Dr. Stephen Henson
24d7159abd
Backport libcrypto audit: check return values of EVP functions instead
...
of assuming they will always suceed.
2011-06-03 20:53:00 +00:00
Dr. Stephen Henson
260d08b814
Backport CMAC support from HEAD.
2011-06-03 15:08:42 +00:00
Dr. Stephen Henson
916bcab28e
Prohibit low level cipher APIs in FIPS mode.
...
Not complete: ciphers with assembly language key setup are not
covered yet.
2011-06-01 16:54:06 +00:00
Dr. Stephen Henson
c7373c3dee
For consistency define clone digests in evp_fips.c
2011-06-01 15:11:00 +00:00
Dr. Stephen Henson
9f2c8eb2a1
Redirect clone digests to FIPS module for FIPS builds.
2011-06-01 14:28:21 +00:00
Dr. Stephen Henson
65300dcfb0
Prohibit use of low level digest APIs in FIPS mode.
2011-06-01 13:39:45 +00:00
Dr. Stephen Henson
5792219d1d
Redirect cipher operations to FIPS module for FIPS builds.
2011-05-29 16:18:38 +00:00
Dr. Stephen Henson
293c58c1e7
Use approved API for EVP digest operations in FIPS builds.
...
Call OPENSSL_init() in a few more places to make sure it is always called
at least once.
Initial cipher API redirection (incomplete).
2011-05-29 15:55:13 +00:00
Dr. Stephen Henson
9f375a752e
Add default ASN1 handling to support FIPS.
2011-05-29 02:32:05 +00:00
Dr. Stephen Henson
04dc5a9ca6
Redirect digests to FIPS module for FIPS builds.
...
Use FIPS API when initialising digests.
Sync header file evp.h and error codes with HEAD for necessary FIPS
definitions.
2011-05-28 23:01:26 +00:00
Richard Levitte
9f427a52cb
make update (1.0.1-stable)
...
This meant a slight renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable. However, since there's been no release on
this branch yet, it should be harmless.
2011-03-23 00:06:04 +00:00
Dr. Stephen Henson
5566d49103
PR: 2385
...
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve
Zero key->pkey.ptr after it is freed so the structure can be reused.
2010-11-30 19:45:31 +00:00
Dr. Stephen Henson
4fab95ed20
Some of the MS_STATIC use in crypto/evp is a legacy from the days when
...
EVP_MD_CTX was much larger: it isn't needed anymore.
2010-11-27 17:35:56 +00:00
Dr. Stephen Henson
a618011ca1
add "missing" functions to copy EVP_PKEY_METHOD and examine info
2010-11-24 16:07:45 +00:00
Dr. Stephen Henson
ec1e714ac1
constify EVP_PKEY_new_mac_key()
2010-11-24 13:14:03 +00:00
Dr. Stephen Henson
19043426b9
backport AES EVP ctr mode changes from HEAD
2010-11-17 17:46:23 +00:00
Dr. Stephen Henson
972491aece
If EVP_PKEY structure contains an ENGINE the key is ENGINE specific and
...
we should use its method instead of any generic one.
2010-11-16 12:11:31 +00:00
Dr. Stephen Henson
7770da4b41
PR: 2295
...
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve
OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
2010-10-11 23:25:23 +00:00
Dr. Stephen Henson
e97359435e
Fix warnings (From HEAD, original patch by Ben).
2010-06-15 17:25:15 +00:00
Dr. Stephen Henson
7a09bc4068
PR: 2258
...
Submitted By: Ger Hobbelt <ger@hobbelt.com>
Base64 BIO fixes:
Use OPENSSL_assert() instead of assert().
Use memmove() as buffers overlap.
Fix write retry logic.
2010-05-27 12:41:20 +00:00
Dr. Stephen Henson
207886cd3a
PR: 2244
...
Submitted By: "PMHager" <hager@dortmund.net>
Initialise pkey callback to 0.
2010-05-03 12:50:52 +00:00
Dr. Stephen Henson
9caf25d144
PR: 1904
...
Submitted by: David Woodhouse <dwmw2@infradead.org>
Pass passphrase minimum length down to UI.
2010-03-27 19:27:51 +00:00
Dr. Stephen Henson
5356ea7cde
reserve a few more bits for future cipher modes
2010-03-08 23:47:57 +00:00
Dr. Stephen Henson
bf638ef026
don't add digest alias if signature algorithm is undefined
2010-03-06 20:47:45 +00:00
Dr. Stephen Henson
07973d5db8
Fix memory leak: free up ENGINE functional reference if digest is not
...
found in an ENGINE.
2010-03-05 13:33:43 +00:00
Dr. Stephen Henson
fb24311e7c
'typo'
2010-03-01 01:52:47 +00:00
Dr. Stephen Henson
fc11f47229
Revert CFB block length change. Despite what SP800-38a says the input to
...
CFB mode does *not* have to be a multiple of the block length and several
other specifications (e.g. PKCS#11) do not require this.
2010-02-26 14:41:48 +00:00
Dr. Stephen Henson
6c6ca18664
The "block length" for CFB mode was incorrectly coded as 1 all the time. It
...
should be the number of feedback bits expressed in bytes. For CFB1 mode set
this to 1 by rounding up to the nearest multiple of 8.
2010-02-15 19:40:30 +00:00
Dr. Stephen Henson
97fe2b40c1
Correct ECB mode EVP_CIPHER definition: IV length is 0
2010-02-15 19:25:52 +00:00
Dr. Stephen Henson
f689ab5017
add EVP_CIPH_FLAG_LENGTH_BITS from 0.9.8-stable
2010-02-15 19:17:55 +00:00
Dr. Stephen Henson
c8c49133d9
oops, use new value for new flag
2010-02-07 13:54:54 +00:00
Dr. Stephen Henson
1700426256
Add missing function EVP_CIPHER_CTX_copy(). Current code uses memcpy() to copy
...
an EVP_CIPHER_CTX structure which may have problems with external ENGINEs
who need to duplicate internal handles etc.
2010-02-07 13:41:23 +00:00
Dr. Stephen Henson
8b354e776b
PR: 2161
...
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.
Make no-dsa, no-ecdsa and no-rsa compile again.
2010-02-02 13:36:05 +00:00
Dr. Stephen Henson
704d33b347
Add flags functions which were added to 0.9.8 for fips but not 1.0.0 and
...
later.
2010-01-26 14:33:52 +00:00
Dr. Stephen Henson
aed461b431
Traditional Yuletide commit ;-)
...
Add Triple DES CFB1 and CFB8 to algorithm list and NID translation.
2009-12-25 14:12:24 +00:00
Dr. Stephen Henson
2d3855fc6e
PR: 2127
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Check for lookup failures in EVP_PBE_CipherInit().
2009-12-17 15:28:45 +00:00
Dr. Stephen Henson
1cd47f5f6e
Ooops revert stuff which shouldn't have been part of previous commit.
2009-12-16 20:33:11 +00:00
Dr. Stephen Henson
675564835c
New option to enable/disable connection to unpatched servers
2009-12-16 20:28:30 +00:00
Dr. Stephen Henson
a6d204e241
Add patch to crypto/evp which didn't apply from PR#2124
2009-12-09 15:02:14 +00:00
Dr. Stephen Henson
aac751832a
PR: 2124
...
Submitted by: Jan Pechanec <Jan.Pechanec@Sun.COM>
Check for memory allocation failures.
2009-12-09 13:38:20 +00:00
Dr. Stephen Henson
9b2cfb890c
set engine to NULL after releasing it
2009-11-12 19:24:34 +00:00
Dr. Stephen Henson
d7501c16bf
Yes it is a typo ;-)
2009-10-01 12:17:18 +00:00
Dr. Stephen Henson
5a96822f2c
Update default dependency flags.
...
Make error name discrepancies a fatal error.
Fix error codes.
make update
2009-08-12 17:08:44 +00:00
Dr. Stephen Henson
a2da5c7daa
Make update.
2009-07-08 09:13:24 +00:00
Dr. Stephen Henson
c155d83f5b
Delete MD2 from algorithm tables and default compilation.
2009-07-08 08:50:53 +00:00
Dr. Stephen Henson
e105098b3f
PR: 1974 (partial)
...
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org
If -DHAVE_CRYPTODEV is set enable cryptodev support
2009-07-01 14:55:59 +00:00
Dr. Stephen Henson
f2f50efea3
PR: 1965
...
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org
Make sure defines to remove SHA are correct.
2009-07-01 11:35:46 +00:00
Dr. Stephen Henson
bfd502f027
Updates from HEAD.
2009-06-16 16:39:20 +00:00
Dr. Stephen Henson
2bbcd45b05
Update from HEAD.
2009-05-29 18:58:59 +00:00
Dr. Stephen Henson
7134507de0
Make no-rsa, no-dsa and no-dh compile again.
2009-04-23 17:16:40 +00:00
Dr. Stephen Henson
fe41d9853c
Make no-ec work
2009-04-23 16:25:00 +00:00
Dr. Stephen Henson
19ae090787
Print out registered digest names in dgst utility instead of hard
...
coding them. Modify EVP_MD_do_all() to include registered digest name.
This is a modified version of part of PR#1887.
2009-04-10 10:30:27 +00:00
Dr. Stephen Henson
e4e949192b
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
...
Reviewed by: steve@openssl.org
Check return codes properly in md BIO and dgst command.
2009-03-18 18:53:08 +00:00
Ben Laurie
2121f15daf
Use the right length (reported by Quanhong Wang).
2009-03-03 15:12:56 +00:00
Dr. Stephen Henson
a63bf2c53c
Make no-engine work again.
2009-02-15 15:28:18 +00:00
Ben Laurie
b3f3407850
Use new common flags and fix resulting warnings.
2009-02-15 14:08:51 +00:00
Ben Laurie
0eab41fb78
If we're going to return errors (no matter how stupid), then we should
...
test for them!
2008-12-29 16:11:58 +00:00
Andy Polyakov
5cabcf96e7
Fix "possible loss of data" Win64 compiler warnings.
2008-12-29 12:35:49 +00:00
Bodo Möller
7a76219774
Implement Configure option pattern "experimental-foo"
...
(specifically, "experimental-jpake").
2008-12-02 01:21:39 +00:00
Geoff Thorpe
6343829a39
Revert the size_t modifications from HEAD that had led to more
...
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
7b808412c9
Make -DKSSL_DEBUG work again.
2008-11-10 19:08:37 +00:00
Dr. Stephen Henson
2e5975285e
Update obsolete email address...
2008-11-05 18:39:08 +00:00
Ben Laurie
f80921b6a6
Formatting.
2008-11-04 12:06:09 +00:00
Dr. Stephen Henson
70d71f6185
Fix warnings: printf format mismatches on 64 bit platforms.
...
Change assert to OPENSSL_assert().
Fix e_padlock prototype.
2008-11-02 15:41:30 +00:00
Dr. Stephen Henson
c76fd290be
Fix warnings about mismatched prototypes, undefined size_t and value computed
...
not used.
2008-11-02 12:50:48 +00:00
Ben Laurie
5e4430e70d
More size_tification.
2008-11-01 16:40:37 +00:00
Andy Polyakov
b444ac3e6f
size_t-fy EVP_CIPHER. Note that being size_t-fied it doesn't require
...
underlying cipher to be size_t-fied, it allows for size_t, signed and
unsigned long. It maintains source and even binary compatibility.
2008-10-31 19:48:25 +00:00
Dr. Stephen Henson
e19106f5fb
Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros
...
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.
This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
2008-10-22 15:43:01 +00:00
Dr. Stephen Henson
606f6c477a
Fix a shed load or warnings:
...
Duplicate const.
Use of ; outside function.
2008-10-20 15:12:00 +00:00
Ben Laurie
babb379849
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
Bodo Möller
2e415778f2
Don't use assertions to check application-provided arguments;
...
and don't unnecessarily fail on input size 0.
2008-08-14 21:37:51 +00:00
Geoff Thorpe
4c3296960d
Remove the dual-callback scheme for numeric and pointer thread IDs,
...
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).
Thanks to Bodo, for invaluable review and feedback.
2008-08-06 15:54:15 +00:00
Dr. Stephen Henson
d4cdbab99b
Avoid warnings with -pedantic, specifically:
...
Conversion between void * and function pointer.
Value computed not used.
Signed/unsigned argument.
2008-07-04 23:12:52 +00:00
Geoff Thorpe
5f834ab123
Revert my earlier CRYPTO_THREADID commit, I will commit a reworked
...
version some time soon.
2008-07-03 19:59:25 +00:00
Ben Laurie
5ce278a77b
More type-checking.
2008-06-04 11:01:43 +00:00
Geoff Thorpe
f7ccba3edf
There was a need to support thread ID types that couldn't be reliably cast
...
to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed
version was added but it required portable code to check *both* modes to
determine equality. This commit maintains the availability of both thread
ID types, but deprecates the type-specific accessor APIs that invoke the
callbacks - instead a single type-independent API is used. This simplifies
software that calls into this interface, and should also make it less
error-prone - as forgetting to call and compare *both* thread ID accessors
could have led to hard-to-debug/infrequent bugs (that might only affect
certain platforms or thread implementations). As the CHANGES note says,
there were corresponding deprecations and replacements in the
thread-related functions for BN_BLINDING and ERR too.
2008-03-28 02:49:43 +00:00
Dr. Stephen Henson
fe591284be
Update dependencies.
2008-03-22 18:52:03 +00:00
Geoff Thorpe
1e26a8baed
Fix a variety of warnings generated by some elevated compiler-fascism,
...
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
2008-03-16 21:05:46 +00:00
Dr. Stephen Henson
8931b30d84
And so it begins...
...
Initial support for CMS.
Add zlib compression BIO.
Add AES key wrap implementation.
Generalize S/MIME MIME code to support CMS and/or PKCS7.
2008-03-12 21:14:28 +00:00
Dr. Stephen Henson
0e1dba934f
1. Changes for s_client.c to make it return non-zero exit code in case
...
of handshake failure
2. Changes to x509_certificate_type function (crypto/x509/x509type.c) to
make it recognize GOST certificates as EVP_PKT_SIGN|EVP_PKT_EXCH
(required for s3_srvr to accept GOST client certificates).
3. Changes to EVP
- adding of function EVP_PKEY_CTX_get0_peerkey
- Make function EVP_PKEY_derive_set_peerkey work for context with
ENCRYPT operation, because we use peerkey field in the context to
pass non-ephemeral secret key to GOST encrypt operation.
- added EVP_PKEY_CTRL_SET_IV control command. It is really
GOST-specific, but it is used in SSL code, so it has to go
in some header file, available during libssl compilation
4. Fix to HMAC to avoid call of OPENSSL_cleanse on undefined data
5. Include des.h if KSSL_DEBUG is defined into some libssl files, to
make debugging output which depends on constants defined there, work
and other KSSL_DEBUG output fixes
6. Declaration of real GOST ciphersuites, two authentication methods
SSL_aGOST94 and SSL_aGOST2001 and one key exchange method SSL_kGOST
7. Implementation of these methods.
8. Support for sending unsolicited serverhello extension if GOST
ciphersuite is selected. It is require for interoperability with
CryptoPro CSP 3.0 and 3.6 and controlled by
SSL_OP_CRYPTOPRO_TLSEXT_BUG constant.
This constant is added to SSL_OP_ALL, because it does nothing, if
non-GOST ciphersuite is selected, and all implementation of GOST
include compatibility with CryptoPro.
9. Support for CertificateVerify message without length field. It is
another CryptoPro bug, but support is made unconditional, because it
does no harm for draft-conforming implementation.
10. In tls1_mac extra copy of stream mac context is no more done.
When I've written currently commited code I haven't read
EVP_DigestSignFinal manual carefully enough and haven't noticed that
it does an internal digest ctx copying.
This implementation was tested against
1. CryptoPro CSP 3.6 client and server
2. Cryptopro CSP 3.0 server
2007-10-26 12:06:36 +00:00
Andy Polyakov
ebc06fba67
Bunch of constifications.
2007-10-13 15:51:32 +00:00
Andy Polyakov
71f4ea44eb
EVP_*_cfb1 was broken.
...
PR: 1318
2007-07-08 19:14:02 +00:00
Dr. Stephen Henson
18096abb29
Handle NULL parameter in some EVP utility functions.
2007-05-31 12:39:21 +00:00
Dr. Stephen Henson
e77dbf325f
Prepend signature name in dgst output.
2007-05-17 16:19:17 +00:00
Dr. Stephen Henson
e69adea539
New function EVP_PKEY_asn1_copy(). Use default MD if type param is NULL.
2007-05-15 23:52:03 +00:00
Bodo Möller
96afc1cfd5
Add SEED encryption algorithm.
...
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:48:59 +00:00
Dr. Stephen Henson
18327cd0e4
Copy update callback across when copying EVP_MD_CTX.
...
Remove unnecessary reference to EVP_MD_CTX in HMAC pkey method.
2007-04-12 13:02:31 +00:00
Dr. Stephen Henson
2022cfe07e
New -mac and -macopt options to dgst utility. Reimplement -hmac option in
...
terms of new API.
2007-04-11 17:20:40 +00:00
Dr. Stephen Henson
74633553a9
Experimental HMAC support via EVP_PKEY_METHOD.
2007-04-11 12:33:06 +00:00
Dr. Stephen Henson
baecb96e8a
Fix digest signing so digest type is set after init.
2007-04-08 16:53:50 +00:00
Dr. Stephen Henson
6181f5e404
Preliminary support for signctx/verifyctx callbacks.
2007-04-08 13:03:26 +00:00
Ben Laurie
ab2d91bd6b
Don't copy from a nonexistent next. Coverity ID 47.
2007-04-05 17:23:51 +00:00
Dr. Stephen Henson
6e7ca5e1eb
Update from stable branch.
2007-02-27 18:43:42 +00:00
Nils Larsch
0d5ac5a738
allow EVP_PKEY_CTX_free(NULL)
2007-02-26 18:32:53 +00:00
Dr. Stephen Henson
52cfa39716
Add -hmac option to dgst from 0.9.7 stable branch.
2007-02-08 19:07:43 +00:00
Dr. Stephen Henson
560b79cbff
Constify version strings and some structures.
2007-01-21 13:07:17 +00:00
Nils Larsch
b0ec114685
fix order
...
PR: 1442
2006-12-21 19:50:48 +00:00
Nils Larsch
06e2dd037e
add support for ecdsa-with-sha256 etc.
2006-12-20 08:58:54 +00:00
Nils Larsch
34f0a19309
remove trailing '\'
...
PR: 1438
2006-12-19 19:49:02 +00:00
Nils Larsch
7806f3dd4b
replace macros with functions
...
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
2006-11-29 20:54:57 +00:00
Dr. Stephen Henson
47a9d527ab
Update from 0.9.8 stable. Eliminate duplicate error codes.
2006-11-21 21:29:44 +00:00
Ben Laurie
84948b39df
Fix various warnings.
2006-11-08 09:45:12 +00:00
Dr. Stephen Henson
02c9b66a6c
Fix C++ style comments, change assert to OPENSSL_assert, stop warning with
...
pedantic mode.
2006-08-31 20:56:20 +00:00
Ben Laurie
777c47acbe
Make things static that should be. Declare stuff in headers that should be.
...
Fix warnings.
2006-08-28 17:01:04 +00:00
Dr. Stephen Henson
5c95c2ac23
Fix various error codes to match functions.
2006-07-17 16:33:31 +00:00
Dr. Stephen Henson
29cf84c692
New docs for EVP_Digest{Sign,Verify}*() function. Update existing docs.
2006-07-12 12:31:30 +00:00
Dr. Stephen Henson
b7683e3a5d
Allow digests to supply S/MIME micalg values from a ctrl.
...
Send ctrls to EVP_PKEY_METHOD during signing of PKCS7 structure so
customisation is possible.
2006-07-10 18:36:55 +00:00
Dr. Stephen Henson
0ee2166cc5
New functions to add and free up application defined signature OIDs.
2006-07-09 16:05:43 +00:00
Dr. Stephen Henson
5ba4bf35c5
New functions to enumerate digests and ciphers.
2006-07-09 00:53:45 +00:00
Andy Polyakov
975efcbaee
Typos(?) in HEAD/crypto/evp/p_lib.c.
2006-07-04 20:27:44 +00:00
Dr. Stephen Henson
86207c1960
Make return value from EVP_PKEY_cmp() and EVP_PKEY_cmp_parameters() consistent.
2006-07-02 21:12:40 +00:00
Dr. Stephen Henson
944f858021
Fix EVP_PKEY_CTX_dup() to return correct value and handle NULL keys in
...
the source.
2006-06-27 17:23:24 +00:00
Bodo Möller
dd030860c4
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-11 01:09:07 +00:00
Bodo Möller
f3dea9a595
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:44:59 +00:00
Dr. Stephen Henson
01b8b3c7d2
Complete EVP_PKEY_ASN1_METHOD ENGINE support.
2006-06-05 11:52:46 +00:00
Dr. Stephen Henson
e18e3eba76
Make update.
2006-06-02 17:54:47 +00:00
Dr. Stephen Henson
1892c8bf97
Extend default method string to include public key methods.
...
Add missing prototypes.
Fix engine method lookup.
2006-06-02 13:09:59 +00:00
Dr. Stephen Henson
5e428e7d0d
Typo.
2006-06-02 12:37:02 +00:00
Dr. Stephen Henson
c9777d2659
Add ENGINE support for EVP_PKEY_METHOD including lookups of ENGINE
...
implementations and functional reference counting when a context
is allocated, free or copied.
2006-06-02 12:33:39 +00:00
Dr. Stephen Henson
e0c1ea9038
Fix error code. make update
2006-06-01 12:43:39 +00:00
Dr. Stephen Henson
b28dea4e10
New pkey functions for keygen callbacks and retrieving operation type.
2006-05-31 17:34:14 +00:00
Dr. Stephen Henson
3207e61222
Add prototypes, update Win32 ordinals.
2006-05-25 11:44:05 +00:00
Dr. Stephen Henson
3a828611e9
Update EVP_MD_CTX_copy_ex() to use EVP_PKEY_CTX_dup().
2006-05-25 00:55:00 +00:00
Dr. Stephen Henson
8bdcef40e4
New function to dup EVP_PKEY_CTX. This will be needed to make new signing
...
functions and EVP_MD_CTX_copy work properly.
2006-05-24 23:49:30 +00:00
Dr. Stephen Henson
91c9e62123
New functions for enchanced digest sign/verify.
2006-05-24 17:30:09 +00:00
Dr. Stephen Henson
0e3453536e
Fix warnings.
2006-05-24 13:29:32 +00:00
Dr. Stephen Henson
eaff5a1412
Use size_t for new crypto size parameters.
2006-05-24 12:33:46 +00:00
Dr. Stephen Henson
0965991600
Add ctrl to EVP_MD and EVP_PKEY_CTX to EVP_MD_CTX. These will be used
...
for enhanced sign/verify operations.
2006-05-22 13:01:01 +00:00
Dr. Stephen Henson
a620626a33
Code tidy.
2006-05-18 18:06:03 +00:00
Dr. Stephen Henson
3ef3e07a49
make update
2006-05-18 17:22:31 +00:00
Dr. Stephen Henson
1631d5f9b9
HMAC OIDs from RFC4231.
2006-05-17 12:27:45 +00:00
Dr. Stephen Henson
6d3a1eac3b
Add PRF preference ctrl to ciphers.
2006-05-15 18:35:13 +00:00
Dr. Stephen Henson
b8f702a0af
Change builting PBE to use static table. Add entries for HMAC and MD5, GOST.
2006-05-15 17:34:36 +00:00
Dr. Stephen Henson
856640b54f
Extend PBE code to support non default PKCS#5 v2.0 PRFs.
2006-05-14 18:40:53 +00:00
Dr. Stephen Henson
7f57b076a6
New functions to get key types without dereferncing EVP_PKEY.
...
More error checking for RSA pmeth.
2006-05-11 21:33:00 +00:00
Dr. Stephen Henson
399a6f0bd1
Update PKCS#7 enveloped data to new API.
2006-05-08 12:44:25 +00:00
Dr. Stephen Henson
03919683f9
Add support for default public key digest type ctrl.
2006-05-07 17:09:39 +00:00
Dr. Stephen Henson
b46343583c
Update EVP_PKEY_cmp() and X509_check_private() to return sensible values and
...
handle unsupported key types.
2006-04-28 12:27:37 +00:00
Dr. Stephen Henson
a78568b7e9
Replace RSA specific PKCS7_RECIP_INFO set up with an public key algorithm
...
ctrl.
2006-04-27 18:20:34 +00:00
Dr. Stephen Henson
81cebb8b79
Add prototypes and pkey accessor function for EVP_PKEY_CTX.
2006-04-26 11:52:36 +00:00
Dr. Stephen Henson
cddaba8ede
Add 'flags' parameter to EVP_PKEY_asn1_meth_new() to set algorithm flags.
2006-04-21 17:38:58 +00:00
Nils Larsch
f8296228f1
as we encrypt every bit separately we need to loop through the number
...
of bits; thanks to Michael McDougall <mmcdouga@saul.cis.upenn.edu>
PR: 1318
2006-04-20 13:11:52 +00:00
Dr. Stephen Henson
ee1d9ec019
Remove link between digests and signature algorithms.
...
Use cross reference table in ASN1_item_sign(), ASN1_item_verify() to eliminate
the need for algorithm specific code.
2006-04-19 17:05:59 +00:00
Dr. Stephen Henson
614b448a67
Remove comment from SSLeay days about EVP_PKEY_METHOD.
2006-04-19 12:16:58 +00:00
Dr. Stephen Henson
492a9e2415
Allow public key ASN1 methods to set PKCS#7 SignerInfo structures.
2006-04-17 17:12:23 +00:00
Dr. Stephen Henson
c20276e4ae
Fix (most) WIN32 warnings and errors.
2006-04-17 12:08:22 +00:00
Dr. Stephen Henson
9ca7047d71
Provisional support for EC pkey method, supporting ECDH and ECDSA.
2006-04-16 16:15:59 +00:00
Dr. Stephen Henson
b010b7c434
Use more flexible method of determining output length, by setting &outlen
...
value of the passed output buffer is NULL.
The old method of using EVP_PKEY_size(pkey) isn't flexible enough to cover all
cases where the output length may depend on the operation or the parameters
associated with it.
2006-04-15 18:50:56 +00:00
Dr. Stephen Henson
9dc17a2536
Fix from 0.9.7-stable branch.
2006-04-15 17:43:43 +00:00
Dr. Stephen Henson
ba30bad57b
Add functions to allow setting and adding external EVP_PKEY_METHOD.
2006-04-14 12:41:35 +00:00