Commit graph

37 commits

Author SHA1 Message Date
Matt Caswell
017a06c7d1 Add -no_alt_chains option to apps to implement the new
X509_V_FLAG_NO_ALT_CHAINS flag. Using this option means that when building
certificate chains, the first chain found will be the one used. Without this
flag, if the first chain found is not trusted then we will keep looking to
see if we can build an alternative chain instead.

Conflicts:
	apps/cms.c
	apps/ocsp.c
	apps/s_client.c
	apps/s_server.c
	apps/smime.c
	apps/verify.c

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-04-20 13:42:17 +01:00
Viktor Dukhovni
3b38646d13 Code style: space after 'if'
Reviewed-by: Matt Caswell <gitlab@openssl.org>
2015-04-16 13:50:01 -04:00
Matt Caswell
d6b4a41d10 Unchecked malloc fixes
Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error
paths as I spotted them along the way.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 918bb86529)

Conflicts:
	crypto/bio/bss_dgram.c
2015-03-05 09:15:08 +00:00
Matt Caswell
ae5c8664e5 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:31:38 +00:00
Matt Caswell
4ce632fb45 More indent fixes for STACK_OF
Conflicts:
	ssl/s3_lib.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:26:15 +00:00
Dr. Stephen Henson
9d1e475db6 Custom key wrap option for cms utility.
(cherry picked from commit 5711885a2b)
2013-10-01 14:01:18 +01:00
Dr. Stephen Henson
4a26fd6e3b Add -keyopt option to cms utility.
Add support for custom public key parameters in the cms utility using
the -keyopt switch. Works for -sign and also -encrypt if -recip is used.
(cherry picked from commit 02498cc885)
2013-10-01 14:01:18 +01:00
Dr. Stephen Henson
93cf058334 oops, add -debug_decrypt option which was accidenatally left out 2012-06-19 13:39:17 +00:00
Bodo Möller
767d3e0054 Update for 0.9.8s and 1.0.0f.
(While the 1.0.0f CHANGES entry on VOS PRNG seeding was missing
in the 1.0.1 branch, the actual code is here already.)
2012-01-05 13:46:27 +00:00
Dr. Stephen Henson
dc100d87b5 Backport of password based CMS support from HEAD. 2011-10-09 15:28:02 +00:00
Dr. Stephen Henson
370385571c PR: 2347
Submitted by: Tomas Mraz <tmraz@redhat.com>
Reviewed by: steve

Fix usage message.
2011-09-23 13:12:41 +00:00
Dr. Stephen Henson
c679fb298e Add new function X509_STORE_set_verify_cb and use it in apps 2009-10-18 14:42:27 +00:00
Dr. Stephen Henson
4386445c18 Change STRING to OPENSSL_STRING etc as common words such
as "STRING" cause conflicts with other headers/libraries.
2009-07-27 21:08:53 +00:00
Dr. Stephen Henson
9990cb75c1 PR: 1894
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org

Fix various typos and stuff.
2009-04-16 17:22:51 +00:00
Dr. Stephen Henson
db50661fce X509 verification fixes.
Ignore self issued certificates when checking path length constraints.

Duplicate OIDs in policy tree in case they are allocated.

Use anyPolicy from certificate cache and not current tree level.
2008-07-13 14:25:36 +00:00
Ben Laurie
5ce278a77b More type-checking. 2008-06-04 11:01:43 +00:00
Dr. Stephen Henson
4a954b56c9 Use "cont" consistently in cms-examples.pl
Add a -certsout option to output any certificates in a message.

Add test for example 4.11
2008-05-01 23:30:06 +00:00
Dr. Stephen Henson
a5db50d005 Revert argument swap change... oops CMS_uncompress() was consistent... 2008-04-11 23:23:18 +00:00
Dr. Stephen Henson
529d329ce1 Make CMS_uncompress() argument order consistent with other functions. 2008-04-11 17:34:13 +00:00
Dr. Stephen Henson
e0fbd07309 Add additional parameter to CMS_final() to handle detached content. 2008-04-10 11:22:14 +00:00
Dr. Stephen Henson
7f50d9a4b0 Correct references to smime in cms app. 2008-04-09 22:09:45 +00:00
Dr. Stephen Henson
36309aa2be Signed receipt generation code. 2008-03-28 19:43:16 +00:00
Dr. Stephen Henson
eb9d8d8cd4 Support for verification of signed receipts. 2008-03-28 13:15:39 +00:00
Dr. Stephen Henson
f5e2354c9d Add support for signed receipt request printout and generation. 2008-03-26 17:40:22 +00:00
Dr. Stephen Henson
f4cc56f494 Signed Receipt Request utility functions and option on CMS utility to
print out receipt requests.
2008-03-26 13:10:21 +00:00
Dr. Stephen Henson
6205171362 Add support for CMS structure printing in cms utility. 2008-03-24 21:53:07 +00:00
Dr. Stephen Henson
054307e7ed Allow alternate eContentType oids to be set in cms utility.
Add id-ct-asciiTextWithCRLF OID.

Give more meaninful error message is attempt to use key ID from a certificate
without a key ID.
2008-03-19 19:34:30 +00:00
Dr. Stephen Henson
eeb9cdfc94 Add support for KEK decrypt in cms utility. 2008-03-19 18:39:51 +00:00
Dr. Stephen Henson
ab12438030 Add support for KEKRecipientInfo in cms application. 2008-03-19 13:53:52 +00:00
Dr. Stephen Henson
c220e58f9e Make 3DES default cipher in cms utility. 2008-03-18 19:03:03 +00:00
Dr. Stephen Henson
e4f0e40eac Various tidies/fixes:
Make streaming support in cms cleaner.

Note errors in various S/MIME functions if CMS_final() fails.

Add streaming support for enveloped data.
2008-03-18 13:45:43 +00:00
Dr. Stephen Henson
7c337e00d2 Fix some warnings. 2008-03-16 20:59:10 +00:00
Dr. Stephen Henson
4f1aa191b3 Initial support for enveloped data decrypt. Extent runex.pl to cover these
examples. All RFC4134 examples can not be processed.
2008-03-15 23:21:33 +00:00
Dr. Stephen Henson
d9f5f07e28 Initial support for Encrypted Data type generation. 2008-03-14 23:30:56 +00:00
Dr. Stephen Henson
1021f9aa5e Typos. 2008-03-14 19:38:44 +00:00
Dr. Stephen Henson
b820455c6e Encrypted Data type processing. Add options to cms utility and run section 7
tests in RFC4134.
2008-03-14 13:21:48 +00:00
Dr. Stephen Henson
8931b30d84 And so it begins...
Initial support for CMS.

Add zlib compression BIO.

Add AES key wrap implementation.

Generalize S/MIME MIME code to support CMS and/or PKCS7.
2008-03-12 21:14:28 +00:00