diff options
61 files changed, 266 insertions, 52 deletions
diff --git a/apps/apps.c b/apps/apps.c index 248c65adb3..613c3ba495 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -125,7 +125,9 @@ #ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> #endif +#ifndef OPENSSL_NO_RSA #include <openssl/rsa.h> +#endif #include <openssl/bn.h> #define NON_MAIN @@ -57,6 +57,7 @@ * [including the GNU Public Licence.] */ +#include <openssl/opensslconf.h> /* for OPENSSL_NO_DH */ #ifndef OPENSSL_NO_DH #include <stdio.h> #include <stdlib.h> diff --git a/apps/dhparam.c b/apps/dhparam.c index e3cabcfcdc..04bd57c6e8 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -109,6 +109,7 @@ * */ +#include <openssl/opensslconf.h> /* for OPENSSL_NO_DH */ #ifndef OPENSSL_NO_DH #include <stdio.h> #include <stdlib.h> diff --git a/apps/dsa.c b/apps/dsa.c index b6f0ed3d02..a5ec5d7e6c 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */ #ifndef OPENSSL_NO_DSA #include <stdio.h> #include <stdlib.h> diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 14e79f9a21..c301e81af1 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */ /* Until the key-gen callbacks are modified to use newer prototypes, we allow * deprecated functions for openssl-internal code */ #ifdef OPENSSL_NO_DEPRECATED diff --git a/apps/gendh.c b/apps/gendh.c index 69baa50b01..47497864b0 100644 --- a/apps/gendh.c +++ b/apps/gendh.c @@ -57,6 +57,7 @@ * [including the GNU Public Licence.] */ +#include <openssl/opensslconf.h> /* Until the key-gen callbacks are modified to use newer prototypes, we allow * deprecated functions for openssl-internal code */ #ifdef OPENSSL_NO_DEPRECATED diff --git a/apps/gendsa.c b/apps/gendsa.c index 6d2ed06c81..828e27f1c0 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */ #ifndef OPENSSL_NO_DSA #include <stdio.h> #include <string.h> diff --git a/apps/genrsa.c b/apps/genrsa.c index f0bb30c56b..4f62cfd04f 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include <openssl/opensslconf.h> /* Until the key-gen callbacks are modified to use newer prototypes, we allow * deprecated functions for openssl-internal code */ #ifdef OPENSSL_NO_DEPRECATED diff --git a/apps/prime.c b/apps/prime.c index 36bbe0841c..af2fed15af 100644 --- a/apps/prime.c +++ b/apps/prime.c @@ -115,7 +115,7 @@ int MAIN(int argc, char **argv) BN_print(bio_out,bn); BIO_printf(bio_out," is %sprime\n", - BN_is_prime(bn,checks,NULL,NULL,NULL) ? "" : "not "); + BN_is_prime_ex(bn,checks,NULL,NULL) ? "" : "not "); BN_free(bn); BIO_free_all(bio_out); diff --git a/apps/req.c b/apps/req.c index 511be7de74..f58e65ec85 100644 --- a/apps/req.c +++ b/apps/req.c @@ -79,6 +79,13 @@ #include <openssl/x509v3.h> #include <openssl/objects.h> #include <openssl/pem.h> +#include <openssl/bn.h> +#ifndef OPENSSL_NO_RSA +#include <openssl/rsa.h> +#endif +#ifndef OPENSSL_NO_DSA +#include <openssl/dsa.h> +#endif #define SECTION "req" @@ -724,7 +731,9 @@ bad: if (newreq && (pkey == NULL)) { +#ifndef OPENSSL_NO_RSA BN_GENCB cb; +#endif char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE"); if (randfile == NULL) ERR_clear_error(); diff --git a/apps/rsa.c b/apps/rsa.c index ee65720530..d5cb7b7212 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include <openssl/opensslconf.h> #ifndef OPENSSL_NO_RSA #include <stdio.h> #include <stdlib.h> diff --git a/apps/rsautl.c b/apps/rsautl.c index a629ff50ac..463890950e 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -56,6 +56,7 @@ * */ +#include <openssl/opensslconf.h> #ifndef OPENSSL_NO_RSA #include "apps.h" diff --git a/apps/s_server.c b/apps/s_server.c index afc27e15c9..f83dd82343 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -153,6 +153,12 @@ typedef unsigned int u_int; #include <openssl/x509.h> #include <openssl/ssl.h> #include <openssl/rand.h> +#ifndef OPENSSL_NO_DH +#include <openssl/dh.h> +#endif +#ifndef OPENSSL_NO_RSA +#include <openssl/rsa.h> +#endif #include "s_apps.h" #include "timeouts.h" @@ -530,7 +536,9 @@ int MAIN(int argc, char *argv[]) char *CApath=NULL,*CAfile=NULL; unsigned char *context = NULL; char *dhfile = NULL; +#ifndef OPENSSL_NO_ECDH char *named_curve = NULL; +#endif int badop=0,bugs=0; int ret=1; int off=0; diff --git a/apps/speed.c b/apps/speed.c index 8f2aac5ccb..474f20c5a4 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -286,9 +286,17 @@ static double results[ALGOR_NUM][SIZE_NUM]; static int lengths[SIZE_NUM]={16,64,256,1024,8*1024}; static double rsa_results[RSA_NUM][2]; static double dsa_results[DSA_NUM][2]; +#ifndef OPENSSL_NO_ECDSA static double ecdsa_results[EC_NUM][2]; +#endif +#ifndef OPENSSL_NO_ECDH static double ecdh_results[EC_NUM][1]; +#endif +#if defined(OPENSSL_NO_DSA) && !(defined(OPENSSL_NO_ECDSA) && defined(OPENSSL_NO_ECDH)) +static const char rnd_seed[] = "string to make the random number generator think it has entropy"; +static int rnd_fake = 0; +#endif #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) || defined(_AIX) @@ -448,6 +456,7 @@ static double Time_F(int s) #endif /* if defined(OPENSSL_SYS_NETWARE) */ +#ifndef OPENSSL_NO_ECDH static const int KDF1_SHA1_len = 20; static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { @@ -459,8 +468,9 @@ static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) return SHA1(in, inlen, out); #else return NULL; -#endif +#endif /* OPENSSL_NO_SHA */ } +#endif /* OPENSSL_NO_ECDH */ int MAIN(int, char **); @@ -695,8 +705,12 @@ int MAIN(int argc, char **argv) int rsa_doit[RSA_NUM]; int dsa_doit[DSA_NUM]; +#ifndef OPENSSL_NO_ECDSA int ecdsa_doit[EC_NUM]; +#endif +#ifndef OPENSSL_NO_ECDH int ecdh_doit[EC_NUM]; +#endif int doit[ALGOR_NUM]; int pr_header=0; const EVP_CIPHER *evp_cipher=NULL; diff --git a/apps/x509.c b/apps/x509.c index 393d0d1f47..5f61eb5c46 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -73,8 +73,12 @@ #include <openssl/x509v3.h> #include <openssl/objects.h> #include <openssl/pem.h> +#ifndef OPENSSL_NO_RSA #include <openssl/rsa.h> +#endif +#ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> +#endif #undef PROG #define PROG x509_main diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index 7dd4ae3787..939979f77d 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -81,8 +81,10 @@ static int print(BIO *fp,const char *str, const BIGNUM *num, unsigned char *buf,int off); +#ifndef OPENSSL_NO_EC static int print_bin(BIO *fp, const char *str, const unsigned char *num, size_t len, int off); +#endif #ifndef OPENSSL_NO_RSA #ifndef OPENSSL_NO_FP_API int RSA_print_fp(FILE *fp, const RSA *x, int off) @@ -601,6 +603,7 @@ static int print(BIO *bp, const char *number, const BIGNUM *num, unsigned char * return(1); } +#ifndef OPENSSL_NO_EC static int print_bin(BIO *fp, const char *name, const unsigned char *buf, size_t len, int off) { @@ -638,6 +641,7 @@ static int print_bin(BIO *fp, const char *name, const unsigned char *buf, return 1; } +#endif #ifndef OPENSSL_NO_DH #ifndef OPENSSL_NO_FP_API diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c index 204ca105e3..c779a9bb18 100644 --- a/crypto/asn1/t_req.c +++ b/crypto/asn1/t_req.c @@ -63,8 +63,12 @@ #include <openssl/objects.h> #include <openssl/x509.h> #include <openssl/x509v3.h> +#ifndef OPENSSL_NO_RSA #include <openssl/rsa.h> +#endif +#ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> +#endif #ifndef OPENSSL_NO_FP_API int X509_REQ_print_fp(FILE *fp, X509_REQ *x) diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c index 23ab3b94e0..c2a5797dd8 100644 --- a/crypto/asn1/t_spki.c +++ b/crypto/asn1/t_spki.c @@ -60,8 +60,12 @@ #include "cryptlib.h" #include <openssl/x509.h> #include <openssl/asn1.h> +#ifndef OPENSSL_NO_RSA #include <openssl/rsa.h> +#endif +#ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> +#endif #include <openssl/bn.h> /* Print out an SPKI */ diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index 50faa4af20..91c2756116 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -60,8 +60,12 @@ #include "cryptlib.h" #include <openssl/asn1t.h> #include <openssl/x509.h> +#ifndef OPENSSL_NO_RSA #include <openssl/rsa.h> +#endif +#ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> +#endif /* Minor tweak to operation: free up EVP_PKEY */ static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index 3a78082c01..b9825791ba 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -66,7 +66,9 @@ #ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> #endif +#ifndef OPENSSL_NO_DH #include <openssl/dh.h> +#endif const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c index 66ff417398..912317bb44 100644 --- a/crypto/dsa/dsatest.c +++ b/crypto/dsa/dsatest.c @@ -74,6 +74,7 @@ #include <openssl/rand.h> #include <openssl/bio.h> #include <openssl/err.h> +#include <openssl/bn.h> #ifdef OPENSSL_NO_DSA int main(int argc, char *argv[]) diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c index c0414b92d3..01baa5f494 100644 --- a/crypto/ecdh/ecdhtest.c +++ b/crypto/ecdh/ecdhtest.c @@ -73,10 +73,10 @@ #include "../e_os.h" +#include <openssl/opensslconf.h> /* for OPENSSL_NO_ECDH */ #include <openssl/crypto.h> #include <openssl/bio.h> #include <openssl/bn.h> -#include <openssl/ec.h> #include <openssl/objects.h> #include <openssl/rand.h> #include <openssl/sha.h> @@ -89,6 +89,7 @@ int main(int argc, char *argv[]) return(0); } #else +#include <openssl/ec.h> #include <openssl/ecdh.h> #ifdef OPENSSL_SYS_WIN16 diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c index a481575417..f7fba3b42d 100644 --- a/crypto/ecdsa/ecdsatest.c +++ b/crypto/ecdsa/ecdsatest.c @@ -69,12 +69,6 @@ * */ -/* Until the key-gen callbacks are modified to use newer prototypes, we allow - * deprecated functions for openssl-internal code */ -#ifdef OPENSSL_NO_DEPRECATED -#undef OPENSSL_NO_DEPRECATED -#endif - #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -92,6 +86,7 @@ int main(int argc, char * argv[]) #include <openssl/crypto.h> #include <openssl/bio.h> #include <openssl/evp.h> +#include <openssl/bn.h> #include <openssl/ecdsa.h> #ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> diff --git a/crypto/engine/Makefile b/crypto/engine/Makefile index 7684406eb8..13f211a0ae 100644 --- a/crypto/engine/Makefile +++ b/crypto/engine/Makefile @@ -185,7 +185,8 @@ eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c eng_padlock.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h eng_padlock.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h eng_padlock.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/evp.h +eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/err.h +eng_padlock.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h eng_padlock.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h eng_padlock.o: ../../include/openssl/opensslconf.h eng_padlock.o: ../../include/openssl/opensslv.h diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c index dd16d3bc6a..5341daaf4e 100644 --- a/crypto/engine/eng_openssl.c +++ b/crypto/engine/eng_openssl.c @@ -70,9 +70,15 @@ #include <openssl/pem.h> #include <openssl/evp.h> #include <openssl/rand.h> +#ifndef OPENSSL_NO_RSA #include <openssl/rsa.h> +#endif +#ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> +#endif +#ifndef OPENSSL_NO_DH #include <openssl/dh.h> +#endif /* This testing gunk is implemented (and explained) lower down. It also assumes * the application explicitly calls "ENGINE_load_openssl()" because this is no diff --git a/crypto/engine/eng_padlock.c b/crypto/engine/eng_padlock.c index cc9f9dc41e..4e1eae3172 100644 --- a/crypto/engine/eng_padlock.c +++ b/crypto/engine/eng_padlock.c @@ -75,6 +75,7 @@ #include <openssl/aes.h> #endif #include <openssl/rand.h> +#include <openssl/err.h> #ifndef OPENSSL_NO_HW #ifndef OPENSSL_NO_HW_PADLOCK diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h index 4ce8f4ce7b..c94fb28659 100644 --- a/crypto/engine/engine.h +++ b/crypto/engine/engine.h @@ -100,23 +100,6 @@ extern "C" { #endif -/* Fixups for missing algorithms */ -#ifdef OPENSSL_NO_RSA -typedef void RSA_METHOD; -#endif -#ifdef OPENSSL_NO_DSA -typedef void DSA_METHOD; -#endif -#ifdef OPENSSL_NO_DH -typedef void DH_METHOD; -#endif -#ifdef OPENSSL_NO_ECDH -typedef void ECDH_METHOD; -#endif -#ifdef OPENSSL_NO_ECDSA -typedef void ECDSA_METHOD; -#endif - /* These flags are used to control combinations of algorithm (methods) * by bitwise "OR"ing. */ #define ENGINE_METHOD_RSA (unsigned int)0x0001 diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index b71555e712..0147f3e02a 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -61,8 +61,12 @@ #include "cryptlib.h" #include <openssl/x509.h> #include <openssl/rand.h> +#ifndef OPENSSL_NO_RSA #include <openssl/rsa.h> +#endif +#ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> +#endif #include <openssl/bn.h> #ifndef OPENSSL_NO_DSA diff --git a/crypto/evp/m_dss.c b/crypto/evp/m_dss.c index 020f19c44b..a948c77fa4 100644 --- a/crypto/evp/m_dss.c +++ b/crypto/evp/m_dss.c @@ -61,9 +61,12 @@ #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/x509.h> +#ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> +#endif #ifndef OPENSSL_NO_SHA + static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c index a20056f04b..c12e13972b 100644 --- a/crypto/evp/m_dss1.c +++ b/crypto/evp/m_dss1.c @@ -64,7 +64,9 @@ #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/x509.h> +#ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> +#endif static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } diff --git a/crypto/evp/m_md2.c b/crypto/evp/m_md2.c index 1eae4ed38c..5ce849f161 100644 --- a/crypto/evp/m_md2.c +++ b/crypto/evp/m_md2.c @@ -65,7 +65,9 @@ #include <openssl/objects.h> #include <openssl/x509.h> #include <openssl/md2.h> +#ifndef OPENSSL_NO_RSA #include <openssl/rsa.h> +#endif static int init(EVP_MD_CTX *ctx) { return MD2_Init(ctx->md_data); } diff --git a/crypto/evp/m_md4.c b/crypto/evp/m_md4.c index 0fb84b6d1e..1e0b7c5b42 100644 --- a/crypto/evp/m_md4.c +++ b/crypto/evp/m_md4.c @@ -65,7 +65,9 @@ #include <openssl/objects.h> #include <openssl/x509.h> #include <openssl/md4.h> +#ifndef OPENSSL_NO_RSA #include <openssl/rsa.h> +#endif static int init(EVP_MD_CTX *ctx) { return MD4_Init(ctx->md_data); } diff --git a/crypto/evp |