Marek Klein
f0ef20bf38
Added support for ESSCertIDv2
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/771 )
2017-05-03 09:04:23 +02:00
Rich Salz
a7be5759cf
RT3809: basicConstraints is critical
...
This is really a security bugfix, not enhancement any more.
Everyone knows critical extensions.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-06-13 09:18:22 -04:00
Rich Salz
3e9e810f2e
Remove outdated legacy crypto options
...
Many options for supporting optimizations for legacy crypto on legacy
platforms have been removed. This simplifies the source code and
does not really penalize anyone.
DES_PTR (always on)
DES_RISC1, DES_RISC2 (always off)
DES_INT (always 'unsigned int')
DES_UNROLL (always on)
BF_PTR (always on) BF_PTR2 (removed)
MD2_CHAR, MD2_LONG (always 'unsigned char')
IDEA_SHORT, IDEA_LONG (always 'unsigned int')
RC2_SHORT, RC2_LONG (always 'unsigned int')
RC4_LONG (only int and char (for assembler) are supported)
RC4_CHUNK (always long), RC_CHUNK_LL (removed)
RC4_INDEX (always on)
And also make D_ENCRYPT macro more clear (@appro)
This is done in consultation with Andy.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-01-27 19:05:50 -05:00
Rich Salz
39a6a4a707
Update to SHA256 for TSA signing digest.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-30 18:18:08 -05:00
Dr. Stephen Henson
2cc7acd273
Use better defaults for TSA.
...
Use SHA256 for TSA and setted permitted digests to a sensible value.
Based on PR#4141
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-11-20 13:40:53 +00:00
Dr. Stephen Henson
e20b472751
Add support for signer_digest option in TS.
...
Based on PR#2145
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-11-20 13:40:53 +00:00
Emilia Kasper
455b65dfab
RT3067: simplify patch
...
(Original commit adb46dbc6d
)
Use the new constant-time methods consistently in s3_srvr.c
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-09-24 15:35:02 +02:00
Veres Lajos
478b50cf67
misspellings fixes by https://github.com/vlajos/misspell_fixer
2013-09-05 21:39:42 +01:00
Dr. Stephen Henson
84b6e277d4
make update
2011-12-27 14:46:03 +00:00
Dr. Stephen Henson
ef236ec3b2
Merge from 1.0.0-stable branch.
2009-04-23 16:32:42 +00:00
Bodo Möller
96afc1cfd5
Add SEED encryption algorithm.
...
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:48:59 +00:00
Richard Levitte
98bf13c36b
make update
2006-05-12 15:31:28 +00:00
Richard Levitte
9ab899a660
Synchronise with openss.cnf
2006-02-26 10:48:40 +00:00
Ulf Möller
c7235be6e3
RFC 3161 compliant time stamp request creation, response generation
...
and response verification.
Submitted by: Zoltan Glozik <zglozik@opentsa.org>
Reviewed by: Ulf Moeller
2006-02-12 23:11:56 +00:00
Nils Larsch
e7076c5a80
make update
2005-04-22 20:17:17 +00:00
Richard Levitte
6951c23afd
Add functionality needed to process proxy certificates.
2004-12-28 00:21:35 +00:00
Richard Levitte
d1739eb2d6
make update
2004-05-13 21:38:47 +00:00
Richard Levitte
849c0fe240
Adjust to changes in apps/openssl.cnf
1999-11-12 01:59:47 +00:00
Ulf Möller
9dff4cc051
Bring VMS in sync with the recent changes.
...
Submitted by: Richard Levitte <levitte@stacken.kth.se>
1999-05-20 21:00:29 +00:00
Ulf Möller
7d7d2cbcb0
VMS support.
...
Submitted by: Richard Levitte <richard@levitte.org>
1999-05-13 11:37:32 +00:00