2000-02-04 14:01:38 +00:00
|
|
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* This package is an SSL implementation written
|
|
|
|
* by Eric Young (eay@cryptsoft.com).
|
|
|
|
* The implementation was written so as to conform with Netscapes SSL.
|
2015-01-22 03:40:55 +00:00
|
|
|
*
|
2000-02-04 14:01:38 +00:00
|
|
|
* This library is free for commercial and non-commercial use as long as
|
|
|
|
* the following conditions are aheared to. The following conditions
|
|
|
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
|
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
|
|
* included with this distribution is covered by the same copyright terms
|
|
|
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
2015-01-22 03:40:55 +00:00
|
|
|
*
|
2000-02-04 14:01:38 +00:00
|
|
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
|
|
* the code are not to be removed.
|
|
|
|
* If this package is used in a product, Eric Young should be given attribution
|
|
|
|
* as the author of the parts of the library used.
|
|
|
|
* This can be in the form of a textual message at program startup or
|
|
|
|
* in documentation (online or textual) provided with the package.
|
2015-01-22 03:40:55 +00:00
|
|
|
*
|
2000-02-04 14:01:38 +00:00
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
|
|
* must display the following acknowledgement:
|
|
|
|
* "This product includes cryptographic software written by
|
|
|
|
* Eric Young (eay@cryptsoft.com)"
|
|
|
|
* The word 'cryptographic' can be left out if the rouines from the library
|
|
|
|
* being used are not cryptographic related :-).
|
2015-01-22 03:40:55 +00:00
|
|
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
2000-02-04 14:01:38 +00:00
|
|
|
* the apps directory (application code) you must include an acknowledgement:
|
|
|
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
2015-01-22 03:40:55 +00:00
|
|
|
*
|
2000-02-04 14:01:38 +00:00
|
|
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
2015-01-22 03:40:55 +00:00
|
|
|
*
|
2000-02-04 14:01:38 +00:00
|
|
|
* The licence and distribution terms for any publically available version or
|
|
|
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
|
|
* copied and put under another distribution licence
|
|
|
|
* [including the GNU Public Licence.]
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <stdio.h>
|
2015-05-14 14:56:48 +00:00
|
|
|
#include "internal/cryptlib.h"
|
2000-02-04 14:01:38 +00:00
|
|
|
#include <openssl/evp.h>
|
2016-02-08 16:43:03 +00:00
|
|
|
#include <internal/evp_int.h>
|
2000-02-04 14:01:38 +00:00
|
|
|
#include <openssl/pkcs12.h>
|
|
|
|
#include <openssl/objects.h>
|
|
|
|
|
2016-02-08 16:43:03 +00:00
|
|
|
void openssl_add_all_ciphers_internal(void)
|
2015-01-22 03:40:55 +00:00
|
|
|
{
|
2000-10-14 20:09:54 +00:00
|
|
|
|
2001-02-19 16:06:34 +00:00
|
|
|
#ifndef OPENSSL_NO_DES
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_des_cfb());
|
|
|
|
EVP_add_cipher(EVP_des_cfb1());
|
|
|
|
EVP_add_cipher(EVP_des_cfb8());
|
|
|
|
EVP_add_cipher(EVP_des_ede_cfb());
|
|
|
|
EVP_add_cipher(EVP_des_ede3_cfb());
|
|
|
|
EVP_add_cipher(EVP_des_ede3_cfb1());
|
|
|
|
EVP_add_cipher(EVP_des_ede3_cfb8());
|
|
|
|
|
|
|
|
EVP_add_cipher(EVP_des_ofb());
|
|
|
|
EVP_add_cipher(EVP_des_ede_ofb());
|
|
|
|
EVP_add_cipher(EVP_des_ede3_ofb());
|
|
|
|
|
|
|
|
EVP_add_cipher(EVP_desx_cbc());
|
|
|
|
EVP_add_cipher_alias(SN_desx_cbc, "DESX");
|
|
|
|
EVP_add_cipher_alias(SN_desx_cbc, "desx");
|
|
|
|
|
|
|
|
EVP_add_cipher(EVP_des_cbc());
|
|
|
|
EVP_add_cipher_alias(SN_des_cbc, "DES");
|
|
|
|
EVP_add_cipher_alias(SN_des_cbc, "des");
|
|
|
|
EVP_add_cipher(EVP_des_ede_cbc());
|
|
|
|
EVP_add_cipher(EVP_des_ede3_cbc());
|
|
|
|
EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");
|
|
|
|
EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");
|
|
|
|
|
|
|
|
EVP_add_cipher(EVP_des_ecb());
|
|
|
|
EVP_add_cipher(EVP_des_ede());
|
|
|
|
EVP_add_cipher(EVP_des_ede3());
|
|
|
|
EVP_add_cipher(EVP_des_ede3_wrap());
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-24 19:26:15 +00:00
|
|
|
EVP_add_cipher_alias(SN_id_smime_alg_CMS3DESwrap, "des3-wrap");
|
2000-02-04 14:01:38 +00:00
|
|
|
#endif
|
|
|
|
|
2001-02-19 16:06:34 +00:00
|
|
|
#ifndef OPENSSL_NO_RC4
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_rc4());
|
|
|
|
EVP_add_cipher(EVP_rc4_40());
|
|
|
|
# ifndef OPENSSL_NO_MD5
|
|
|
|
EVP_add_cipher(EVP_rc4_hmac_md5());
|
|
|
|
# endif
|
2000-02-04 14:01:38 +00:00
|
|
|
#endif
|
|
|
|
|
2001-02-19 16:06:34 +00:00
|
|
|
#ifndef OPENSSL_NO_IDEA
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_idea_ecb());
|
|
|
|
EVP_add_cipher(EVP_idea_cfb());
|
|
|
|
EVP_add_cipher(EVP_idea_ofb());
|
|
|
|
EVP_add_cipher(EVP_idea_cbc());
|
|
|
|
EVP_add_cipher_alias(SN_idea_cbc, "IDEA");
|
|
|
|
EVP_add_cipher_alias(SN_idea_cbc, "idea");
|
2000-02-04 14:01:38 +00:00
|
|
|
#endif
|
|
|
|
|
2007-04-23 23:48:59 +00:00
|
|
|
#ifndef OPENSSL_NO_SEED
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_seed_ecb());
|
|
|
|
EVP_add_cipher(EVP_seed_cfb());
|
|
|
|
EVP_add_cipher(EVP_seed_ofb());
|
|
|
|
EVP_add_cipher(EVP_seed_cbc());
|
|
|
|
EVP_add_cipher_alias(SN_seed_cbc, "SEED");
|
|
|
|
EVP_add_cipher_alias(SN_seed_cbc, "seed");
|
2007-04-23 23:48:59 +00:00
|
|
|
#endif
|
|
|
|
|
2001-02-19 16:06:34 +00:00
|
|
|
#ifndef OPENSSL_NO_RC2
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_rc2_ecb());
|
|
|
|
EVP_add_cipher(EVP_rc2_cfb());
|
|
|
|
EVP_add_cipher(EVP_rc2_ofb());
|
|
|
|
EVP_add_cipher(EVP_rc2_cbc());
|
|
|
|
EVP_add_cipher(EVP_rc2_40_cbc());
|
|
|
|
EVP_add_cipher(EVP_rc2_64_cbc());
|
|
|
|
EVP_add_cipher_alias(SN_rc2_cbc, "RC2");
|
|
|
|
EVP_add_cipher_alias(SN_rc2_cbc, "rc2");
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-24 19:26:15 +00:00
|
|
|
EVP_add_cipher_alias(SN_rc2_cbc, "rc2-128");
|
|
|
|
EVP_add_cipher_alias(SN_rc2_64_cbc, "rc2-64");
|
|
|
|
EVP_add_cipher_alias(SN_rc2_40_cbc, "rc2-40");
|
2000-02-04 14:01:38 +00:00
|
|
|
#endif
|
|
|
|
|
2001-02-19 16:06:34 +00:00
|
|
|
#ifndef OPENSSL_NO_BF
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_bf_ecb());
|
|
|
|
EVP_add_cipher(EVP_bf_cfb());
|
|
|
|
EVP_add_cipher(EVP_bf_ofb());
|
|
|
|
EVP_add_cipher(EVP_bf_cbc());
|
|
|
|
EVP_add_cipher_alias(SN_bf_cbc, "BF");
|
|
|
|
EVP_add_cipher_alias(SN_bf_cbc, "bf");
|
|
|
|
EVP_add_cipher_alias(SN_bf_cbc, "blowfish");
|
2000-02-04 14:01:38 +00:00
|
|
|
#endif
|
|
|
|
|
2001-02-19 16:06:34 +00:00
|
|
|
#ifndef OPENSSL_NO_CAST
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_cast5_ecb());
|
|
|
|
EVP_add_cipher(EVP_cast5_cfb());
|
|
|
|
EVP_add_cipher(EVP_cast5_ofb());
|
|
|
|
EVP_add_cipher(EVP_cast5_cbc());
|
|
|
|
EVP_add_cipher_alias(SN_cast5_cbc, "CAST");
|
|
|
|
EVP_add_cipher_alias(SN_cast5_cbc, "cast");
|
|
|
|
EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");
|
|
|
|
EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");
|
2000-02-04 14:01:38 +00:00
|
|
|
#endif
|
|
|
|
|
2001-02-19 16:06:34 +00:00
|
|
|
#ifndef OPENSSL_NO_RC5
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_rc5_32_12_16_ecb());
|
|
|
|
EVP_add_cipher(EVP_rc5_32_12_16_cfb());
|
|
|
|
EVP_add_cipher(EVP_rc5_32_12_16_ofb());
|
|
|
|
EVP_add_cipher(EVP_rc5_32_12_16_cbc());
|
|
|
|
EVP_add_cipher_alias(SN_rc5_cbc, "rc5");
|
|
|
|
EVP_add_cipher_alias(SN_rc5_cbc, "RC5");
|
2000-02-04 14:01:38 +00:00
|
|
|
#endif
|
2000-10-14 20:09:54 +00:00
|
|
|
|
2001-02-19 16:06:34 +00:00
|
|
|
#ifndef OPENSSL_NO_AES
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_aes_128_ecb());
|
|
|
|
EVP_add_cipher(EVP_aes_128_cbc());
|
|
|
|
EVP_add_cipher(EVP_aes_128_cfb());
|
|
|
|
EVP_add_cipher(EVP_aes_128_cfb1());
|
|
|
|
EVP_add_cipher(EVP_aes_128_cfb8());
|
|
|
|
EVP_add_cipher(EVP_aes_128_ofb());
|
|
|
|
EVP_add_cipher(EVP_aes_128_ctr());
|
|
|
|
EVP_add_cipher(EVP_aes_128_gcm());
|
|
|
|
# ifndef OPENSSL_NO_OCB
|
|
|
|
EVP_add_cipher(EVP_aes_128_ocb());
|
|
|
|
# endif
|
|
|
|
EVP_add_cipher(EVP_aes_128_xts());
|
|
|
|
EVP_add_cipher(EVP_aes_128_ccm());
|
|
|
|
EVP_add_cipher(EVP_aes_128_wrap());
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-24 19:26:15 +00:00
|
|
|
EVP_add_cipher_alias(SN_id_aes128_wrap, "aes128-wrap");
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_aes_128_wrap_pad());
|
|
|
|
EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
|
|
|
|
EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
|
|
|
|
EVP_add_cipher(EVP_aes_192_ecb());
|
|
|
|
EVP_add_cipher(EVP_aes_192_cbc());
|
|
|
|
EVP_add_cipher(EVP_aes_192_cfb());
|
|
|
|
EVP_add_cipher(EVP_aes_192_cfb1());
|
|
|
|
EVP_add_cipher(EVP_aes_192_cfb8());
|
|
|
|
EVP_add_cipher(EVP_aes_192_ofb());
|
|
|
|
EVP_add_cipher(EVP_aes_192_ctr());
|
|
|
|
EVP_add_cipher(EVP_aes_192_gcm());
|
|
|
|
# ifndef OPENSSL_NO_OCB
|
|
|
|
EVP_add_cipher(EVP_aes_192_ocb());
|
|
|
|
# endif
|
|
|
|
EVP_add_cipher(EVP_aes_192_ccm());
|
|
|
|
EVP_add_cipher(EVP_aes_192_wrap());
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-24 19:26:15 +00:00
|
|
|
EVP_add_cipher_alias(SN_id_aes192_wrap, "aes192-wrap");
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_aes_192_wrap_pad());
|
|
|
|
EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
|
|
|
|
EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
|
|
|
|
EVP_add_cipher(EVP_aes_256_ecb());
|
|
|
|
EVP_add_cipher(EVP_aes_256_cbc());
|
|
|
|
EVP_add_cipher(EVP_aes_256_cfb());
|
|
|
|
EVP_add_cipher(EVP_aes_256_cfb1());
|
|
|
|
EVP_add_cipher(EVP_aes_256_cfb8());
|
|
|
|
EVP_add_cipher(EVP_aes_256_ofb());
|
|
|
|
EVP_add_cipher(EVP_aes_256_ctr());
|
|
|
|
EVP_add_cipher(EVP_aes_256_gcm());
|
|
|
|
# ifndef OPENSSL_NO_OCB
|
|
|
|
EVP_add_cipher(EVP_aes_256_ocb());
|
|
|
|
# endif
|
|
|
|
EVP_add_cipher(EVP_aes_256_xts());
|
|
|
|
EVP_add_cipher(EVP_aes_256_ccm());
|
|
|
|
EVP_add_cipher(EVP_aes_256_wrap());
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-24 19:26:15 +00:00
|
|
|
EVP_add_cipher_alias(SN_id_aes256_wrap, "aes256-wrap");
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_aes_256_wrap_pad());
|
|
|
|
EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
|
|
|
|
EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
|
|
|
|
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
|
|
|
|
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
|
|
|
|
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
|
|
|
|
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
|
2000-10-14 20:09:54 +00:00
|
|
|
#endif
|
2006-06-09 15:44:59 +00:00
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_CAMELLIA
|
2015-01-22 03:40:55 +00:00
|
|
|
EVP_add_cipher(EVP_camellia_128_ecb());
|
|
|
|
EVP_add_cipher(EVP_camellia_128_cbc());
|
|
|
|
EVP_add_cipher(EVP_camellia_128_cfb());
|
|
|
|
EVP_add_cipher(EVP_camellia_128_cfb1());
|
|
|
|
EVP_add_cipher(EVP_camellia_128_cfb8());
|
|
|
|
EVP_add_cipher(EVP_camellia_128_ofb());
|
|
|
|
EVP_add_cipher_alias(SN_camellia_128_cbc, "CAMELLIA128");
|
|
|
|
EVP_add_cipher_alias(SN_camellia_128_cbc, "camellia128");
|
|
|
|
EVP_add_cipher(EVP_camellia_192_ecb());
|
|
|
|
EVP_add_cipher(EVP_camellia_192_cbc());
|
|
|
|
EVP_add_cipher(EVP_camellia_192_cfb());
|
|
|
|
EVP_add_cipher(EVP_camellia_192_cfb1());
|
|
|
|
EVP_add_cipher(EVP_camellia_192_cfb8());
|
|
|
|
EVP_add_cipher(EVP_camellia_192_ofb());
|
|
|
|
EVP_add_cipher_alias(SN_camellia_192_cbc, "CAMELLIA192");
|
|
|
|
EVP_add_cipher_alias(SN_camellia_192_cbc, "camellia192");
|
|
|
|
EVP_add_cipher(EVP_camellia_256_ecb());
|
|
|
|
EVP_add_cipher(EVP_camellia_256_cbc());
|
|
|
|
EVP_add_cipher(EVP_camellia_256_cfb());
|
|
|
|
EVP_add_cipher(EVP_camellia_256_cfb1());
|
|
|
|
EVP_add_cipher(EVP_camellia_256_cfb8());
|
|
|
|
EVP_add_cipher(EVP_camellia_256_ofb());
|
|
|
|
EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256");
|
|
|
|
EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256");
|
2015-02-11 19:30:13 +00:00
|
|
|
EVP_add_cipher(EVP_camellia_128_ctr());
|
|
|
|
EVP_add_cipher(EVP_camellia_192_ctr());
|
|
|
|
EVP_add_cipher(EVP_camellia_256_ctr());
|
2015-01-22 03:40:55 +00:00
|
|
|
#endif
|
2015-12-09 20:36:19 +00:00
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_CHACHA
|
|
|
|
EVP_add_cipher(EVP_chacha20());
|
|
|
|
# ifndef OPENSSL_NO_POLY1305
|
|
|
|
EVP_add_cipher(EVP_chacha20_poly1305());
|
|
|
|
# endif
|
|
|
|
#endif
|
2015-01-22 03:40:55 +00:00
|
|
|
}
|