Dr. Stephen Henson
6447cce372
Simplify the trust structure: basically zap the bit strings and
...
represent everything by OIDs.
1999-12-29 00:40:28 +00:00
Dr. Stephen Henson
e6f3c5850e
New {i2d,d2i}_PrivateKey_{bio, fp} functions.
1999-12-26 19:20:03 +00:00
Dr. Stephen Henson
36217a9424
Allow passwords to be included on command line for a few
...
more utilities.
1999-12-24 23:53:57 +00:00
Dr. Stephen Henson
12aefe78f0
Fixes so NO_RSA works again.
1999-12-24 17:26:33 +00:00
Dr. Stephen Henson
dd4134101f
Change the trust and purpose code so it doesn't need init
...
either and has a static and dynamic mix.
1999-12-02 02:33:56 +00:00
Dr. Stephen Henson
13938aceca
Add part of chain verify SSL support code: not complete or doing anything
...
yet.
Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.
Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
1999-11-29 01:09:25 +00:00
Dr. Stephen Henson
51630a3706
Add trust setting support to the verify code. It now checks the
...
trust settings of the root CA.
After a few fixes it seems to work OK.
Still need to add support to SSL and S/MIME code though.
1999-11-27 19:43:10 +00:00
Dr. Stephen Henson
9868232ae1
Initial trust code: allow setting of trust checking functions
...
in a table. Doesn't do too much yet.
Make the -<digestname> options in 'x509' affect all relevant
options.
Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.
A few constification changes.
1999-11-27 01:14:04 +00:00
Dr. Stephen Henson
d4cec6a13d
New options to the -verify program which can be used for chain verification.
...
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.
Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
1999-11-26 00:27:07 +00:00
Dr. Stephen Henson
52664f5081
Transparent support for PKCS#8 private keys in RSA/DSA.
...
New universal public key format.
Fix CRL+cert load problem in by_file.c
Make verify report errors when loading files or dirs
1999-11-21 22:28:31 +00:00
Dr. Stephen Henson
e947f39689
New function X509_cmp().
1999-11-16 00:56:03 +00:00
Dr. Stephen Henson
ce1b4fe146
Allow additional information to be attached to a
...
certificate: currently this includes trust settings
and a "friendly name".
1999-11-04 00:45:35 +00:00
Dr. Stephen Henson
74400f7348
Continued multibyte character support.
...
Add a bunch of functions to simplify the creation of X509_NAME structures.
Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.
1999-10-27 00:15:11 +00:00
Dr. Stephen Henson
673b102c5b
Initial support for certificate purpose checking: this will
...
ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.
1999-10-13 01:11:56 +00:00
Dr. Stephen Henson
56a3fec1b1
Add EX_DATA support to X509.
...
Fix a bug in the X509_get_d2i() functions which didn't check if crit was NULL.
1999-10-11 01:30:04 +00:00
Dr. Stephen Henson
3ea23631d4
Add support for public key input and output in rsa and dsa utilities with some
...
new DSA public key functions that were missing.
Also beginning of a cache for X509_EXTENSION structures: this will allow them
to be accessed more quickly for things like certificate chain verification...
1999-10-04 21:17:47 +00:00
Ben Laurie
092ec334f0
Fix warnings.
1999-09-06 11:06:54 +00:00
Dr. Stephen Henson
8ce97163a2
Add new 'spkac' utility and several SPKAC utility functions.
1999-09-03 01:08:34 +00:00
Dr. Stephen Henson
fd52057729
Add functions to allow extensions to be added to certificate requests.
...
Modify obj_dat.pl to take its files from the command line. Usage is now
perl obj_dat.pl objects.h obj_dat.h
this should avoid redirection shell escape problems under Win32.
1999-08-11 13:08:58 +00:00
Dr. Stephen Henson
87c49f622e
Support for parsing of certificate extensions in PKCS#10 requests: these are
...
used by things like Xenroll. Also include documentation for extendedKeyUsage
extension.
1999-08-09 22:38:05 +00:00
Bodo Möller
16bc9fea4d
slight clean-up
1999-07-21 20:47:51 +00:00
Ulf Möller
5271ebd9a3
More no-xxx option tweaks.
1999-06-30 00:42:56 +00:00
Dr. Stephen Henson
8eb57af5fe
Complete support for PKCS#5 v2.0. Still needs extensive testing.
1999-06-08 00:09:51 +00:00
Dr. Stephen Henson
8e21c14607
More PKCS#5 v2.0 development. Add a function to setup a PKCS#5 v2.0
...
AlgorithmIdentifier and make various ASN1 fixes.
1999-06-06 23:34:44 +00:00
Dr. Stephen Henson
69cbf46811
Rewrite PBE handling read to support PKCS#5 v2.0 and update the function
...
list for Win32.
1999-06-06 13:07:13 +00:00
Dr. Stephen Henson
3cbb7937fa
Add d2i,i2d bio and fp functions for PKCS#8 and add -inform and -outform
...
arguments to pkcs8 application.
1999-06-05 01:45:20 +00:00
Ben Laurie
6d114240b9
stack.
1999-05-31 21:00:25 +00:00
Ben Laurie
426edadf98
Stack.
1999-05-31 20:35:31 +00:00
Ben Laurie
7e258a56da
Yet another stack.
1999-05-30 22:25:19 +00:00
Ben Laurie
fc875472d0
Another stack.
1999-05-30 21:16:24 +00:00
Ben Laurie
e5e932d212
Another safe stack.
1999-05-30 15:40:21 +00:00
Ben Laurie
ee8ba0b26c
Another safe stack.
1999-05-30 15:25:47 +00:00
Dr. Stephen Henson
4b55c2a3a9
Move the Win32 #undefs of X509_NAME and PKCS7_ISSUER_AND_SERIAL so they will
...
always get included with the relevant files.
1999-05-21 12:14:35 +00:00
Dr. Stephen Henson
31a352d191
The last argument in the d2i_XXX_fp and d2i_XXX_bio functions should be
...
of type XXX ** not XXX *
1999-05-21 01:06:23 +00:00
Ulf Möller
7d7d2cbcb0
VMS support.
...
Submitted by: Richard Levitte <richard@levitte.org>
1999-05-13 11:37:32 +00:00
Ralf S. Engelschall
397f703892
Fix various things to let OpenSSL even pass ``egcc -pipe -O2 -Wall -Wshadow
...
-Wpointer-arith -Wcast-align -Wmissing-prototypes -Wmissing-declarations
-Wnested-externs -Winline'' with EGCS 1.1.2+
1999-05-10 08:33:56 +00:00
Dr. Stephen Henson
c8b4185079
Kill evil casts, fix PKCS#7 and add new X509V3 Function.
1999-05-09 16:39:11 +00:00
Ralf S. Engelschall
20b85fdd76
Convert casted X509_INFO stacks to type-safe STACK_OF(X509_INFO).
...
PS: Feel free to move the IMPLEMENT_STACK_OF(X509_INFO) from
crypto/asn1/x_info.c to any other place where you think it fits better.
X509_INFO is a structure slightly spreaded over ASN.1, X509 and PEM code,
so I found no definitive location for IMPLEMENT_STACK_OF(X509_INFO). In
crypto/asn1/x_info.c it's at least now bundled with X509_INFO_new() and
friends.
1999-05-04 08:56:51 +00:00
Ben Laurie
0b3f827cf5
Yet another stack.
1999-05-02 21:36:58 +00:00
Ben Laurie
d35ea5b00b
Another stack.
1999-05-01 18:29:59 +00:00
Ben Laurie
d500de1672
Another stack.
1999-05-01 18:08:44 +00:00
Ben Laurie
65d4927b8d
Another safe stack.
1999-05-01 17:40:57 +00:00
Ulf Möller
f5d7a031a3
New Configure option no-<cipher> (rsa, idea, rc5, ...).
1999-04-27 01:14:46 +00:00
Ulf Möller
a9be3af5ad
Remove NOPROTO definitions and error code comments.
1999-04-26 16:43:10 +00:00
Dr. Stephen Henson
c74b3a6037
Various header consistency fixes.
1999-04-25 16:38:52 +00:00
Bodo Möller
0b86eb3ea6
Fix header files so that any one can be included first.
...
Submitted by:
Reviewed by:
PR:
1999-04-24 18:50:40 +00:00
Dr. Stephen Henson
6d31193858
Complete rewrite of the error code generation script. It now runs as a single
...
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
1999-04-24 00:15:18 +00:00
Bodo Möller
ec577822f9
Change #include filenames from <foo.h> to <openssl.h>.
...
Submitted by:
Reviewed by:
PR:
1999-04-23 22:13:45 +00:00
Ben Laurie
61f5b6f338
Work with -pedantic!
1999-04-23 15:01:15 +00:00
Dr. Stephen Henson
f5fedc0497
Various fixes so Win32 compile may work. Convert GeneralNames to use safe stack.
1999-04-20 01:10:33 +00:00
Bodo Möller
6c5d4168ff
Removed extra semicolons.
...
Submitted by:
Reviewed by:
PR:
1999-04-19 13:37:35 +00:00
Ben Laurie
e778802f53
Massive constification.
1999-04-17 21:25:43 +00:00
Ben Laurie
cfdcfede9c
Another STACK bites the dust.
1999-04-17 10:28:46 +00:00
Dr. Stephen Henson
0490a86d01
Delete all the old X509V3 pack and unpack stuff and various structures and
...
files associated with them. This stuff is all obsoleted by the new X509V3 code.
1999-04-13 23:56:39 +00:00
Ben Laurie
f73e07cf42
Add type-safe STACKs and SETs.
1999-04-12 17:23:57 +00:00
Dr. Stephen Henson
d2e26dccd1
Add PKCS#5 v2.0 ASN1 structures.
1999-04-08 23:55:42 +00:00
Dr. Stephen Henson
ee0508d411
Include pkcs12 program as part of openssl. This completes most of the PKCS#12
...
integration.
1999-03-29 17:50:26 +00:00
Dr. Stephen Henson
8d8c7266d4
Yet more PKCS#12 integration: add lots of files under crypto/pkcs12 and add
...
them to the build environment.
1999-03-28 23:17:34 +00:00
Dr. Stephen Henson
cfcefcbe2a
Further PKCS#12 integration, PBE, PKCS#8 additions.
1999-03-28 17:46:10 +00:00
Ben Laurie
4004dbb7f6
Generate errors when public/private key check is done.
1999-02-20 11:50:07 +00:00
Dr. Stephen Henson
0ca5f8b15c
Overhaul 'crl' application, add a proper X509_CRL_print function and start
...
to support CRL extensions.
1999-02-19 01:29:29 +00:00
Dr. Stephen Henson
92c046cac0
Add ASN1 code for netscape certificate sequences.
1999-01-28 00:16:44 +00:00
Dr. Stephen Henson
fdc71eccec
This is the result of a "make errors" with the new error building functionality
...
in place.
1999-01-18 22:19:46 +00:00
Ralf S. Engelschall
dfeab0689f
Import of old SSLeay release: SSLeay 0.9.1b (unreleased)
1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
58964a4922
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a
Import of old SSLeay release: SSLeay 0.8.1b
1998-12-21 10:52:47 +00:00