ssltest.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
on Linux and GNU platforms. */
#include <assert.h>
#include <errno.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#define USE_SOCKETS
#include "e_os.h"
#ifndef OPENSSL_NO_ENGINE
#endif
on Compaq platforms (at least with DEC C).
Do not try to put it earlier, or IPv6 includes
get screwed...
*/
#ifdef OPENSSL_SYS_WINDOWS
#include <winsock.h>
#else
#include OPENSSL_UNISTD
#endif
#ifdef OPENSSL_SYS_VMS
# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
#elif defined(OPENSSL_SYS_WINCE)
# define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
#else
# define TEST_SERVER_CERT "../apps/server.pem"
# define TEST_CLIENT_CERT "../apps/client.pem"
#endif
/* There is really no standard for this, so let's assign some tentative
numbers. In any case, these numbers are only for this test */
#define COMP_RLE 1
#define COMP_ZLIB 2
#ifndef OPENSSL_NO_RSA
static void free_tmp_rsa(void);
#endif
#define APP_CALLBACK "Test Callback Argument"
static char *app_verify_arg = APP_CALLBACK;
#ifndef OPENSSL_NO_DH
static DH *get_dh1024(void);
static DH *get_dh1024dsa(void);
#endif
static int verbose=0;
static int debug=0;
#if 0
/* Not used yet. */
#ifdef FIONBIO
static int s_nbio=0;
#endif
#endif
static const char rnd_seed[] = "string to make the random number generator think it has entropy";
static void sv_usage(void)
{
#ifndef OPENSSL_NO_DH
#endif
#ifndef OPENSSL_NO_SSL2
#endif
#ifndef OPENSSL_NO_SSL3
#endif
#ifndef OPENSSL_NO_TLS1
#endif
}
{
{
{
if (0)
;
#ifndef OPENSSL_NO_RSA
{
}
#endif
#ifndef OPENSSL_NO_DSA
{
}
#endif
}
}
* otherwise we should print their lengths too */
}
{
int rw;
{
errstr = "invalid mode";
goto err;
}
{
errstr = "type out of bounds";
goto err;
}
if (mode & CRYPTO_LOCK)
{
{
errstr = "already locked";
/* must not happen in a single-threaded program
* (would deadlock) */
goto err;
}
}
else if (mode & CRYPTO_UNLOCK)
{
{
errstr = "not locked";
goto err;
}
{
"CRYPTO_r_unlock on write lock" :
"CRYPTO_w_unlock on read lock";
}
}
else
{
errstr = "invalid mode";
goto err;
}
err:
if (errstr)
{
/* we cannot use bio_err here */
}
}
{
int badop=0;
int bio_pair=0;
int force=0;
int client_auth=0;
int server_auth=0,i;
int app_verify=0;
char *server_cert=TEST_SERVER_CERT;
char *server_key=NULL;
char *client_cert=TEST_CLIENT_CERT;
char *client_key=NULL;
long bytes=1L;
#ifndef OPENSSL_NO_DH
int dhe1024 = 0, dhe1024dsa = 0;
#endif
int no_dhe = 0;
int print_time = 0;
int comp = 0;
verbose = 0;
debug = 0;
cipher = 0;
/* enable memory leak checking unless explicitly disabled */
if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
{
}
else
{
/* OPENSSL_DEBUG_MEMORY=off */
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
}
argc--;
argv++;
while (argc >= 1)
{
server_auth=1;
client_auth=1;
verbose=1;
debug=1;
reuse=1;
{
#ifndef OPENSSL_NO_DH
dhe1024=1;
#else
#endif
}
{
#ifndef OPENSSL_NO_DH
dhe1024dsa=1;
#else
#endif
}
no_dhe=1;
ssl2=1;
tls1=1;
ssl3=1;
{
}
{
}
{
server_cert= *(++argv);
}
{
server_cert= *(++argv);
}
{
server_key= *(++argv);
}
{
server_key= *(++argv);
}
{
client_cert= *(++argv);
}
{
client_key= *(++argv);
}
{
}
{
}
{
}
{
bio_pair = 1;
}
{
force = 1;
}
{
print_time = 1;
}
{
}
{
}
{
app_verify = 1;
}
else
{
badop=1;
break;
}
argc--;
argv++;
}
if (badop)
{
bad:
sv_usage();
goto end;
}
{
"the test anyway (and\n-d to see what happens), "
"or add one of -ssl2, -ssl3, -tls1, -reuse\n"
"to avoid protocol mismatch.\n");
EXIT(1);
}
if (print_time)
{
if (!bio_pair)
{
bio_pair = 1;
}
}
/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
{
{
{
"Failed to add compression method\n");
}
}
else
{
"Warning: %s compression not supported\n",
"unknown")));
}
}
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
if (ssl2)
meth=SSLv2_method();
else
if (tls1)
meth=TLSv1_method();
else
if (ssl3)
meth=SSLv3_method();
else
#else
#ifdef OPENSSL_NO_SSL2
meth=SSLv3_method();
#else
meth=SSLv2_method();
#endif
#endif
{
goto end;
}
{
}
#ifndef OPENSSL_NO_DH
if (!no_dhe)
{
if (dhe1024dsa)
{
/* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
dh=get_dh1024dsa();
}
else if (dhe1024)
dh=get_dh1024();
else
}
#else
(void)no_dhe;
#endif
#ifndef OPENSSL_NO_RSA
#endif
{
}
else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
{
goto end;
}
if (client_auth)
{
}
{
/* fprintf(stderr,"SSL_load_verify_locations\n"); */
/* goto end; */
}
if (client_auth)
{
if (app_verify)
{
}
}
if (server_auth)
{
if (app_verify)
{
}
}
{
int session_id_context = 0;
}
#ifndef OPENSSL_NO_KRB5
{
{
{
goto end;
}
}
}
#endif /* OPENSSL_NO_KRB5 */
for (i=0; i<number; i++)
{
if (bio_pair)
else
}
if (!verbose)
{
}
if (print_time)
{
#ifdef CLOCKS_PER_SEC
/* "To determine the time in seconds, the value returned
* by the clock function should be divided by the value
* of the macro CLOCKS_PER_SEC."
"Approximate total client time: %6.2f s\n",
(double)s_time/CLOCKS_PER_SEC,
(double)c_time/CLOCKS_PER_SEC);
#else
/* "`CLOCKS_PER_SEC' undeclared (first use this function)"
"Approximate total server time: %6.2f units\n"
"Approximate total client time: %6.2f units\n",
(double)s_time,
(double)c_time);
#endif
}
end:
#ifndef OPENSSL_NO_RSA
free_tmp_rsa();
#endif
#ifndef OPENSSL_NO_ENGINE
#endif
ERR_remove_state(0);
EVP_cleanup();
}
{
int ret = 1;
goto err;
goto err;
if (!s_ssl_bio)
goto err;
if (!c_ssl_bio)
goto err;
do
{
/* c_ssl_bio: SSL filter BIO
*
* client: pseudo-I/O for SSL library
*
* client_io: client's SSL communication; usually to be
* relayed over some I/O facility, but in this
* test program, we're the server, too:
*
* server_io: server's SSL communication
*
* server: pseudo-I/O for SSL library
*
* s_ssl_bio: SSL filter BIO
*
* The client and the server each employ a "BIO pair":
* client + client_io, server + server_io.
* BIO pairs are symmetric. A BIO pair behaves similar
* to a non-blocking socketpair (but both endpoints must
* be handled by the same thread).
* [Here we could connect client and server to the ends
* of a single BIO pair, but then this code would be less
* suitable as an example for BIO pairs in general.]
*
* Useful functions for querying the state of BIO pair endpoints:
*
* BIO_ctrl_pending(bio) number of bytes we can read now
* BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
* other side's read attempt
* BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
*
* ..._read_request is never more than ..._write_guarantee;
* it depends on the application which one you should use.
*/
/* We have non-blocking behaviour throughout this test program, but
* can be sure that there is *some* progress in each iteration; so
* we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
* -- we just try everything in each iteration
*/
{
/* CLIENT */
int i, r;
if (debug)
if (SSL_in_init(c_ssl))
printf("client waiting in SSL_connect - %s\n",
if (cw_num > 0)
{
/* Write to server. */
i = sizeof cbuf;
else
i = (int)cw_num;
if (r < 0)
{
if (!BIO_should_retry(c_ssl_bio))
{
goto err;
}
/* BIO_should_retry(...) can just be ignored here.
* The library expects us to call BIO_write with
* the same arguments again, and that's what we will
* do in the next iteration. */
}
else if (r == 0)
{
goto err;
}
else
{
if (debug)
printf("client wrote %d\n", r);
cw_num -= r;
}
}
if (cr_num > 0)
{
/* Read from server. */
if (r < 0)
{
if (!BIO_should_retry(c_ssl_bio))
{
goto err;
}
/* Again, "BIO_should_retry" can be ignored. */
}
else if (r == 0)
{
goto err;
}
else
{
if (debug)
printf("client read %d\n", r);
cr_num -= r;
}
}
/* c_time and s_time increments will typically be very small
* (depending on machine speed and clock tick intervals),
* but sampling over a large number of connections should
* result in fairly accurate figures. We cannot guarantee
* a lot, however -- if each connection lasts for exactly
* one clock tick, it will be counted only for the client
* or only for the server or even not at all.
*/
}
{
/* SERVER */
int i, r;
if (debug)
if (SSL_in_init(s_ssl))
printf("server waiting in SSL_accept - %s\n",
if (sw_num > 0)
{
/* Write to client. */
i = sizeof sbuf;
else
i = (int)sw_num;
if (r < 0)
{
if (!BIO_should_retry(s_ssl_bio))
{
goto err;
}
/* Ignore "BIO_should_retry". */
}
else if (r == 0)
{
goto err;
}
else
{
if (debug)
printf("server wrote %d\n", r);
sw_num -= r;
}
}
if (sr_num > 0)
{
/* Read from client. */
if (r < 0)
{
if (!BIO_should_retry(s_ssl_bio))
{
goto err;
}
/* blah, blah */
}
else if (r == 0)
{
goto err;
}
else
{
if (debug)
printf("server read %d\n", r);
sr_num -= r;
}
}
}
{
/* "I/O" BETWEEN CLIENT AND SERVER. */
/* we use the non-copying interface for io1
*/
static int prev_progress = 1;
int progress = 0;
/* io1 to io2 */
do
{
int r;
if (num)
{
char *dataptr;
assert(r > 0);
/* possibly r < num (non-contiguous data) */
num = r;
if (r != (int)num) /* can't happen */
{
"BIO_ctrl_get_write_guarantee() bytes");
goto err;
}
progress = 1;
if (debug)
"C->S relaying: %d bytes\n" :
"S->C relaying: %d bytes\n",
(int)num);
}
}
/* io2 to io1 */
{
int r;
/* here we could use ..._get_write_guarantee instead of
* ..._get_read_request, but by using the latter
* we test restartability of the SSL implementation
* more thoroughly */
if (num)
{
char *dataptr;
if (num > 1)
--num; /* test restartability even more thoroughly */
assert(r > 0);
if (r < (int)num)
num = r;
if (r != (int)num) /* can't happen */
{
"BIO_ctrl_pending() bytes");
goto err;
}
progress = 1;
if (r != (int)num) /* can't happen */
{
"BIO_nwrite0() bytes");
goto err;
}
if (debug)
"C->S relaying: %d bytes\n" :
"S->C relaying: %d bytes\n",
(int)num);
}
} /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
if (!progress && !prev_progress)
{
{
"CLIENT-FINISHED and SERVER-VERIFY are written \n"
"concurrently ...");
{
goto end;
}
}
goto err;
}
}
}
if (verbose)
end:
ret = 0;
err:
if (server)
if (server_io)
if (client)
if (client_io)
if (s_ssl_bio)
if (c_ssl_bio)
return ret;
}
#define W_READ 1
#define W_WRITE 2
#define C_DONE 1
#define S_DONE 2
{
int ret=1;
int i,j;
int done=0;
{
goto err;
}
{
goto err;
}
s_want=0;
/* We can always do writes */
for (;;)
{
do_server=0;
do_client=0;
i=(int)BIO_pending(s_bio);
i=(int)BIO_pending(c_bio);
{
if (SSL_in_init(s_ssl))
printf("server waiting in SSL_accept - %s\n",
/* else if (s_write)
printf("server:SSL_write()\n");
else
printf("server:SSL_read()\n"); */
}
{
if (SSL_in_init(c_ssl))
printf("client waiting in SSL_connect - %s\n",
/* else if (c_write)
printf("client:SSL_write()\n");
else
printf("client:SSL_read()\n"); */
}
{
break;
}
{
if (c_write)
{
if (i < 0)
{
c_r=0;
c_w=0;
if (BIO_should_retry(c_bio))
{
if (BIO_should_read(c_bio))
c_r=1;
if (BIO_should_write(c_bio))
c_w=1;
}
else
{
goto err;
}
}
else if (i == 0)
{
goto err;
}
else
{
if (debug)
printf("client wrote %d\n",i);
/* ok */
s_r=1;
c_write=0;
cw_num-=i;
}
}
else
{
if (i < 0)
{
c_r=0;
c_w=0;
if (BIO_should_retry(c_bio))
{
if (BIO_should_read(c_bio))
c_r=1;
if (BIO_should_write(c_bio))
c_w=1;
}
else
{
goto err;
}
}
else if (i == 0)
{
goto err;
}
else
{
if (debug)
printf("client read %d\n",i);
cr_num-=i;
if (sw_num > 0)
{
s_write=1;
s_w=1;
}
if (cr_num <= 0)
{
s_write=1;
s_w=1;
}
}
}
}
{
if (!s_write)
{
if (i < 0)
{
s_r=0;
s_w=0;
if (BIO_should_retry(s_bio))
{
if (BIO_should_read(s_bio))
s_r=1;
if (BIO_should_write(s_bio))
s_w=1;
}
else
{
goto err;
}
}
else if (i == 0)
{
goto err;
}
else
{
if (debug)
printf("server read %d\n",i);
sr_num-=i;
if (cw_num > 0)
{
c_write=1;
c_w=1;
}
if (sr_num <= 0)
{
s_write=1;
s_w=1;
c_write=0;
}
}
}
else
{
if (i < 0)
{
s_r=0;
s_w=0;
if (BIO_should_retry(s_bio))
{
if (BIO_should_read(s_bio))
s_r=1;
if (BIO_should_write(s_bio))
s_w=1;
}
else
{
goto err;
}
}
else if (i == 0)
{
goto err;
}
else
{
if (debug)
printf("server wrote %d\n",i);
sw_num-=i;
s_write=0;
c_r=1;
if (sw_num <= 0)
}
}
}
}
if (verbose)
ret=0;
err:
/* We have to set the BIO's to NULL otherwise they will be
* OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and
* again when c_ssl is SSL_free()ed.
* This is a hack required because s_ssl and c_ssl are sharing the same
* BIO structure and SSL_set_bio() and SSL_free() automatically
* BIO_free non NULL entries.
* You should not normally do this or be required to do this */
{
}
{
}
return(ret);
}
{
char *s,buf[256];
sizeof buf);
if (s != NULL)
{
if (ok)
else
}
if (ok == 0)
{
{
ok=1;
}
}
return(ok);
}
{
int ok=1;
if (s != NULL)
{
}
return(ok);
}
#ifndef OPENSSL_NO_RSA
{
{
}
return(rsa_tmp);
}
static void free_tmp_rsa(void)
{
{
}
}
#endif
#ifndef OPENSSL_NO_DH
/* These DH parameters have been generated as follows:
* $ openssl dhparam -C -noout 512
* $ openssl dhparam -C -noout 1024
* $ openssl dhparam -C -noout -dsaparam 1024
* (The third function has been renamed to avoid name conflicts.)
*/
{
static unsigned char dh512_p[]={
0xCB,0xC8,0xE1,0x86,0xD0,0x1F,0x94,0x17,0xA6,0x99,0xF0,0xC6,
0x1F,0x0D,0xAC,0xB6,0x25,0x3E,0x06,0x39,0xCA,0x72,0x04,0xB0,
0x6E,0xDA,0xC0,0x61,0xE6,0x7A,0x77,0x25,0xE8,0x3B,0xB9,0x5F,
0x9A,0xB6,0xB5,0xFE,0x99,0x0B,0xA1,0x93,0x4E,0x35,0x33,0xB8,
0xE1,0xF1,0x13,0x4F,0x59,0x1A,0xD2,0x57,0xC0,0x26,0x21,0x33,
0x02,0xC5,0xAE,0x23,
};
static unsigned char dh512_g[]={
0x02,
};
return(dh);
}
static DH *get_dh1024()
{
static unsigned char dh1024_p[]={
0xF8,0x81,0x89,0x7D,0x14,0x24,0xC5,0xD1,0xE6,0xF7,0xBF,0x3A,
0xE4,0x90,0xF4,0xFC,0x73,0xFB,0x34,0xB5,0xFA,0x4C,0x56,0xA2,
0xEA,0xA7,0xE9,0xC0,0xC0,0xCE,0x89,0xE1,0xFA,0x63,0x3F,0xB0,
0x6B,0x32,0x66,0xF1,0xD1,0x7B,0xB0,0x00,0x8F,0xCA,0x87,0xC2,
0xAE,0x98,0x89,0x26,0x17,0xC2,0x05,0xD2,0xEC,0x08,0xD0,0x8C,
0xFF,0x17,0x52,0x8C,0xC5,0x07,0x93,0x03,0xB1,0xF6,0x2F,0xB8,
0x1C,0x52,0x47,0x27,0x1B,0xDB,0xD1,0x8D,0x9D,0x69,0x1D,0x52,
0x4B,0x32,0x81,0xAA,0x7F,0x00,0xC8,0xDC,0xE6,0xD9,0xCC,0xC1,
0x11,0x2D,0x37,0x34,0x6C,0xEA,0x02,0x97,0x4B,0x0E,0xBB,0xB1,
0x71,0x33,0x09,0x15,0xFD,0xDD,0x23,0x87,0x07,0x5E,0x89,0xAB,
0x6B,0x7C,0x5F,0xEC,0xA6,0x24,0xDC,0x53,
};
static unsigned char dh1024_g[]={
0x02,
};
return(dh);
}
static DH *get_dh1024dsa()
{
static unsigned char dh1024_p[]={
0xC8,0x00,0xF7,0x08,0x07,0x89,0x4D,0x90,0x53,0xF3,0xD5,0x00,
0x21,0x1B,0xF7,0x31,0xA6,0xA2,0xDA,0x23,0x9A,0xC7,0x87,0x19,
0x3B,0x47,0xB6,0x8C,0x04,0x6F,0xFF,0xC6,0x9B,0xB8,0x65,0xD2,
0xC2,0x5F,0x31,0x83,0x4A,0xA7,0x5F,0x2F,0x88,0x38,0xB6,0x55,
0xCF,0xD9,0x87,0x6D,0x6F,0x9F,0xDA,0xAC,0xA6,0x48,0xAF,0xFC,
0x33,0x84,0x37,0x5B,0x82,0x4A,0x31,0x5D,0xE7,0xBD,0x52,0x97,
0xA1,0x77,0xBF,0x10,0x9E,0x37,0xEA,0x64,0xFA,0xCA,0x28,0x8D,
0x9D,0x3B,0xD2,0x6E,0x09,0x5C,0x68,0xC7,0x45,0x90,0xFD,0xBB,
0x70,0xC9,0x3A,0xBB,0xDF,0xD4,0x21,0x0F,0xC4,0x6A,0x3C,0xF6,
0x61,0xCF,0x3F,0xD6,0x13,0xF1,0x5F,0xBC,0xCF,0xBC,0x26,0x9E,
0xBC,0x0B,0xBD,0xAB,0x5D,0xC9,0x54,0x39,
};
static unsigned char dh1024_g[]={
0x3B,0x40,0x86,0xE7,0xF3,0x6C,0xDE,0x67,0x1C,0xCC,0x80,0x05,
0x5A,0xDF,0xFE,0xBD,0x20,0x27,0x74,0x6C,0x24,0xC9,0x03,0xF3,
0xE1,0x8D,0xC3,0x7D,0x98,0x27,0x40,0x08,0xB8,0x8C,0x6A,0xE9,
0xBB,0x1A,0x3A,0xD6,0x86,0x83,0x5E,0x72,0x41,0xCE,0x85,0x3C,
0xD2,0xB3,0xFC,0x13,0xCE,0x37,0x81,0x9E,0x4C,0x1C,0x7B,0x65,
0xD3,0xE6,0xA6,0x00,0xF5,0x5A,0x95,0x43,0x5E,0x81,0xCF,0x60,
0xA2,0x23,0xFC,0x36,0xA7,0x5D,0x7A,0x4C,0x06,0x91,0x6E,0xF6,
0x57,0xEE,0x36,0xCB,0x06,0xEA,0xF5,0x3D,0x95,0x49,0xCB,0xA7,
0xDD,0x81,0xDF,0x80,0x09,0x4A,0x97,0x4D,0xA8,0x22,0x72,0xA1,
0x7F,0xC4,0x70,0x56,0x70,0xE8,0x20,0x10,0x18,0x8F,0x2E,0x60,
0x07,0xE7,0x68,0x1A,0x82,0x5D,0x32,0xA2,
};
return(dh);
}
#endif