < /system/gnu_library/bin/rm -f f.* ff.* fff.* > --- > > /bin/rm -f f.* ff.* fff.* > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/tx509 > /p/openssl/porting_base/test/tx509 > 80c80 > < /system/gnu_library/bin/rm -f f.* ff.* fff.* > --- > > /bin/rm -f f.* ff.* fff.* > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/tools/c_hash > /p/openssl/porting_base/tools/c_hash > 1c1 > < #!/system/gnu_library/bin/bash > --- > > #!/bin/sh > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/tools/c_info > /p/openssl/porting_base/tools/c_info > 1c1 > < #!/system/gnu_library/bin/bash > --- > > #!/bin/sh > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/tools/c_issuer > /p/openssl/porting_base/tools/c_issuer > 1c1 > < #!/system/gnu_library/bin/bash > --- > > #!/bin/sh > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/tools/c_name > /p/openssl/porting_base/tools/c_name > 1c1 > < #!/system/gnu_library/bin/bash > --- > > #!/bin/sh > diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/tools/c_rehash > /p/openssl/porting_base/tools/c_rehash > 9c9 > < my $dir = "/system/openssl"; > --- > > my $dir = "/usr/local/ssl"; > > testing... > gmake[1]: Entering directory > `/%es#m30_user/Stratus/Mani_Sundaram/openssl_diffs/openssl_tests/src/openssl > -0.9.6/test' > gmake[2]: Entering directory > `/%es#m30_user/Stratus/Mani_Sundaram/openssl_diffs/openssl_tests/src/openssl > -0.9.6/apps' > gmake[2]: Nothing to be done for `all'. > gmake[2]: Leaving directory > `/%es#m30_user/Stratus/Mani_Sundaram/openssl_diffs/openssl_tests/src/openssl > -0.9.6/apps' > ./destest > Doing cbcm > Doing ecb > Doing ede ecb > Doing cbc > Doing desx cbc > Doing ede cbc > Doing pcbc > Doing cfb8 cfb16 cfb32 cfb48 cfb64 cfb64() ede_cfb64() done > Doing ofb > Doing ofb64 > Doing ede_ofb64 > Doing cbc_cksum > Doing quad_cksum > input word alignment test 0 1 2 3 > output word alignment test 0 1 2 3 > fast crypt test > ./shatest > test 1 ok > test 2 ok > test 3 ok > ./sha1test > test 1 ok > test 2 ok > test 3 ok > ./md4test > test 1 ok > test 2 ok > test 3 ok > test 4 ok > test 5 ok > test 6 ok > test 7 ok > ./md5test > test 1 ok > test 2 ok > test 3 ok > test 4 ok > test 5 ok > test 6 ok > test 7 ok > ./hmactest > test 0 ok > test 1 ok > test 2 ok > test 3 ok > ./md2test > test 1 ok > test 2 ok > test 3 ok > test 4 ok > test 5 ok > test 6 ok > test 7 ok > ./mdc2test > pad1 - ok > pad2 - ok > ./rmdtest > test 1 ok > test 2 ok > test 3 ok > test 4 ok > test 5 ok > test 6 ok > test 7 ok > test 8 ok > ./rc2test > ecb RC2 ok > ./rc4test > test 0 ok > test 1 ok > test 2 ok > test 3 ok > test 4 ok > test 5 ok > test end processing ....................done > test multi-call ....................done > ./bftest > testing blowfish in raw ecb mode > testing blowfish in ecb mode > testing blowfish set_key > testing blowfish in cbc mode > testing blowfish in cfb64 mode > testing blowfish in ofb64 > ./casttest > ecb cast5 ok > This test will take some time....123456789ABCDEF ok > ./randtest > test 1 done > test 2 done > test 3 done > test 4 done > starting big number library test, could take a while... > test BN_add > test BN_sub > test BN_lshift1 > test BN_lshift (fixed) > test BN_lshift > test BN_rshift1 > test BN_rshift > test BN_sqr > test BN_mul > test BN_div > test BN_div_recp > test BN_mod > test BN_mod_mul > test BN_mont > test BN_mod_exp > test BN_exp > running bc > > verify > BN_add...................................................................... > ............................... > verify > BN_sub...................................................................... > ............................................................................ > ..... > verify > BN_lshift1.................................................................. > ................................... > verify BN_lshift > (fixed)..................................................................... > ................................ > verify > BN_lshift................................................................... > .................................. > verify > BN_rshift1.................................................................. > ................................... > verify > BN_rshift................................................................... > .................................. > verify > BN_sqr...................................................................... > ............................... > verify > BN_mul...................................................................... > ............................................................................ > ..... > verify > BN_div...................................................................... > ............................................................................ > ............................................................................ > ............................................................................ > ... > verify > BN_div_recp................................................................. > ............................................................................ > ............................................................................ > ............................................................................ > ........ > verify > BN_mod...................................................................... > ............................... > verify > BN_mod_mul.................................................................. > ................................... > verify BN_mont...... > verify BN_mod_exp...... > verify BN_exp...... > > 1831 tests passed > test a^b%c implementations > ./exptest > ............................................................................ > ............................................................................ > ................................................ done > cat > base64 > base64 > base64 base64 > bf > bf base64 > bf-cbc > bf-cbc base64 > bf-cfb > bf-cfb base64 > bf-ecb > bf-ecb base64 > bf-ofb > bf-ofb base64 > cast > cast base64 > cast-cbc > cast-cbc base64 > cast5-cbc > cast5-cbc base64 > cast5-cfb > cast5-cfb base64 > cast5-ecb > cast5-ecb base64 > cast5-ofb > cast5-ofb base64 > des > des base64 > des-cbc > des-cbc base64 > des-cfb > des-cfb base64 > des-ecb > des-ecb base64 > des-ede > des-ede base64 > des-ede-cbc > des-ede-cbc base64 > des-ede-cfb > des-ede-cfb base64 > des-ede-ofb > des-ede-ofb base64 > des-ede3 > des-ede3 base64 > des-ede3-cbc > des-ede3-cbc base64 > des-ede3-cfb > des-ede3-cfb base64 > des-ede3-ofb > des-ede3-ofb base64 > des-ofb > des-ofb base64 > des3 > des3 base64 > desx > desx base64 > rc2 > rc2 base64 > rc2-40-cbc > rc2-40-cbc base64 > rc2-64-cbc > rc2-64-cbc base64 > rc2-cbc > rc2-cbc base64 > rc2-cfb > rc2-cfb base64 > rc2-ecb > rc2-ecb base64 > rc2-ofb > rc2-ofb base64 > rc4 > rc4 base64 > rc4-40 > rc4-40 base64 > echo test normal x509v1 certificate > test normal x509v1 certificate > sh ./tx509 2>/dev/null > testing X509 conversions > p -> d > p -> n > p -> p > d -> d > n -> d > p -> d > d -> n > n -> n > p -> n > d -> p > n -> p > p -> p > echo test first x509v3 certificate > test first x509v3 certificate > sh ./tx509 v3-cert1.pem 2>/dev/null > testing X509 conversions > p -> d > p -> n > p -> p > d -> d > n -> d > p -> d > d -> n > n -> n > p -> n > d -> p > n -> p > p -> p > echo test second x509v3 certificate > test second x509v3 certificate > sh ./tx509 v3-cert2.pem 2>/dev/null > testing X509 conversions > p -> d > p -> n > p -> p > d -> d > n -> d > p -> d > d -> n > n -> n > p -> n > d -> p > n -> p > p -> p > rsa > testing rsa conversions > p -> d > p -> p > d -> d > p -> d > d -> p > p -> p > ./rsa_test > PKCS #1 v1.5 encryption/decryption ok > OAEP encryption/decryption ok > PKCS #1 v1.5 encryption/decryption ok > OAEP encryption/decryption ok > PKCS #1 v1.5 encryption/decryption ok > OAEP encryption/decryption ok > testing crl conversions > p -> d > p -> p > d -> d > p -> d > d -> p > p -> p > testing session-id conversions > p -> d > p -> p > d -> d > p -> d > d -> p > p -> p > Generate and verify a certificate request > generating certificate request > rsa > There should be a 2 sequences of .'s and some +'s. > There should not be more that at most 80 per line > This could take some time. > Using configuration from test.cnf > Generating a 512 bit RSA private key > ......++++++++++++ > ..........++++++++++++ > writing new private key to 'testkey.pem' > ----- > You are about to be asked to enter information that will be incorporated > into your certificate request. > What you are about to enter is what is called a Distinguished Name or a DN. > There are quite a few fields but you can leave some blank > For some fields there will be a default value, > If you enter '.', the field will be left blank. > ----- > Country Name (2 letter code) [AU]:AU > State or Province Name (full name) [Queensland]: > Locality Name (eg, city) []:Brisbane > Organization Name (eg, company) []:CryptSoft Pty Ltd > Organizational Unit Name (eg, section) []:. > Common Name (eg, YOUR name) []:Eric Young > Email Address []:[EMAIL PROTECTED] > Using configuration from test.cnf > verify OK > testing req conversions > p -> d > p -> p > d -> d > p -> d > d -> p > p -> p > testing req conversions > p -> d > p -> p > d -> d > p -> d > d -> p > p -> p > testing pkcs7 conversions > p -> d > p -> p > d -> d > p -> d > d -> p > p -> p > testing pkcs7 conversions (2) > p -> d > p -> p > d -> d > p -> d > d -> p > p -> p > The following command should have some OK's and some failures > There are definitly a few expired certificates > ../apps/openssl verify -CApath ../certs ../certs/*.pem > ../certs/ICE-CA.pem: /O=European ICE-TEL project/OU=V3-Certification > Authority/L=Darmstadt > error 20 at 0 depth lookup:unable to get local issuer certificate > ../certs/ICE-root.pem: /O=European ICE-TEL project/OU=V3-Certification > Authority > error 18 at 0 depth lookup:self signed certificate > /O=European ICE-TEL project/OU=V3-Certification Authority > error 10 at 0 depth lookup:Certificate has expired > OK > ../certs/ICE-user.pem: /O=European ICE-TEL project/OU=V3-Certification > Authority/L=Darmstadt/CN=USER > error 20 at 0 depth lookup:unable to get local issuer certificate > ../certs/ca-cert.pem: /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA > (1024 bit) > error 20 at 0 depth lookup:unable to get local issuer certificate > ../certs/dsa-ca.pem: /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=CA > error 20 at 0 depth lookup:unable to get local issuer certificate > 18744857:error:0B06E06B:x509 certificate > routines:X509_get_pubkey_parameters:unable to find parameters in > chain:/p/openssl/rebuild.0.9/src/openssl-0.9.6/crypto/x509/x509_vfy.c:687: > ../certs/dsa-pca.pem: /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=PCA > error 18 at 0 depth lookup:self signed certificate > /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=PCA > error 10 at 0 depth lookup:Certificate has expired > OK > ../certs/factory.pem: /C=GB/O=UCL/OU=ICE-TEL Project/CN=TrustFactory > error 18 at 0 depth lookup:self signed certificate > /C=GB/O=UCL/OU=ICE-TEL Project/CN=TrustFactory > error 10 at 0 depth lookup:Certificate has expired > OK > ../certs/nortelCA.pem: /C=Ca/L=Nepean/OU=No Liability Accepted/O=For Demo > Purposes Only/CN=Entrust Demo Web CA > error 18 at 0 depth lookup:self signed certificate > OK > ../certs/pca-cert.pem: /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA > (1024 bit) > error 18 at 0 depth lookup:self signed certificate > OK > ../certs/rsa-cca.pem: /C=US/O=RSA Data Security, Inc./OU=Commercial > Certification Authority > error 18 at 0 depth lookup:self signed certificate > /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority > error 10 at 0 depth lookup:Certificate has expired > OK > ../certs/rsa-ssca.pem: /C=US/O=RSA Data Security, Inc./OU=Secure Server > Certification Authority > error 18 at 0 depth lookup:self signed certificate > /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority > error 10 at 0 depth lookup:Certificate has expired > OK > ../certs/thawteCb.pem: /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting > cc/OU=Certification Services Division/CN=Thawte Server > [EMAIL PROTECTED] > error 18 at 0 depth lookup:self signed certificate > OK > ../certs/thawteCp.pem: /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting > cc/OU=Certification Services Division/CN=Thawte Premium Server > [EMAIL PROTECTED] > error 18 at 0 depth lookup:self signed certificate > OK > ../certs/timCA.pem: /C=AU/ST=Queensland/L=Brisbane/O=CryptSoft Pty > Ltd/OU=development/CN=CryptSoft Dev CA > error 18 at 0 depth lookup:self signed certificate > /C=AU/ST=Queensland/L=Brisbane/O=CryptSoft Pty > Ltd/OU=development/CN=CryptSoft Dev CA > error 10 at 0 depth lookup:Certificate has expired > OK > ../certs/tjhCA.pem: /C=AU/ST=Queensland/L=Brisbane/O=CryptSoft Pty > Ltd/OU=WORTHLESS CERTIFICATION AUTHORITIES/CN=ZERO VALUE CA - DEMONSTRATION > PURPOSES ONLY > error 18 at 0 depth lookup:self signed certificate > /C=AU/ST=Queensland/L=Brisbane/O=CryptSoft Pty Ltd/OU=WORTHLESS > CERTIFICATION AUTHORITIES/CN=ZERO VALUE CA - DEMONSTRATION PURPOSES ONLY > error 10 at 0 depth lookup:Certificate has expired > OK > ../certs/vsign1.pem: /C=US/O=VeriSign, Inc./OU=Class 1 Public Primary > Certification Authority > error 18 at 0 depth lookup:self signed certificate > OK > ../certs/vsign2.pem: /C=US/O=VeriSign, Inc./OU=Class 2 Public Primary > Certification Authority > error 18 at 0 depth lookup:self signed certificate > OK > ../certs/vsign3.pem: /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary > Certification Authority > error 18 at 0 depth lookup:self signed certificate > OK > ../certs/vsignss.pem: /C=US/O=RSA Data Security, Inc./OU=Secure Server > Certification Authority > error 18 at 0 depth lookup:self signed certificate > OK > ../certs/vsigntca.pem: /O=VeriSign, > Inc/OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD./OU=For > VeriSign authorized testing only. No assurances (C)VS1997 > error 18 at 0 depth lookup:self signed certificate > OK > Generate a set of DH parameters > ./dhtest > ..+..++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++ > *++*++*++* > > p =C2CC2AD62DA9644B > g =5 > pri 1=412C9C719308F29F > pub 1=2AB2F5C00732321C > pri 2=5ED6B126267CC313 > pub 2=8FE2B3CB51D6B4F3 > key1 =BEA2F31156C362B5 > key2 =BEA2F31156C362B5 > Generate a set of DSA parameters > ./dsatest > test generation of DSA parameters > .++++++++++++++++++++++++++++++++++++++++++++++++++* > ...+........+..+...+............+.+..+...................................... > ....................................++++++++++++++++++++++++++++++++++++++++ > +++++++++++* > seed > D5014E4B 60EF2BA8 B6211B40 62BA3224 E0427DD3 > counter=105 h=2 > P: > 00:8d:f2:a4:94:49:22:76:aa:3d:25:75:9b:b0:68: > 69:cb:ea:c0:d8:3a:fb:8d:0c:f7:cb:b8:32:4f:0d: > 78:82:e5:d0:76:2f:c5:b7:21:0e:af:c2:e9:ad:ac: > 32:ab:7a:ac:49:69:3d:fb:f8:37:24:c2:ec:07:36: > ee:31:c8:02:91 > Q: > 00:c7:73:21:8c:73:7e:c8:ee:99:3b:4f:2d:ed:30: > f4:8e:da:ce:91:5f > G: > 62:6d:02:78:39:ea:0a:13:41:31:63:a5:5b:4c:b5: > 00:29:9d:55:22:95:6c:ef:cb:3b:ff:10:f3:99:ce: > 2c:2e:71:cb:9d:e5:fa:24:ba:bf:58:e5:b7:95:21: > 92:5c:9c:c4:2e:9f:6f:46:4b:08:8c:c5:72:af:53: > e6:d7:88:02 > ./dsatest -app2_1 > test generation of DSA parameters > .++++++++++++++++++++++++++++++++++++++++++++++++++* > ...+........+..+...+............+.+..+...................................... > ....................................++++++++++++++++++++++++++++++++++++++++ > +++++++++++* > seed > D5014E4B 60EF2BA8 B6211B40 62BA3224 E0427DD3 > counter=105 h=2 > P: > 00:8d:f2:a4:94:49:22:76:aa:3d:25:75:9b:b0:68: > 69:cb:ea:c0:d8:3a:fb:8d:0c:f7:cb:b8:32:4f:0d: > 78:82:e5:d0:76:2f:c5:b7:21:0e:af:c2:e9:ad:ac: > 32:ab:7a:ac:49:69:3d:fb:f8:37:24:c2:ec:07:36: > ee:31:c8:02:91 > Q: > 00:c7:73:21:8c:73:7e:c8:ee:99:3b:4f:2d:ed:30: > f4:8e:da:ce:91:5f > G: > 62:6d:02:78:39:ea:0a:13:41:31:63:a5:5b:4c:b5: > 00:29:9d:55:22:95:6c:ef:cb:3b:ff:10:f3:99:ce: > 2c:2e:71:cb:9d:e5:fa:24:ba:bf:58:e5:b7:95:21: > 92:5c:9c:c4:2e:9f:6f:46:4b:08:8c:c5:72:af:53: > e6:d7:88:02 > Generate and certify a test certificate > > make a certificate request using 'req' > rsa > Using configuration from CAss.cnf > Generating a 512 bit RSA private key > .........++++++++++++ > ..++++++++++++ > writing new private key to 'keyCA.ss' > ----- > You are about to be asked to enter information that will be incorporated > into your certificate request. > What you are about to enter is what is called a Distinguished Name or a DN. > There are quite a few fields but you can leave some blank > For some fields there will be a default value, > If you enter '.', the field will be left blank. > ----- > Country Name (2 letter code) [AU]:AU > Organization Name (eg, company) []:Dodgy Brothers > Common Name (eg, YOUR name) []:Dodgy CA > > convert the certificate request into a self signed certificate using 'x509' > Signature ok > subject=/C=AU/O=Dodgy Brothers/CN=Dodgy CA > Getting Private key > > convert a certificate into a certificate request using 'x509' > Getting request Private Key > Generating certificate request > Using configuration from ../apps/openssl.cnf > verify OK > Using configuration from ../apps/openssl.cnf > verify OK > certCA.ss: OK > > make another certificate request using 'req' > Using configuration from Uss.cnf > Generating a 512 bit RSA private key > ......++++++++++++ > ...++++++++++++ > writing new private key to 'keyU.ss' > ----- > You are about to be asked to enter information that will be incorporated > into your certificate request. > What you are about to enter is what is called a Distinguished Name or a DN. > There are quite a few fields but you can leave some blank > For some fields there will be a default value, > If you enter '.', the field will be left blank. > ----- > Country Name (2 letter code) [AU]:AU > Organization Name (eg, company) []:Dodgy Brothers > Common Name (eg, YOUR name) []:Brother 1 > Common Name (eg, YOUR name) []:Brother 2 > > sign certificate request with the just created CA via 'x509' > Signature ok > subject=/C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > Getting CA Private Key > certU.ss: OK > > Certificate details > subject= /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > issuer= /C=AU/O=Dodgy Brothers/CN=Dodgy CA > notBefore=Apr 16 15:31:56 2002 GMT > notAfter=May 16 15:31:56 2002 GMT > > The generated CA certificate is certCA.ss > The generated CA private key is keyCA.ss > The generated user certificate is certU.ss > The generated user private key is keyU.ss > rsa > Generate and certify a test certificate via the 'ca' program > CA certificate filename (or enter to create) > Making CA certificate ... > Request (and private key) is in newreq.pem > cat: newcert.pem: No such file or directory. > Signed certificate is in newcert.pem > test SSL protocol > test sslv2 > SSLv2, cipher SSLv2 DES-CBC3-MD5, 512 bit RSA > test sslv2 with server authentication > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv2, cipher SSLv2 DES-CBC3-MD5, 512 bit RSA > test sslv2 with client authentication > client authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv2, cipher SSLv2 DES-CBC3-MD5, 512 bit RSA > test sslv2 with both client and server authentication > client authentication > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv2, cipher SSLv2 DES-CBC3-MD5, 512 bit RSA > test sslv3 > SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv3 with server authentication > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv3 with client authentication > client authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv3 with both client and server authentication > client authentication > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv2/sslv3 > TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv2/sslv3 with server authentication > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv2/sslv3 with client authentication > client authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv2/sslv3 with both client and server authentication > client authentication > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv2 via BIO pair > SSLv2, cipher SSLv2 DES-CBC3-MD5, 512 bit RSA > test sslv2 with server authentication via BIO pair > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv2, cipher SSLv2 DES-CBC3-MD5, 512 bit RSA > test sslv2 with client authentication via BIO pair > client authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv2, cipher SSLv2 DES-CBC3-MD5, 512 bit RSA > test sslv2 with both client and server authentication via BIO pair > client authentication > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv2, cipher SSLv2 DES-CBC3-MD5, 512 bit RSA > test sslv3 via BIO pair > SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv3 with server authentication via BIO pair > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv3 with client authentication via BIO pair > client authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv3 with both client and server authentication via BIO pair > client authentication > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv2/sslv3 via BIO pair > TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv2/sslv3 w/o DHE via BIO pair > TLSv1, cipher TLSv1/SSLv3 DES-CBC3-SHA, 512 bit RSA > test sslv2/sslv3 with 1024bit DHE via BIO pair > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit > RSA > test sslv2/sslv3 with server authentication > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv2/sslv3 with client authentication via BIO pair > client authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test sslv2/sslv3 with both client and server authentication via BIO pair > client authentication > server authentication > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA > depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 > TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA > test tls1 with 1024bit anonymous DH, multiple handshakes > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-DES-CBC3-SHA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-DES-CBC3-SHA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-DES-CBC3-SHA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-DES-CBC3-SHA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-DES-CBC3-SHA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-DES-CBC3-SHA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-DES-CBC3-SHA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-DES-CBC3-SHA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-DES-CBC3-SHA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-DES-CBC3-SHA > 10 handshakes of 1 bytes done > Approximate total server time: 0.38 s > Approximate total client time: 2.13 s > rsa > test tls1 with 1024bit RSA, no DHE, multiple handshakes > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA > 10 handshakes of 1 bytes done > Approximate total server time: 0.34 s > Approximate total client time: 0.40 s > test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit > RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit > RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit > RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit > RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit > RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit > RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit > RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit > RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit > RSA > DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit > RSA > 10 handshakes of 1 bytes done > Approximate total server time: 0.70 s > Approximate total client time: 2.13 s > gmake[1]: Leaving directory > `/%es#m30_user/Stratus/Mani_Sundaram/openssl_diffs/openssl_tests/src/openssl > -0.9.6/test' > OpenSSL 0.9.6 24 Sep 2000 > built on: Wed Sep 5 15:39:07 edt 2001 > platform: vos-gcc > options: bn(64,32) md2(int) rc4(ptr,int) des(idx,cisc,4,long) blowfish(idx) > > compiler: gcc -DNO_ASM -DNO_IDEA -DNO_RC5 -O3 -Wall -Wuninitialized > -D_POSIX_SOURCE > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]