wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1372 commits 20 branches 302 tags 153 MiB
Commit graph

411 commits

Author SHA1 Message Date
Mark J. Cox
ce2c95b2a2 Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). The 
problem was that one of the replacement routines had not been working since
SSLeay releases.  For now the offending routine has been replaced with
non-optimised assembler.  Even so, this now gives around 95% performance
improvement for 1024 bit RSA signs.
 1999-11-03 14:10:10 +00:00
Dr. Stephen Henson
9716a8f9f2 Fix to PKCS#7 routines so it can decrypt some oddball RC2 handling. 1999-10-29 13:06:25 +00:00
Dr. Stephen Henson
74400f7348 Continued multibyte character support. 
Add a bunch of functions to simplify the creation of X509_NAME structures.

Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.
 1999-10-27 00:15:11 +00:00
Bodo Möller
62ac293801 Always hash the pid in the first iteration in ssleay_rand_bytes, 
don't try to detect fork()s by looking at getpid().
The reason is that threads sharing the same memory can have different
PIDs; it's inefficient to run RAND_seed each time a different thread
calls RAND_bytes.
 1999-10-26 16:26:48 +00:00
Bodo Möller
c1e744b912 Make md_rand.c more robust. 1999-10-26 14:49:12 +00:00
Bodo Möller
99e87569fd Don't be overly paranoid. 1999-10-26 11:19:42 +00:00
Bodo Möller
a31011e8e0 Various randomness handling bugfixes and improvements -- 
some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.
 1999-10-26 01:56:29 +00:00
Dr. Stephen Henson
462f79ec44 New function ASN1_mbstring_copy() to handle ASN1 string copying. Ultimately 
this will be used to clear up the horrible DN mess.
 1999-10-21 13:20:49 +00:00
Dr. Stephen Henson
08e9c1af6c Replace the macros in asn1.h with function equivalents. Also make UTF8Strings 
tolerated in certificates.
 1999-10-20 01:50:23 +00:00
Dr. Stephen Henson
673b102c5b Initial support for certificate purpose checking: this will 
ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.
 1999-10-13 01:11:56 +00:00
Dr. Stephen Henson
56a3fec1b1 Add EX_DATA support to X509. 
Fix a bug in the X509_get_d2i() functions which didn't check if crit was NULL.
 1999-10-11 01:30:04 +00:00
Dr. Stephen Henson
4654ef985b New functions to parse and get extensions. 1999-10-09 02:54:10 +00:00
Andy Polyakov
7e102e28e1 RC4 tune-up featuring 30-40% performance improvement on most RISC 
platforms. See crypto/rc4/rc4_enc.c for further details.
 1999-10-07 12:10:26 +00:00
Dr. Stephen Henson
d71c6bc5a4 Fix for bug in pkcs12 program and typo in ASN1_tag2str(). 1999-10-05 13:10:21 +00:00
Dr. Stephen Henson
2d681b779c Fix for bug in pkcs12 program and typo in ASN1_tag2str(). 1999-10-05 12:57:50 +00:00
Dr. Stephen Henson
3908cdf442 New option -dhparam to s_server to allow the DH parameter file to be set 
explicitly. Previously it couldn't be changed because it was hard coded as
"server.pem".
 1999-10-04 23:56:06 +00:00
Dr. Stephen Henson
3ea23631d4 Add support for public key input and output in rsa and dsa utilities with some 
new DSA public key functions that were missing.

Also beginning of a cache for X509_EXTENSION structures: this will allow them
to be accessed more quickly for things like certificate chain verification...
 1999-10-04 21:17:47 +00:00
Dr. Stephen Henson
393f2c651d Fix for d2i_ASN1_bytes and stop PKCS#7 routines crashing is signed message 
contains no certificates.

Also fix typo in RANLIB changes.
 1999-10-04 12:08:59 +00:00
Dr. Stephen Henson
4579dd5dc6 Fix for base64 BIO decoding bug 1999-10-02 13:33:06 +00:00
Bodo Möller
0f7e6fe10c Fix typo that I introduced when reformatting lines. 1999-09-24 20:24:24 +00:00
Bodo Möller
96c2201bef Keep line lengths < 80 characters. 1999-09-21 13:33:15 +00:00
Dr. Stephen Henson
06f4536a61 Fix to make s_client and s_server work under Windows. A bit of a hack but 
an improvement on not working at all.
 1999-09-20 22:09:17 +00:00
Dr. Stephen Henson
1c80019a2c Add new sign and verify members to RSA_METHOD and change SSL code to use sign 
and verify rather than direct encrypt/decrypt.
 1999-09-18 22:37:44 +00:00
Dr. Stephen Henson
090d848ea8 Various CRL enhancements tidies and workaround for broken CRLs. 1999-09-18 01:42:02 +00:00
Bodo Möller
6f7af1524e Use non-copying BIO interface in ssltest.c. 1999-09-10 14:03:21 +00:00
Bodo Möller
396f631458 some more patches for avoiding problems with non-automatic variables 1999-09-08 21:58:13 +00:00
Dr. Stephen Henson
4a61a64f50 This is preliminary support for an "RSA null" cipher. Unfortunately when 
OpenSSL is compiled with NO_RSA, no RSA operations can be used: including
key generation storage and display of RSA keys. Since these operations are
not covered by the RSA patent (my understanding is it only covers encrypt,
decrypt, sign and verify) they can be included: this is an often requested
feature, attempts to use the patented operations return an error code.

This is enabled by setting RSA_NULL. This means that if a particular application
has its own legal US RSA implementation then it can use that instead by setting
it as the default RSA method.

Still experimental and needs some fiddling of the other libraries so they have
some options that don't attempt to use RSA if it isn't allowed.
 1999-09-08 18:02:25 +00:00
Bodo Möller
c1082a90bb Non-copying interface to BIO pairs. 
It's still totally untested ...
 1999-09-07 21:37:09 +00:00
Dr. Stephen Henson
a785abc324 New function to convert ASN1 tag values to strings. Also fix typo in asn1.h 1999-09-07 12:16:29 +00:00
Dr. Stephen Henson
aef838fc95 New UTF8 utility functions to parse/generate UTF8 strings. 1999-09-04 17:19:55 +00:00
Bodo Möller
074309b7ee Fix server behaviour when facing backwards-compatible client hellos. 1999-09-03 16:33:11 +00:00
Dr. Stephen Henson
8ce97163a2 Add new 'spkac' utility and several SPKAC utility functions. 1999-09-03 01:08:34 +00:00
Andy Polyakov
2d4287da34 RIPEMD160 shape-up. Final touch. 1999-08-28 13:18:25 +00:00
Dr. Stephen Henson
87a25f9032 Allow the extension section specified in config files to be overridden 
on the command line for various utilities.
 1999-08-27 00:08:17 +00:00
Dr. Stephen Henson
f9150e5421 Allow the 1.OU="my OU" syntax in 'ca' for SPKACs. 1999-08-25 23:18:23 +00:00
Dr. Stephen Henson
c79b16e11d Allow extensions to be added to certificate requests, update the sample 
config file (change RAW to DER).
 1999-08-25 16:59:26 +00:00
Dr. Stephen Henson
7b65c3298f Fix for a bug which meant encrypting BIOs sometimes wouldn't read the final 
block.
 1999-08-24 13:21:35 +00:00
Dr. Stephen Henson
13066cee60 Initial support for DH_METHOD. Also added a DH lock. A few changes made to 
DSA_METHOD to make it more consistent with RSA_METHOD.
 1999-08-23 23:11:32 +00:00
Dr. Stephen Henson
c0711f7f0f Initial support for DSA_METHOD... 1999-08-22 17:57:38 +00:00
Dr. Stephen Henson
8484721adb Allow memory bios to be read only and change PKCS#7 routines to use them. 1999-08-19 13:07:43 +00:00
Bodo Möller
de1915e48c Fix horrible (and hard to track down) bug in ssl23_get_client_hello: 
In case of a restart, v[0] and v[1] were incorrectly initialised.
This was interpreted by ssl3_get_client_key_exchange as an RSA decryption
failure (don't ask me why) and caused it to create a _random_ master key
instead (even weirder), which obviously led to incorrect input to
ssl3_generate_master_secret and thus caused "block cipher pad is
wrong" error messages from ssl3_enc for the client's Finished message.
Arrgh.
 1999-08-18 17:14:42 +00:00
Dr. Stephen Henson
c6c3450643 Fix PKCS7_ENC_CONTENT_new() to include a sensible default content type and add 
support for encrypted content type in PKCS7_set_content().
 1999-08-17 12:58:01 +00:00
Dr. Stephen Henson
fd52057729 Add functions to allow extensions to be added to certificate requests. 
Modify obj_dat.pl to take its files from the command line. Usage is now
perl obj_dat.pl objects.h obj_dat.h
this should avoid redirection shell escape problems under Win32.
 1999-08-11 13:08:58 +00:00
Dr. Stephen Henson
87c49f622e Support for parsing of certificate extensions in PKCS#10 requests: these are 
used by things like Xenroll. Also include documentation for extendedKeyUsage
extension.
 1999-08-09 22:38:05 +00:00
Bodo Möller
1b1a6e7808 -crlf option. 1999-08-09 13:01:48 +00:00
Ralf S. Engelschall
d91e201e96 Bump after tarball rolling. 
Friends, feel free to start again hacking for 0.9.5... ;)
 1999-08-09 11:14:08 +00:00
Bodo Möller
9a577e29e8 spelling 1999-08-08 22:41:24 +00:00
Ralf S. Engelschall
dfbaf95618 Install libRSAglue.a when OpenSSL is build with RSAref. 
This should now finally make the RSAref users happy...
 1999-08-08 19:12:26 +00:00
Ralf S. Engelschall
9639515871 A few more ``#ifndef NO_FP_API / #endif'' pairs for consistency. 
Hint from: Andrija Antonijevic <TheAntony2@bigfoot.com>
 1999-08-08 10:15:43 +00:00
Dr. Stephen Henson
ed7f60fbf9 Fix -startdate and -enddate arguments to 'ca' program. Also update NEWS file 
with some 0.9.4 changes.
 1999-08-06 21:47:09 +00:00
Bodo Möller
48c843c367 New function DSA_dup_DH, and fixes for bugs that were found 
while implementing and using it.
 1999-08-05 11:50:18 +00:00
Bodo Möller
41a6fdea80 0.9.4 won't be completed in July ... 1999-08-03 12:24:14 +00:00
Dr. Stephen Henson
922180d794 Allow the PKCS#7 (S/MIME encrypt) application to support more than one 
recipient.
 1999-07-30 01:12:46 +00:00
Bodo Möller
571199434c Always use buildinf.h, which now includes the mk1mfinf.h data. 
Using different files caused problems because the dependencies
in the Makefiles produced by mk1mf.pl were for the standard case,
i.e. mentioned buildinf.h and not mk1mfinf.h.
 1999-07-29 12:57:23 +00:00
Dr. Stephen Henson
3e3d2ea2fc New function OBJ_obj2txt() 1999-07-27 22:22:58 +00:00
Dr. Stephen Henson
770d19b862 New RSA flag RSA_FLAG_EXT_PKEY, to always call rsa_mod_exp. 1999-07-27 21:58:08 +00:00
Bodo Möller
2e0fc87599 Use correct CFLAG definition for makefile.one builds. 1999-07-27 09:10:36 +00:00
Andy Polyakov
a0618e3e5e Added support for SPARC Linux. 1999-07-25 15:13:49 +00:00
Bodo Möller
74678cc2f8 Additional user data argument to pem_password_cb function type 
and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>
 1999-07-21 20:57:16 +00:00
Bodo Möller
664b99853c avoid -DPLATFORM=\"...\" and -DCFLAGS=\"...\" command lines, 
use new file buildinf.h instead.
 1999-07-21 20:49:15 +00:00
Andy Polyakov
7363455fac MIPS III/IV assembler module is reimplemented. 1999-07-20 15:50:20 +00:00
Bodo Möller
9c962484fe SSL_MODE_ENABLE_PARTIAL_WRITE and SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 
work as intended, both for SSLv2 and TLS.
 1999-07-19 12:59:12 +00:00
Bodo Möller
e391116a48 New compile time option -DCRYPTO_MDEBUG_THREAD. 1999-07-19 10:36:10 +00:00
Bodo Möller
458cddc104 Have CRYPTO_MDEBUG_TIME automatically set CRYPTO_MDEBUG, 
and make it the default for some debugging configurations.
 1999-07-19 09:25:35 +00:00
Ulf Möller
6434450cd6 DES library changes. 1999-07-16 00:50:45 +00:00
Dr. Stephen Henson
b617a5be59 Continues NASM support. This might work now. Its still experimental but it 
passes all the tests. Added documentation in INSTALL.W32.
 1999-07-12 23:35:10 +00:00
Bodo Möller
5059658219 fix memory leak in s3_clnt.c 1999-07-12 17:15:42 +00:00
Bodo Möller
03cd49447f New function RSA_check_key, 
openssl rsa -check
 1999-07-11 22:00:55 +00:00
Dr. Stephen Henson
f598cd13a3 Various changes to stop VC++ choking under Win32. 1999-07-11 17:09:04 +00:00
Dr. Stephen Henson
f513939ebb Add a debugging option to PKCS#5 v2.0 key generation function. 1999-07-11 12:40:46 +00:00
Dr. Stephen Henson
0ab8beb480 Copy flags in ASN1_STRING_dup() 1999-07-11 12:30:55 +00:00
Dr. Stephen Henson
f7daafa442 Fix a bug in x509.c that omitted DSA parameters when they didn't match the 
signers parameters. Changed it to never omit parameters.
 1999-07-11 01:48:21 +00:00
Bodo Möller
777ab7e611 Fix memory checking. 1999-07-09 16:27:30 +00:00
Bodo Möller
975d3dc2ca remove editing artifacts 1999-07-09 13:02:14 +00:00
Bodo Möller
6888f2b35c Mention modification to Configure. 1999-07-09 12:01:40 +00:00
Bodo Möller
e105643595 New functions SSL[_CTX]_{set,get}_mode; the initial set of mode flags is 
SSL_MODE_ENABLE_PARTIAL_WRITE, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.
 1999-07-02 13:55:32 +00:00
Ulf Möller
5271ebd9a3 More no-xxx option tweaks. 1999-06-30 00:42:56 +00:00
Dr. Stephen Henson
ce8b257413 New functions to allow RSA_METHODs to be changed without poking round in 
RSA structure internals.
 1999-06-29 22:22:42 +00:00
Bodo Möller
9c729e0a6d Memory leak checks. 1999-06-25 14:04:10 +00:00
Dr. Stephen Henson
034292ad6a Fix d2i_ASN1_INTEGER() and i2d_ASN1_INTEGER() so it correctly works out 
the length of negative integers.
 1999-06-24 01:50:27 +00:00
Dr. Stephen Henson
170afce58d New function PKCS7_signatureVerify to allow the signing certificate to 
be explicitly stated with PKCS#7 verify.

Also fix for util/mkerr.pl: if the -nostatic option is being used this will be
for an external library so the autogenerated C file should include the
header file as:
#include "any/path/to/header.h"
rather than the internal library form:
#include <openssl/header.h>
 1999-06-22 13:33:22 +00:00
Dr. Stephen Henson
dbd665c210 Change the PEM_* function prototypes to use DECLARE_PEM macros and change 
util/mkdef.pl to handle this. Also do a 'make update'.
 1999-06-22 01:38:31 +00:00
Bodo Möller
f76a8084df Perl variable names are case-sensitive ... 1999-06-21 11:32:25 +00:00
Dr. Stephen Henson
8623f693d9 New functions CONF_load_bio() and CONF_load_fp() to load a configuration 
file from a bio or fp. Added some more constification to the BN library.
 1999-06-20 17:36:11 +00:00
Bodo Möller
11af1a2758 Clarification. 1999-06-18 18:22:38 +00:00
Bodo Möller
a111306bbc New function CRYPTO_num_locks. 1999-06-18 16:14:18 +00:00
Bodo Möller
95d29597b7 BIO pairs. 1999-06-12 01:03:40 +00:00
Dr. Stephen Henson
9bce3070ac Fix to i2d_DSAPublicKey() to return the correct length. 
Submitted by: Jeon KyoungHo <khjeon@sds.samsung.co.kr>
 1999-06-11 22:30:45 +00:00
Dr. Stephen Henson
565d1065c3 Document the X509V3 code and change some of the extension function pointers 
to use 'void *' rather than 'char *' for an "arbitrary extension".
 1999-06-11 01:58:42 +00:00
Dr. Stephen Henson
b7d135b353 Two new functions to write out PKCS#8 private keys. Also fixes for some of 
the the PBE code and a new constant PKCS5_DEFAULT_ITER for the default
iteration count if it is passed as zero.
 1999-06-10 17:32:52 +00:00
Ralf S. Engelschall
9d9b559ef0 Fix determination of Perl interpreter: A perl or perl5 
_directory_ in $PATH was also accepted as the interpreter.
 1999-06-10 08:13:52 +00:00
Dr. Stephen Henson
5f6d0ea210 Reformat and "modernise" the sign.c demo. 1999-06-09 23:33:48 +00:00
Dr. Stephen Henson
f62676b92d Change the PEM function implementation to use a common set of macros: this 
should make modifying them easier.

Fix the selfsign demo: it was rather ancient and used deleted functions.
 1999-06-09 18:05:30 +00:00
Bodo Möller
a7bd03960c des_cbc_encrypt / des_ncbc_encrypt issue. 1999-06-09 18:01:49 +00:00
Bodo Möller
c77f47abfa DES CBC change looks dubious to me. 1999-06-09 13:41:51 +00:00
Bodo Möller
8151f52add Mention unistd.h. 1999-06-09 13:29:51 +00:00
Ben Laurie
05861c77e7 I keep forgetting to fix this: update the IV! Most important! 1999-06-09 11:08:36 +00:00
Ben Laurie
233bf734d3 Make "make test" fail if bntest fails an internal selfcheck. 1999-06-09 10:19:53 +00:00
Ulf Möller
908eb7b85a Call our crypt implementation des_crypt(). crypt() now is a wrapper if 
there is no system crypt() available.
 1999-06-08 16:35:11 +00:00
Dr. Stephen Henson
8eb57af5fe Complete support for PKCS#5 v2.0. Still needs extensive testing. 1999-06-08 00:09:51 +00:00