{

				{

				ret=RSA_verify(NID_md5_sha1, buf,36, buf2,

				ret=RSA_verify(NID_md5_sha1, buf,36, buf2,

					rsa_num, rsa_key[j]);

					rsa_num, rsa_key[j]);

					{

					{

					BIO_printf(bio_err,

					BIO_printf(bio_err,

						"RSA verify failure\n");

						"RSA verify failure\n");

	pkey = NETSCAPE_SPKI_get_pubkey(spki);

	pkey = NETSCAPE_SPKI_get_pubkey(spki);

	if(verify) {

	if(verify) {

		i = NETSCAPE_SPKI_verify(spki, pkey);

		i = NETSCAPE_SPKI_verify(spki, pkey);

		else {

		else {

			BIO_printf(bio_err, "Signature Failure\n");

			BIO_printf(bio_err, "Signature Failure\n");

			ERR_print_errors(bio_err);

			ERR_print_errors(bio_err);

	ret=0;

	ret=0;

end:

end:

		{

		{

		fprintf(stdout,"OK\n");

		fprintf(stdout,"OK\n");

		ret=1;

		ret=1;

		ERR_clear_error();

		ERR_clear_error();

	return(ok);

	return(ok);

	}

	}

	/* NOTE: this certificate can/should be self signed, unless it was

	/* NOTE: this certificate can/should be self signed, unless it was

	 * a certificate request in which case it is not. */

	 * a certificate request in which case it is not. */

	X509_STORE_CTX_set_cert(&xsc,x);

	X509_STORE_CTX_set_cert(&xsc,x);

		goto end;

		goto end;

	if (!X509_check_private_key(xca,pkey))

	if (!X509_check_private_key(xca,pkey))

	cms_fixup_mctx(&mctx, si->pkey);

	cms_fixup_mctx(&mctx, si->pkey);

	r = EVP_VerifyFinal(&mctx,

	r = EVP_VerifyFinal(&mctx,

			si->signature->data, si->signature->length, si->pkey);

			si->signature->data, si->signature->length, si->pkey);

		CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE);

		CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE);

	err:

	err:

	EVP_MD_CTX_cleanup(&mctx);

	EVP_MD_CTX_cleanup(&mctx);

	i=ssl_verify_cert_chain(s,sk);

	i=ssl_verify_cert_chain(s,sk);

		{

		{

		SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);

		SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);

		goto err;

		goto err;

	i=ssl_verify_cert_chain(s,sk);

	i=ssl_verify_cert_chain(s,sk);

		{

		{

		EVP_MD_CTX ctx;

		EVP_MD_CTX ctx;

		EVP_PKEY *pkey=NULL;

		EVP_PKEY *pkey=NULL;

		EVP_PKEY_free(pkey);

		EVP_PKEY_free(pkey);

		EVP_MD_CTX_cleanup(&ctx);

		EVP_MD_CTX_cleanup(&ctx);

			{

			{

			if (s->session->peer != NULL)

			if (s->session->peer != NULL)

				X509_free(s->session->peer);

				X509_free(s->session->peer);

		}

		}

	i=ssl_verify_cert_chain(s,sk);

	i=ssl_verify_cert_chain(s,sk);

#ifndef OPENSSL_NO_KRB5

#ifndef OPENSSL_NO_KRB5

	        && (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK))

	        && (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK))

	        != (SSL_aKRB5|SSL_kKRB5)

	        != (SSL_aKRB5|SSL_kKRB5)

			EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);

			EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);

			EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);

			EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);

			EVP_VerifyUpdate(&md_ctx,param,param_len);

			EVP_VerifyUpdate(&md_ctx,param,param_len);

				{

				{

				/* bad signature */

				/* bad signature */

				al=SSL_AD_DECRYPT_ERROR;

				al=SSL_AD_DECRYPT_ERROR;

			EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);

			EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);

			EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);

			EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);

			EVP_VerifyUpdate(&md_ctx,param,param_len);

			EVP_VerifyUpdate(&md_ctx,param,param_len);

				{

				{

				/* bad signature */

				/* bad signature */

				al=SSL_AD_DECRYPT_ERROR;

				al=SSL_AD_DECRYPT_ERROR;

	else

	else

		{

		{

		i=ssl_verify_cert_chain(s,sk);

		i=ssl_verify_cert_chain(s,sk);

			{

			{

			al=ssl_verify_alarm_type(s->verify_result);

			al=ssl_verify_alarm_type(s->verify_result);

			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);

			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);

	if (cb_arg->proxy_auth)

	if (cb_arg->proxy_auth)

		{

		{

			{

			{

			const char *cond_end = NULL;

			const char *cond_end = NULL;