wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8353 commits 20 branches 302 tags 153 MiB
Commit graph

1146 commits

Author SHA1 Message Date
Dr. Stephen Henson
fd4e79a9ed Include USE_SOCKETS #define 2007-10-14 12:19:07 +00:00
Dr. Stephen Henson
a523276786 Backport certificate status request TLS extension support to 0.9.8. 2007-10-12 00:00:36 +00:00
Ben Laurie
1c90899eef Slight bug in dependencies caused occasional unnecessary diffs. Fixed. 2007-09-19 13:10:34 +00:00
Ben Laurie
4f2b7d48b1 make depend 2007-09-19 12:17:11 +00:00
Andy Polyakov
22e6c73dcc Mention SHA2 in apps/dgst and openssl.pod. 
PR: 1575
 2007-09-17 15:57:31 +00:00
Dr. Stephen Henson
927a28ba3b gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL. 
Fix various "computed value not used" warnings too.
 2007-09-06 12:43:54 +00:00
Dr. Stephen Henson
80355002a1 Update from HEAD. 2007-08-23 12:20:56 +00:00
Dr. Stephen Henson
0e36825228 Update docs. 2007-08-23 12:16:03 +00:00
Dr. Stephen Henson
865a90eb4f Backport of TLS extension code to OpenSSL 0.9.8. 
Include server name and RFC4507bis support.

This is not compiled in by default and must be explicitly enabled with
the Configure option enable-tlsext
 2007-08-12 18:59:03 +00:00
Andy Polyakov
a5d3574984 MacOS X update [from HEAD]. 2007-07-31 20:03:26 +00:00
Dr. Stephen Henson
761f3b403b Fix more unused value warnings. 2007-07-04 13:09:27 +00:00
Ben Laurie
8957121c14 More IGE speedup. 2007-05-13 15:04:16 +00:00
Ben Laurie
50241bc84e AES IGE mode speedup. 2007-05-13 12:03:57 +00:00
Bodo Möller
c3cc4662af Add SEED encryption algorithm. 
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
 2007-04-23 23:50:26 +00:00
Dr. Stephen Henson
82877ea449 Make update. 2007-02-23 01:01:08 +00:00
Lutz Jänicke
81fae49db9 Fix problem with multi line responses in -starttls by using a buffering 
BIO and BIO_gets().
 2007-02-22 17:39:50 +00:00
Lutz Jänicke
cdb13ae8d0 Extend SMTP and IMAP protocol handling to perform the required 
EHLO or CAPABILITY handshake before sending STARTTLS

Submitted by: Goetz Babin-Ebell <goetz@shomitefo.de>
 2007-02-21 18:20:33 +00:00
Dr. Stephen Henson
c31cc72d79 Avoid warning. 2007-02-18 18:18:31 +00:00
Dr. Stephen Henson
d1049ad93e Fix Win32 warnings. 2007-02-18 17:23:20 +00:00
Richard Levitte
28f5873179 Add STARTTLS support for IMAP and FTP. 
Submitted by Kees Cook <kees@outflux.net>
 2007-02-16 18:12:20 +00:00
Dr. Stephen Henson
594c723f98 Add hmac option to dgst from 0.9.7-stable. 2007-02-08 19:08:21 +00:00
Nils Larsch
3a4cf918bf fix return value of get_cert_chain() 
PR: 1441
 2006-12-27 09:39:51 +00:00
Nils Larsch
9d5460d72d properly initialize SSL context, check return value 2006-12-13 22:08:20 +00:00
Nils Larsch
36abe6fe61 return 0 if 'noout' is used and no has occurred 
PR: 1435
Submitted by: "Haridharan" <haridharan@gmail.com>
 2006-12-05 20:08:03 +00:00
Nils Larsch
d4a6240005 replace macros with functions 
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
 2006-11-29 20:47:15 +00:00
Ben Laurie
4636341b05 Add RFC 3779 support, contributed by ARIN. 2006-11-27 13:36:55 +00:00
Richard Levitte
07b4bc3979 APP_FILES is no longer used, remove it everywhere. 2006-09-29 06:54:39 +00:00
Dr. Stephen Henson
c574d0cdf2 Fix from HEAD. 2006-09-22 17:14:44 +00:00
Dr. Stephen Henson
1a5e414863 Fix but in apps/pkcs12.c 
PR: 1377
 2006-09-22 00:28:37 +00:00
Dr. Stephen Henson
6d14cc7ec1 Fix from HEAD. 2006-07-13 20:35:33 +00:00
Bodo Möller
1921a1adb2 "make depend" for the default configuration, i.e. no-camellia here in 
the 0.9.8 branch!
 2006-06-14 09:56:08 +00:00
Bodo Möller
e18eef3d7a Camellia cipher, contributed by NTT 
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
 2006-06-09 15:42:21 +00:00
Dr. Stephen Henson
83231cb376 Fix from HEAD. 2006-05-17 18:25:59 +00:00
Dr. Stephen Henson
eb2ec6bee9 make update 2006-05-04 12:15:59 +00:00
Dr. Stephen Henson
6300c14248 Create a crlnumber file when a CA is created using CA.pl 2006-04-28 00:28:51 +00:00
Dr. Stephen Henson
fc12885b1b Fix from HEAD. 2005-11-30 19:25:31 +00:00
Ben Laurie
9e31e63147 Improve documentation. 2005-11-25 13:46:41 +00:00
Nils Larsch
d796e6acb7 compile sstrsep only if HAVE_FORK is defined; patch supplied by Johan Gill <johane@lysator.liu.se> 2005-11-02 22:13:23 +00:00
Dr. Stephen Henson
54f51116b2 Update from HEAD. 2005-09-30 23:38:20 +00:00
Nils Larsch
b0d90958fc successfully updating the db shouldn't result in an error message 2005-09-30 16:47:15 +00:00
Dr. Stephen Henson
3a8b42f291 Don't always use issuer serial version of AKID. 2005-09-16 12:20:24 +00:00
Nils Larsch
3b2ba5f7fb don't try to load cert/key when the "-nocert" option is set 2005-09-02 12:27:02 +00:00
Dr. Stephen Henson
1682e8fb12 Allow PKCS7_decrypt() to work if no cert supplied. 2005-08-04 22:10:05 +00:00
Nils Larsch
4913b88f70 make 
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
	make all test
work again (+ make update)

PR: 1159
 2005-07-16 11:13:10 +00:00
Richard Levitte
11024f252e make update 2005-07-05 18:41:28 +00:00
Dr. Stephen Henson
09c1a425a9 Add utf8 options to ca utility. 
PR:1109
 2005-07-04 23:04:28 +00:00
Richard Levitte
8c6fed007f The private key should never have ended up in newreq.pem. 
Now, it ends up in newkey.pem instead.
 2005-07-04 21:44:22 +00:00
Nils Larsch
8b963f4ba4 initialize newly allocated data 
PR: 1145
 2005-07-01 16:15:48 +00:00
Richard Levitte
cc4cba7b5d asn1parse doesn't support any TXT format, so let's stop pretending 
it does.
 2005-06-28 15:44:18 +00:00
Ben Laurie
f18dd687c8 Nasty fix for another warning, but all I have the patience for right now. 2005-06-28 13:07:46 +00:00
Andy Polyakov
a24b7eeb87 Makefile updates from HEAD [see http://cvs.openssl.org/chngview?cn=14099 
for further details].
 2005-06-28 09:10:19 +00:00
Andy Polyakov
71a61c573e Fix typos in apps/apps.c. 2005-06-27 15:58:55 +00:00
Richard Levitte
cbcbd07da2 Netware patch submitted by Verdon Walker" <VWalker@novell.com> in PR 
1107.  He says:

This is a followup to the NetWare patch that was applied to beta3.  It
does the following:

- Fixes a problem in the CLib build with undefined symbols.

- Adds the ability to use BSD sockets as the default for the OpenSSL
  socket BIO.  NetWare supports 2 flavors of sockets and our Apache
  developers need BSD sockets as a configurable option when building
  OpenSSL.  This adds that for them.

- Updates to the INSTALL.NW file to explain new options.

I have tried very hard to make sure all the changes are in NetWare
specific files or guarded carefully to make sure they only impact
NetWare builds.  I have tested the Windows build to make sure it does
not break that since we have made changes to mk1mf.pl.

We are still working the gcc cross compile for NetWare issue and hope
to have a patch for that before beta 6 is released.
 2005-06-13 03:21:01 +00:00
Nils Larsch
e00b165e9b let "make all test" work with "no-aes" 
PR: 1078
 2005-05-31 17:56:17 +00:00
Nils Larsch
5467ddf0e1 include opensslconf.h if OPENSSL_NO_* is used 2005-05-31 17:31:50 +00:00
Richard Levitte
2728a1b4f3 Forgottent needed changed. This file will be retagged. 2005-05-30 23:19:11 +00:00
Richard Levitte
77b97ee0d7 DJGPP changes. Contributed by Doug Kaufman <dkaufman@rahul.net> 2005-05-30 22:37:41 +00:00
Richard Levitte
e96025755d We have some source with \r\n as line ends. DEC C informs about that, 
and I really can't be bothered...
 2005-05-29 12:13:20 +00:00
Dr. Stephen Henson
dea446d995 Update from 0.9.7-stable branch. 2005-05-28 20:49:09 +00:00
Andy Polyakov
4976983f30 Disseminate BUILDENV even further. 2005-05-22 09:13:30 +00:00
Andy Polyakov
31e4ad25ba OPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to 
make no-sha512 more effective on platforms, which don't support 64-bit
integer type of *any* kind.
 2005-05-22 08:52:12 +00:00
Richard Levitte
43133041c9 'make update' with a default configuration. 2005-05-19 19:31:53 +00:00
Andy Polyakov
ea1b02db6a OPENSSL_Applink update. 2005-05-17 00:08:28 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and 
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
 2005-05-16 16:55:47 +00:00
Nils Larsch
9dd8405341 ecc api cleanup; summary: 
- hide the EC_KEY structure definition in ec_lcl.c + add
  some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
  attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
  additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
 2005-05-16 10:11:04 +00:00
Bodo Möller
46a643763d Implement fixed-window exponentiation to mitigate hyper-threading 
timing attacks.

BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.

Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
 2005-05-16 01:43:31 +00:00
Andy Polyakov
734540f887 Consolidate BUILDENV [idea is to keep all variables in one place]. 2005-05-15 23:53:34 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
b6995add5c Make -CSP option work again in pkcs12 utility by checking for 
attribute in EVP_PKEY structure.
 2005-05-15 00:54:45 +00:00
Nils Larsch
8b15c74018 give EC_GROUP_new_by_nid a more meanigful name: 
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
 2005-05-10 11:37:47 +00:00
Nils Larsch
3afa6cf866 improve command line argument checking 
PR: 1061
 2005-05-10 09:51:29 +00:00
Bodo Möller
fbeaa3c47d Update util/ck_errf.pl script, and have it run automatically 
during "make errors" and thus during "make update".

Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.
 2005-05-09 00:27:37 +00:00
Ben Laurie
0ff469d38d Add prototype. 2005-05-01 13:49:56 +00:00
Andy Polyakov
4c3a2d64e4 Fold rules in test/Makefiles [from stable]. 2005-04-30 21:39:39 +00:00
Richard Levitte
aed14edd12 From branch OpenSSL_0_9_7-stable, 2004-08-11 22:34: 
Another missing module in the VMS build files.I believe this is
the last, though...
 2005-04-30 15:21:40 +00:00
Richard Levitte
14a948e6ad All kinds of changes from branch OpenSSL_0_9_7-stable 2005-04-30 15:17:05 +00:00
Nils Larsch
7ab2d30349 add 192 bit prime curve to the command line options 2005-04-29 15:21:09 +00:00
Dr. Stephen Henson
6c61726b2a Lots of Win32 fixes for DTLS. 
1. "unsigned long long" isn't portable changed: to BN_ULLONG.
2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
2. Avoid lots of compiler warnings about signed/unsigned mismatches.
3. Include new library directory pqueue in mk1mf build system.
4. Update symbols.
 2005-04-27 16:27:14 +00:00
Dr. Stephen Henson
b08868c48a Port prime utility across from stable branch. 2005-04-26 23:02:52 +00:00
Bodo Möller
0d5ea7613e make update 2005-04-26 18:09:21 +00:00
Dr. Stephen Henson
4e321ffaff Fixes for signed/unsigned warnings and shadows. 2005-04-26 17:43:53 +00:00
Ben Laurie
36d16f8ee0 Add DTLS support. 2005-04-26 16:02:40 +00:00
Nils Larsch
965a1cb92e change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible 2005-04-23 10:11:16 +00:00
Ben Laurie
e9ad6665a5 Add debug target, remove cast, note possible bug. 2005-04-23 06:05:24 +00:00
Nils Larsch
e7076c5a80 make update 2005-04-22 20:17:17 +00:00
Richard Levitte
7efebab9fd signed vs. unsigned. 2005-04-20 13:21:10 +00:00
Dr. Stephen Henson
f68854b4c3 Various Win32 and other fixes for warnings and compilation errors. 
Fix Win32 build system to use 'Makefile' instead of 'Makefile.ssl'.
 2005-04-19 00:12:36 +00:00
Nils Larsch
ff990440ee const fixes 2005-04-15 18:29:33 +00:00
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Nils Larsch
eb3eab20a8 const fixes 2005-04-07 22:48:33 +00:00
Nils Larsch
7d727231b7 some const fixes 2005-04-05 19:11:19 +00:00
Nils Larsch
69740c2b3f update progs.pl to reflect changes in progs.h 2005-04-05 18:17:13 +00:00
Nils Larsch
12bdb64375 use SHA-1 as the default digest for the apps/openssl commands 2005-04-02 09:29:15 +00:00
Ben Laurie
41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Nils Larsch
689c6f2542 add new curves to the loop (with some cleanup from me) 
Submitted by: Jean-Luc Duval
Reviewed by:  Nils Larsch
 2005-03-20 23:12:13 +00:00
Bodo Möller
9f6715d4bb "make depend". This takes into account the algorithms that are now 
disabled by default (MDC2 and RC5), which until now were skipped
by "make links" and yet supposedly required by some of the Makefiles,
meaning that the recent snapshots failed to compile.

Problem reported by Nils Larsch.
 2005-03-13 19:49:47 +00:00
Andy Polyakov
877dbcb8a0 Shut whiny make's up. 2005-02-03 10:19:59 +00:00
Andy Polyakov
62d27939c2 Address run-time linker problems: LD_PRELOAD issue on multi-ABI platforms 
and SafeDllSearchMode in Windows.

Submitted by: Richard Levitte
 2005-02-01 23:48:37 +00:00
Richard Levitte
4aca9297dc The mix of CFLAGS and LDFLAGS is a bit confusing in my opinion, and 
Makefile.shared was a bit overcomplicated.

Make the shell variables LDFLAGS and SHAREDFLAGS in Makefile.shared
get the values of $(CFLAGS) or $(LDFLAGS) as appropriate depending on
the value the shell variables LDCMD and SHAREDCMD get.  That leaves
much less chance of confusion, since those pairs of shell variables
always are defined together.
 2005-01-26 23:51:20 +00:00
Andy Polyakov
fbdce13e5a Please BSD make... 2005-01-25 22:09:11 +00:00
Andy Polyakov
02a00bb054 DJGPP update. 
PR: 989
Submitted by: Doug Kaufman
 2005-01-04 10:28:38 +00:00
Andy Polyakov
3ffb8d42bc Remove naming conflict between variable and label. 2004-12-30 11:10:11 +00:00
Dr. Stephen Henson
e90faddaf8 Prompt for passphrases for PKCS12 input format 2004-12-29 01:07:14 +00:00
Richard Levitte
6951c23afd Add functionality needed to process proxy certificates. 2004-12-28 00:21:35 +00:00
Dr. Stephen Henson
abbc186bd2 Fix s_client so it works without a certificate again. 2004-12-13 18:02:23 +00:00
Richard Levitte
de6859e442 Propagate a few more variables to Makefile.shared when linking 
programs.
 2004-12-13 17:28:44 +00:00
Dr. Stephen Henson
a37e22d866 Use X509_cmp_time() in -checkend option, to support GeneralizedTime. 2004-12-05 18:26:19 +00:00
Dr. Stephen Henson
5b40d7dd97 Add -passin argument to dgst command. 2004-12-03 12:26:56 +00:00
Richard Levitte
30b415b076 Make an explicit check during certificate validation to see that the 
CA setting in each certificate on the chain is correct.  As a side-
effect always do the following basic checks on extensions, not just
when there's an associated purpose to the check:
- if there is an unhandled critical extension (unless the user has
  chosen to ignore this fault)
- if the path length has been exceeded (if one is set at all)
- that certain extensions fit the associated purpose (if one has been
  given)
 2004-11-29 11:28:08 +00:00
Dr. Stephen Henson
3fee255102 Typo. 2004-11-23 21:40:10 +00:00
Dr. Stephen Henson
16df5f066a Fix memory leak. 2004-11-23 21:22:21 +00:00
Dr. Stephen Henson
00dd8f6d6e In "req" exit immediately if configuration file is needed and it can't 
be loaded instead of giving the misleading:

"unable to find 'distinguised_name' in config"

error message.
 2004-11-17 18:36:13 +00:00
Dr. Stephen Henson
826a42a088 PR: 910 
Add command line options -certform, -keyform and -pass to s_client and
s_server. This supports the use of alternative passphrase sources, key formats
and keys handled by an ENGINE.

Update docs.
 2004-11-16 17:30:59 +00:00
Dr. Stephen Henson
151368ccba PR: 940 
Typo: use prompt_info, not cb_data->prompt_info.
 2004-11-14 15:40:00 +00:00
Dr. Stephen Henson
5fee606442 Zap obsolete der_chop script. 2004-11-14 00:08:36 +00:00
Dr. Stephen Henson
78df5a2f1e Fix x509.c so it creates serial number file again if no 
serial number is supplied on command line.
 2004-11-13 13:26:06 +00:00
Richard Levitte
6c9f57d629 Cut'n'paste mistake. All tested OK now... 2004-11-11 19:36:08 +00:00
Richard Levitte
382342ce1d Whoops, syntactic mistake... 2004-11-11 18:58:01 +00:00
Richard Levitte
69c922f5d2 Some find it confusing that environment variables are set when shared 
libraries aren't built or used.  I can see the point, so I'm
reorganising a little for clarity.
 2004-11-11 18:18:43 +00:00
Dr. Stephen Henson
10c8505734 Use the default_md config file value when signing CRLs. 
PR:662
 2004-11-11 13:47:06 +00:00
Dr. Stephen Henson
10f92aac33 Don't return an error with crl -noout. 
PR:917
Sumbmitted by: Michael Konietzka <konietzka@schlund.de>
 2004-11-11 02:13:08 +00:00
Richard Levitte
8de69cf2c6 Make sure LD_PRELOAD is only set when we build shared libraries (and 
therefore link with them).  Add LD_PRELOAD setting code where it was
still missing.

PR: 966
 2004-11-05 09:12:10 +00:00
Geoff Thorpe
58ae65cd1a Update ECDSA and ECDH for OPENSSL_NO_ENGINE. 
Reported by: Maxim Masiutin
Submitted by: Nils Larsch
 2004-10-21 00:06:14 +00:00
Richard Levitte
d813ff2ac1 make update 2004-09-10 10:30:33 +00:00
Dr. Stephen Henson
c431798e82 Reformat smime utility. 
Add support for policy checking in verify utility.
 2004-09-07 18:38:46 +00:00
Dr. Stephen Henson
fb80794568 Don't use 'explicit' for variable name. 2004-09-07 00:31:08 +00:00
Dr. Stephen Henson
4ec3d785e5 Reformat smime.c 2004-09-07 00:28:17 +00:00
Dr. Stephen Henson
5d7c222db8 New X509_VERIFY_PARAM structure and associated functionality. 
This tidies up verify parameters and adds support for integrated policy
checking.

Add support for policy related command line options. Currently only in smime
application.

WARNING: experimental code subject to change.
 2004-09-06 18:43:01 +00:00
Richard Levitte
2549564009 On systems that use case-insensitive symbol names (i.e. they're all 
converted to upper case or something like that), the application-
level bio_dump_cb() has a name clash with the new library function
BIO_dump_cb().  The easiest fix is to rename the function at the
application level.
 2004-08-12 08:58:55 +00:00
Dr. Stephen Henson
b5a93e2250 Call setup_engine after autoconfig. 2004-08-06 12:44:34 +00:00
Dr. Stephen Henson
c128bb0fa2 Don't ignore return value of EVP_DigestInit_ex() in md BIOs and dgst utility. 2004-08-05 18:09:50 +00:00
Andy Polyakov
c88f8f76b5 'apps/openssl dgst -help' update and minor apps/speed.c update. 2004-07-25 18:57:35 +00:00
Dr. Stephen Henson
0efea28dcb Don't try to parse non string types. 2004-07-01 18:15:33 +00:00
Richard Levitte
28a8003467 Changes for VOS, submitted by Paul Green <Paul.Green@stratus.com>. 
PR: 499
 2004-06-28 22:01:37 +00:00
Richard Levitte
563cd0f2b0 Make the tests of EVP operations without padding. As a consequence, 
there's no need for a larger BUFSIZE any more...

PR: 904
 2004-06-28 16:32:12 +00:00
Richard Levitte
3ac0f28837 Make sure that the buffers are large enough to contain padding. 
PR: 904
 2004-06-28 12:23:35 +00:00
Richard Levitte
47c1735acd NetWare fixes provided by Verdon Walker for OpenSSL 0.9.8-dev. 
The changes have been mailed to <crypt@bis.doc.gov> as well.

PR: 903
 2004-06-28 11:55:28 +00:00
Dr. Stephen Henson
8a60547896 Reformat pkcs8 source. 2004-06-24 13:10:54 +00:00
Andy Polyakov
bc1ca8605c Working on HP-UX shared support... 2004-05-31 14:50:19 +00:00
Andy Polyakov
63ba7e293f Make sha-256/-512 naming in speed.c consistent with their names as they 
will appear at EVP leyer.
 2004-05-31 12:40:22 +00:00
Andy Polyakov
46ceb15c39 SHA-256/-512 test and benchmark. 2004-05-20 21:49:38 +00:00
Geoff Thorpe
9c52d2cc75 After the latest round of header-hacking, regenerate the dependencies in 
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
 2004-05-17 19:26:06 +00:00
Geoff Thorpe
f0eae953e2 Remove some unnecessary recursive includes from the internal apps.h header, 
and include bn.h in those C files that need bignum functionality.
 2004-05-17 19:05:32 +00:00
Richard Levitte
d1739eb2d6 make update 2004-05-13 21:38:47 +00:00
Dr. Stephen Henson
df368ecce4 Make self signing option of 'x509' use random serial numbers too. 2004-05-12 18:20:37 +00:00
Geoff Thorpe
bcfea9fb25 Allow RSA key-generation to specify an arbitrary public exponent. Jelte 
proposed the change and submitted the patch, I jiggled it slightly and
adjusted the other parts of openssl that were affected.

PR: 867
Submitted by: Jelte Jansen
Reviewed by: Geoff Thorpe
 2004-04-26 15:31:35 +00:00
Dr. Stephen Henson
77475142ec New option to 'x509' -next_serial. This outputs the certificate 
serial number plus 1 to the output file. Its purpose is to allow
serial number files to be initialized when random serial numbers
are used.
 2004-04-21 12:46:20 +00:00
Dr. Stephen Henson
90fac84066 Use X509_get_serialNumber() instead of accessing internals in x509.c 2004-04-21 12:43:21 +00:00
Dr. Stephen Henson
64674bcc8c Reduce chances of issuer and serial number duplication by use of random 
initial serial numbers.

PR: 842
 2004-04-20 12:05:26 +00:00