wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2218 commits 20 branches 302 tags 153 MiB
Commit graph

1127 commits

Author SHA1 Message Date
Bodo Möller
27b782732f 'rand' application for creating pseudo-random files. 2000-02-29 23:47:01 +00:00
Bodo Möller
19c057da2e Check BN_rand return value. 
"make update".
 2000-02-29 22:37:27 +00:00
Ulf Möller
96723a3a68 Bug fix. 
Pointed out by: Gisle Vanem <gvanem@eunet.no>
 2000-02-29 14:47:29 +00:00
Ulf Möller
e64dceab74 Switch for turning on the predictable "random" number generator. 2000-02-28 20:19:39 +00:00
Ulf Möller
c9e1fe33be Fix for non-monolithic build. 
Submitted by: Andrew Gray <agray@iconsinc.com>
 2000-02-28 20:16:06 +00:00
Ulf Möller
2da0c11926 Support assembler for Mingw32. 2000-02-28 19:16:41 +00:00
Dr. Stephen Henson
82b931860a Ouch! PKCS7_encrypt() was heading MIME text headers twice 
because it added them manually and as part of SMIME_crlf_copy().
Removed the manual add.
 2000-02-28 14:11:19 +00:00
Richard Levitte
11750113c6 Tagging has been done, time to switch to 0.9.6-dev. 2000-02-28 12:11:39 +00:00
Richard Levitte
74cdf6f73a Time for a release 2000-02-28 11:59:02 +00:00
Richard Levitte
42a9af38e7 Typo corrected. 2000-02-28 11:30:31 +00:00
Richard Levitte
1b7aee1d4e Short is always promoted to int when passed as a function argument. 
This is especially true when it's part of a '...'.
 2000-02-27 23:17:18 +00:00
Richard Levitte
4ba48ec4d0 Include rand.h so RAND_pseudo_bytes may be declared. 
Remove one ampersand so the compiler may complain less.
Make rand() static so it will not conflict with the C RTL.
Make bug() static too, for good measure.
 2000-02-27 22:57:53 +00:00
Bodo Möller
fd74679ae2 Use standard header file string.h for memset prototype (where 
"standard" refers to the C language, probably there's also some
standard that defines memory.h).
 2000-02-27 17:37:41 +00:00
Dr. Stephen Henson
587bb0e02e Don't call BN_rand with zero bits in bntest.c 2000-02-27 17:34:30 +00:00
Ben Laurie
c850925cdf Declare memset. 2000-02-27 17:01:20 +00:00
Ben Laurie
707ef52e21 Typo. 2000-02-27 16:56:48 +00:00
Bodo Möller
981cdfab86 Add a comment. 2000-02-27 11:48:32 +00:00
Richard Levitte
13bf48c77a For lack of a better name, this is now called 0.9.5beta3-dev until the 
release.
 2000-02-27 11:12:58 +00:00
Richard Levitte
a1a426ea20 Change version string to reflect the release of beta 2. 2000-02-27 11:07:23 +00:00
Richard Levitte
6209ada910 New logical names to skip algorithms are now supported. 
Also, on Alpha, vms.mar is no longer used (it produced a lot of
confusing messages) for BN.  Instead, the assembler part of bn_lcl.h
is used.
 2000-02-27 10:39:41 +00:00
Ulf Möller
688938fbb4 Bug fix! 2000-02-27 02:05:39 +00:00
Dr. Stephen Henson
94de04192d Fix so Win32 assembly language works with MASM. 
Add info about where to get MASM.
 2000-02-27 01:15:25 +00:00
Ulf Möller
1070e0e2ee *** empty log message *** 2000-02-27 00:00:56 +00:00
Ulf Möller
1b199605c4 workaround no longer needed 2000-02-26 22:37:43 +00:00
Ulf Möller
f27e41349f remove 2000-02-26 22:37:34 +00:00
Ulf Möller
775c63fc02 Reorganize bn_mul.c (no bugfix yet), remove obsolete files in BN library. 2000-02-26 22:16:47 +00:00
Dr. Stephen Henson
0202197dbf Make ASN1 types real typedefs. 
Rebuild error files.
 2000-02-26 19:25:31 +00:00
Andy Polyakov
63933136ab BN_div_recp fix. I've ran divtest for 10 mins and it didn't exhibit a 
single fault:-) Needless to mention that bnbug.c posted couple of days
ago passes as well...
 2000-02-26 16:20:05 +00:00
Richard Levitte
6ee6fdf555 A small script to compile mttest.c on VMS as well. 2000-02-26 11:17:33 +00:00
Richard Levitte
c131593d48 Make sure there's some entropy, and log a few more errors. 2000-02-26 11:02:31 +00:00
Bodo Möller
6d0d5431d4 More get0 et al. changes. Also provide fgrep targets in CHANGES 
where the new functions are mentioned.
 2000-02-26 08:36:46 +00:00
Richard Levitte
7bd3a58022 make update 2000-02-26 04:48:22 +00:00
Richard Levitte
a1990dd76d Don't include sys/types.h if NO_SYS_TYPES_H is defined. 2000-02-26 03:55:15 +00:00
Richard Levitte
668ba7d63f ftruncate() and fileno() are not supported on all versions of OpenVMS 
(they don't really exist before version 7), so that solution was toast.
Instead, let's do it the way it's done on Unix, but then remove older
versions of the file.

That new mechanism *may* fail for some unixly formated file spec,
although I wouldn't worry too much about it.
 2000-02-26 01:55:56 +00:00
Dr. Stephen Henson
c7cb16a8ff Rename functions for new convention. 2000-02-26 01:55:33 +00:00
Richard Levitte
47c177c7b3 Let's avoid compiler warnings over types. 
Actually, this should be resolved by using size_t a bit more, but
that'll be for later.
 2000-02-26 01:45:17 +00:00
Richard Levitte
b755955a53 Compile rand_egd.c on VMS as well. 2000-02-26 00:29:33 +00:00
Richard Levitte
7c0dc41c38 For safety, check __VMS as well. 2000-02-26 00:26:17 +00:00
Richard Levitte
c29b6d560b Since a stack with quite long name is declared here, vms_idhacks.h is 
also needed to get around C compilers on VMS that set the symbol limit
to 31 characters.  Bot the macros VMS and __VMS are checked, since
there's no real way to know if e_os.h has been included yet.
 2000-02-26 00:01:16 +00:00
Richard Levitte
1340db6569 Small error fix. 2000-02-25 23:33:16 +00:00
Richard Levitte
9da65c3280 Adjust all the old scripts to deal with the new location. 2000-02-25 23:18:27 +00:00
Richard Levitte
dc8c8cda4d New script to compile on systems that already have pthreads in the 
system.
 2000-02-25 23:17:46 +00:00
Richard Levitte
2d2d31394a Update the two threads modules to conform to our recommendations (use 
CRYPTO_num_locks() instead of CRYPTO_NUM_LOCKS!), and correct all the
inconsistencies with the rest of OpenSSL.

At least, this compiles nicely on Linux using PTHREADS.  I've done no
other tests so far.
 2000-02-25 23:16:56 +00:00
Ulf Möller
582afb4bd7 flush output. 
Looks like it fails when b is a power of 2, but I never get incorrect
results.
 2000-02-25 22:08:37 +00:00
Richard Levitte
f36e02b2ef Enhance consistency by using BIO_flush() instead of fflush(). 2000-02-25 20:40:12 +00:00
Richard Levitte
3e0f27f3c9 Changes to synchronise with Unix. 
(actually, much more is needed, like a real config script)
 2000-02-25 20:37:46 +00:00
Ulf Möller
17dddc0596 Test the division functions. 
Apparently BN_div_recp reports an error for small divisors
(1,2,4,8,40).

I haven't got mismatches so far. If you can, please run the test
program for a few days (nohup divtest >out& or something), and if it
reports a mismatch, post the output.
 2000-02-25 20:28:54 +00:00
Ulf Möller
3167f68faf The main() return value is a program's exit code. 2000-02-25 16:04:52 +00:00
Geoff Thorpe
4621a00063 More VC++ pickiness. (destest.c doesn't have a "return" and the usual 
signed/unsigned stuff in s3_pkt.c)

Submitted by:
Reviewed by:
PR:
 2000-02-25 15:09:04 +00:00
Geoff Thorpe
7dce5a727a Gets around VC++ compiler pickiness. (long != double) 
PR:
 2000-02-25 14:50:37 +00:00
Ulf Möller
a6fc578bd5 mt contained an old copy of mttest.c. remove it and move the other 
files to crypto/threads
 2000-02-25 14:40:31 +00:00
Ulf Möller
fea217f96f EGD bugfix. 
Submitted by: Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
 2000-02-25 14:16:43 +00:00
Ulf Möller
b478e91fda different snprintf version. 2000-02-25 14:00:24 +00:00
Bodo Möller
b05c7211cb Clarification. 2000-02-25 07:48:02 +00:00
Bodo Möller
c6709c6b0f handle entropy estimate correctly 2000-02-25 07:40:53 +00:00
Dr. Stephen Henson
fbb41ae0ad Allow code which calls RSA temp key callback to cope 
with a failure.

Fix typos in some error codes.
 2000-02-25 00:23:48 +00:00
Ulf Möller
766d78c8f5 divide the correct number... 2000-02-25 00:14:50 +00:00
Ulf Möller
c04949e978 work around a bug in BN_div_recp or BN_reciprocal 2000-02-24 23:37:15 +00:00
Ulf Möller
9fd4ee5d7c Use public domain snprintf() implementation by Patrick Powell to avoid 
potential buffer overrun in BIO_printf().
----------------------------------------------------------------------
crypto/bio/b_print.c CVS:
----------------------------------------------------------------------
 2000-02-24 22:23:45 +00:00
Bodo Möller
f6de86dc3d Version 0.9.5beta2-dev (so that the next snapshot will not 
claim to be 0.9.5beta1).

(Are the version number examples correct -- the same numerical
code for:
 * 0.9.3beta2-dev 0x00903002
 * 0.9.3beta2     0x00903002
?)
 2000-02-24 20:40:02 +00:00
Bodo Möller
1a33f6da8b Don't use buffered fread() to read from DEVRANDOM, 
because this will drain the entropy pool.
 2000-02-24 20:24:45 +00:00
Bodo Möller
0dd0cbf554 Do fflush(stdout) when there was an error. 2000-02-24 20:13:27 +00:00
Bodo Möller
a7b991bd68 Don't define platform-dependent preprocessor symbols for OPENSSL_THREAD_DEFINES. 
"make update".
 2000-02-24 18:19:50 +00:00
Ralf S. Engelschall
8d5b4ee1ca Add an evil cast, because POSIX/SUSv2 define connect(2) require 
the second argument to be of type ``struct sockaddr *''.
 2000-02-24 10:36:51 +00:00
Ulf Möller
4ec2d4d2b3 Support EGD. 2000-02-24 02:51:47 +00:00
Richard Levitte
5921ea3bcf 0.9.5beta1 2000-02-24 02:22:15 +00:00
Richard Levitte
e6a58767c5 make update 2000-02-23 23:38:59 +00:00
Ulf Möller
4a26329b4c correct macro. 2000-02-23 22:11:07 +00:00
Richard Levitte
88886fd305 Sync with Unix 2000-02-23 19:41:09 +00:00
Dr. Stephen Henson
41e68ef25f Add PBE algorithms with ciphers, not digests. 2000-02-23 14:27:47 +00:00
Dr. Stephen Henson
3142c86d65 Allow ADH to be used but not present in the default cipher 
list.

Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.
 2000-02-23 01:11:01 +00:00
Dr. Stephen Henson
4b42658082 Make pkcs8 work again. 
Make EVP_CIPHER_type() return NID_undef if the cipher has no
ASN1 OID, modify code to handle this.
 2000-02-22 18:45:11 +00:00
Ulf Möller
43e9d805e8 warning. 2000-02-22 12:53:59 +00:00
Ulf Möller
17ef291661 Check tlen size in all padding_check functions. As called within the rsa 
library, the output buffer always is large enough, but if the tlen
parameter is there, it should be checked in the interest of clarity,
as proposed by David Sacerdote <das33@cornell.edu>.
 2000-02-22 11:34:01 +00:00
Dr. Stephen Henson
72b60351f1 Change EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md for 
the old functionality.

Various warning fixes.

Initial EVP symmetric cipher docs.
 2000-02-22 02:59:26 +00:00
Richard Levitte
d3442bc780 Move the registration of callback functions to special functions 
designed for that.  This removes the potential error to mix data and
function pointers.

Please note that I'm a little unsure how incorrect calls to the old
ctrl functions should be handled, in som cases.  I currently return 0
and that's it, but it may be more correct to generate a genuine error
in those cases.
 2000-02-20 23:43:02 +00:00
Ulf Möller
4ec19e203c Fix gcc warnings. 2000-02-20 20:59:21 +00:00
Dr. Stephen Henson
d754b3850f Change the 'other' structure in certificate aux info. 2000-02-20 18:27:23 +00:00
Bodo Möller
853f757ece Allow for higher granularity of entropy estimates by using 'double' 
instead of 'unsigned' counters.
Seed PRNG in MacOS/GetHTTPS.src/GetHTTPS.cpp.

Partially submitted by Yoram Meroz <yoram@mail.idrive.com>.
 2000-02-19 15:22:53 +00:00
Richard Levitte
4328d51d08 Cosmetic change. No, openssl.h.in is not autogenerated :-) 2000-02-18 09:06:55 +00:00
Dr. Stephen Henson
8a208cba97 New functions and option to use NEW in certificate requests. 2000-02-18 00:54:21 +00:00
Bodo Möller
5c2ec54f12 Make sure the return value of by_file_ctrl(..., X509_L_FILE_LOAD, ...) 
aka X509_LOOKUP_load_file(...) is always 0 or 1, not the counter
returned from the recently introduced function X509_load_cert_crl_file.
X509_STORE_load_locations expects X509_LOOKUP_load_file to return 1 on
success, and possibly there's other software that relies on this too.
 2000-02-17 21:04:40 +00:00
Dr. Stephen Henson
a3fe382e2d Pass phrase reorganisation. 2000-02-16 23:16:01 +00:00
Ben Laurie
bd03b99b9b Add support for Compaq Atalla crypto accelerator. 2000-02-16 22:15:39 +00:00
Andy Polyakov
8691ff97a1 Move primes to read-only segment. 2000-02-16 13:24:06 +00:00
Ben Laurie
bd44570322 Fix signed/unsigned warnings. 2000-02-16 12:09:17 +00:00
Andy Polyakov
2aca27a9a8 Move initial key to read-only segment. 2000-02-15 17:43:12 +00:00
Andy Polyakov
bc80c86031 Move CAST_S_tables to read-only segment. 2000-02-15 17:37:44 +00:00
Andy Polyakov
89cee61b45 New NO_INLINE_ASM macro. Primary target for the moment is Solaris x86 
which can't stand GNU C assembler templates.
 2000-02-15 17:20:52 +00:00
Andy Polyakov
ea96c4bc7f test_mont was exercising 100-bit multiplication modulus X*I-bit, where 
X is 5120 on 32-bit and 151552 on 64-bit architectures and I varies
from 0 to 4. As result the test was *unreasonably* slow and virtually
impossible to complete on 64-bit architectures (e.g. IRIX bc couldn't
even swallow such long lines).
 2000-02-15 13:50:02 +00:00
Dr. Stephen Henson
c9080477ec Modernise 'selfsign.c' to use new X509_NAME code 
and add example of extension aliasing. Also fix
the extension aliasing because it didn't work :-)
 2000-02-13 00:28:26 +00:00
Andy Polyakov
bcba6cc60f HP-UX tune-up: new unified configs, HP C compiler bug workaround. 2000-02-12 23:33:01 +00:00
Bodo Möller
cbcc5c01f9 Update. 2000-02-11 16:31:04 +00:00
Ben Laurie
b1f8affbd5 Correct time in seconds instead of minutes. 2000-02-11 16:08:40 +00:00
Ralf S. Engelschall
667ac4ec6a Make gcc 2.95.2 happy again, even under ``-Wall -Wshadow -Wpointer-arith -Wcast-align 
-Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''.
 2000-02-11 09:47:18 +00:00
Bodo Möller
0a751d8ce8 16 * 8 = 128. 2000-02-10 21:47:06 +00:00
Bodo Möller
8ce288a881 Note about des_ncbc_encrypt. 2000-02-08 21:50:52 +00:00
Richard Levitte
cf0694015e Constify 2000-02-08 14:19:14 +00:00
Dr. Stephen Henson
f07fb9b24b Add command line password options to the reamining utilities, 
amend docs.
 2000-02-08 01:34:59 +00:00
Dr. Stephen Henson
ff8a4c47ce Rename the X509V3_*_d2i functions to X509_get_ext_d2i() etc. 
This better reflects their behaviour.
 2000-02-07 01:17:22 +00:00
Ulf Möller
4e539aaa1e "print" is GNU bc specific. 2000-02-06 23:33:06 +00:00
Ulf Möller
fcb20be846 put missing line back in. 2000-02-06 16:35:28 +00:00
Ulf Möller
cae55bfc68 Improve bntest slightly, and fix another bug in the BN library. 2000-02-06 15:56:59 +00:00
Andy Polyakov
0fad6cb7e7 Support for MacOS X (Rhapsody) is added. Also get rid of volatile 
qualifier in asm definitions as it prevents compiler from moving
the instruction(s) during optimization pass.
 2000-02-06 11:15:20 +00:00
Ulf Möller
4a6222d71b BN_div bugfix. The q-- loop should not be entered in the n0==d0 case. 2000-02-06 00:25:39 +00:00
Bodo Möller
29a28ee503 Cosmetic changes. 2000-02-05 21:28:09 +00:00
Dr. Stephen Henson
66430207a4 Add support for some broken PKCS#8 formats. 2000-02-05 21:07:56 +00:00
Bodo Möller
eb5a6a55c5 Commit patch to bn.h that CVS decided to throw away during 'cvs update', 
and initialize too_many because memset(..., 0, ...) is not used here.
 2000-02-05 20:39:26 +00:00
Bodo Möller
37e48b88ad Generate just one error code if iterated SSL_CTX_get() fails. 
Avoid enabled 'assert()' in production library.
 2000-02-05 19:29:00 +00:00
Ulf Möller
6535eb1728 Use MONT_WORD macro to control if the word-based or the bignum 
algorithm is used.
 2000-02-05 18:23:05 +00:00
Ulf Möller
9b141126d4 New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access 
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
 2000-02-05 14:17:32 +00:00
Ulf Möller
c236e66d62 Document RC4. 2000-02-05 10:41:05 +00:00
Ulf Möller
981b87f712 Replace ridiculous libdes PRNG with RAND_bytes. These functions are not 
used anywhere in OpenSSL, but might be used by libdes applications.
 2000-02-05 10:39:54 +00:00
Andy Polyakov
d716308288 New xcbc_ok test vector is required after the parity bits in cbc2_key 
were fixed up. The catch is that in the DESX test the cbc2_key is used
as whitening key where *all* 64 bits are significant.
 2000-02-04 15:16:22 +00:00
Dr. Stephen Henson
af57d84312 Rename SSLeay_add_all_algorithms() et al to 
OpenSSL_add_all_algorithms(). Move these into
separate files so they work properly.
 2000-02-04 14:01:38 +00:00
Bodo Möller
f50c049707 Use correct, not American spelling. 2000-02-04 00:56:09 +00:00
Ulf Möller
ce76ce43ae *** empty log message *** 2000-02-03 23:38:55 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Ulf Möller
9dbc41d7ee Document hash functions. 2000-02-03 18:22:01 +00:00
Dr. Stephen Henson
82fc1d9c28 Add new -notext option to 'ca', -pubkey option to spkac. 
Remove some "WTF??" casts from applications.

Fixes to keep VC++ happy and avoid warnings.

Docs tidy.
 2000-02-03 02:56:48 +00:00
Bodo Möller
7999c65c9b Some 'const's for BNs. 2000-02-03 01:26:07 +00:00
Bodo Möller
bfe30e4d1b Include OpenSSL license. 2000-02-02 23:30:32 +00:00
Bodo Möller
aff0825c61 Tolerate negative numbers in BN_is_prime. 2000-02-02 22:18:01 +00:00
Bodo Möller
e74231ed9e rndsort{Miller, Rabin} primality test. 2000-02-02 21:20:44 +00:00
Andy Polyakov
fb81ac5e6b Support for "multiply high" instruction, see BN_UMULT_HIGH comment in 
crypto/bn/bn_lcl.h for further details. It should be noted that for
the moment of this writing the code was tested only on Alpha. If
compiled with DEC C the C implementation exhibits 12% performance
improvement over the crypto/bn/asm/alpha.s (on EV56 box running
AlphaLinux). GNU C is (unfortunately) 8% behind the assembler
implementation. But it's OpenVMS Alpha users who *may* benefit most
as 'apps/openssl speed rsa' exhibits 6 (six) times performance
improvement over the original VMS bignum implementation. Where "*may*"
means "as soon as code is enabled though #define SIXTY_FOUR_BIT and
crypto/bn/asm/vms.mar is skipped."
 2000-02-02 16:18:12 +00:00
Ulf Möller
1399f17a07 Bug fix: BN_is_prime() would fail with a high probability for small 
primes (negligible for larger ones).
 2000-02-01 23:48:55 +00:00
Ulf Möller
0bde1089f8 match the prototype 2000-02-01 23:47:24 +00:00
Bodo Möller
cb5b7850ac If n0 == d0, we must alway compute 'rem' "by hand" 2000-02-01 11:10:54 +00:00
Bodo Möller
fe7cd1647d Typo in preprocessor symbol. 2000-02-01 08:48:30 +00:00
Ulf Möller
f40c02d908 undo. I keep confusing my directories. :( 2000-02-01 02:24:10 +00:00
Ulf Möller
8efb60144d EBCDIC support. 
Submitted by: Martin Kraemer <martin.kraemer@mch.sni.de>
 2000-02-01 02:21:16 +00:00
Ulf Möller
4e3b0992da Checked in some junk. Sorry. 2000-01-30 23:46:18 +00:00
Ulf Möller
51ca375e7e Seek out and destroy another evil cast. 2000-01-30 23:33:40 +00:00
Ulf Möller
9d1a01be8f Source code cleanups: Use void * rather than char * in lhash, 
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
 2000-01-30 22:20:28 +00:00
Bodo Möller
1baa94907c Make output of "openssl dsaparam 1024" more interesting :-) 2000-01-30 03:32:28 +00:00
Bodo Möller
7865b871c0 Tiny changes to previous patch (the log message was meant to be 
"Make DSA_generate_parameters faster").
 2000-01-30 02:40:38 +00:00
Bodo Möller
a87030a1ed Make DSA_generate_parameters, and fix a couple of bug 
(including another problem in the s3_srvr.c state machine).
 2000-01-30 02:23:03 +00:00
Richard Levitte
1e264ff325 Reimplement so only one synchronous stack is used. The benefit is 
that function pointers are nicely tucker in their structure.
 2000-01-29 01:22:03 +00:00
Dr. Stephen Henson
e1314b5716 Fix CRL encoding bug. 2000-01-29 00:00:26 +00:00
Dr. Stephen Henson
90644dd74d New -pkcs12 option to CA.pl. 
Document CA.pl script.
Initialise and free up the extra DH fields
(nothing uses them yet though).
 2000-01-28 01:35:31 +00:00
Richard Levitte
f95a9f678a Declare BN_pseudo_rand(). 2000-01-27 22:07:42 +00:00
Bodo Möller
953aa79040 A couple of things were reversed for BN_pseudo_rand ... 2000-01-27 21:09:25 +00:00
Ulf Möller
157be2b67d comment was wrong. 2000-01-27 19:52:58 +00:00
Ulf Möller
38e33cef15 Document DSA and SHA. 
New function BN_pseudo_rand().
Use BN_prime_checks_size(BN_num_bits(w)) rounds of Miller-Rabin when
generating DSA primes (why not use BN_is_prime()?)
 2000-01-27 19:31:26 +00:00
Bodo Möller
2233bed1cb typo in a comment 2000-01-27 14:31:31 +00:00
Bodo Möller
ec1258dd44 Update comments to provide a better approximation of reality. 2000-01-27 13:00:10 +00:00
Bodo Möller
b99b110766 Add a pointer to a paper (is the algorithm in section 4.2 the 
word-based algorithm we are using?)
 2000-01-27 12:52:41 +00:00
Bodo Möller
6e0cad8d34 enable Montgomery test 2000-01-27 11:26:28 +00:00
Bodo Möller
5f5e96d92b Update references. 2000-01-27 09:15:49 +00:00
Ulf Möller
e93f9a3284 Run ispell. 
Clean up bn_mont.c.
 2000-01-27 01:50:42 +00:00
Bodo Möller
1d7d74647a Give the correct e-mail address even though the message is not quite serious 2000-01-24 10:20:45 +00:00
Bodo Möller
05ccd698b9 RAND_load_file(..., -1) now means "read the complete file"; 
this is what we now use to read $RANDFILE / $HOME/.rnd.
(Previously, after 'cat'ting lots of stuff into .rnd
only the first MB would be looked at.)

Bugfix for apps/enc.c: Continue if RAND_pseudo_bytes returns 0
(only -1 is an error).
 2000-01-24 10:03:24 +00:00
Bodo Möller
7be5af1ddf The des_xcbc_encrypt apparently always fails. 
Workaround so that "make test" continues anyway.
 2000-01-24 09:24:28 +00:00
Richard Levitte
baf32381b5 Add the PID to the output on Win32. 2000-01-24 04:05:00 +00:00
Ulf Möller
0e930f25d2 Rename asn1/pkcs8.c to asn1/p8_key.c to avoid name conflict. 2000-01-24 01:18:36 +00:00
Dr. Stephen Henson
dd9d233e2a Tidy up CRYPTO_EX_DATA structures. 2000-01-23 23:41:49 +00:00
Ulf Möller
dd8dec69b8 Document the BN library. 2000-01-23 22:06:24 +00:00
Bodo Möller
ce052b6c3b Under VMS, ftruncate should be available 2000-01-23 22:02:34 +00:00
Bodo Möller
e84c2d2679 As ftruncate is not availabe on all platforms, switch back to 
opening the output file with "wb" to truncate it except on VMS
(where the file now keeps its original length because it is opened
with "rb+" -- does VMS have ftruncate?)
 2000-01-23 19:58:03 +00:00
Bodo Möller
c88a900fa1 update PRNG documentation/comments 2000-01-22 23:11:13 +00:00
Ulf Möller
fcb76baeb0 fail on all errors. 2000-01-22 21:25:36 +00:00
Ulf Möller
4486d0cd7a Document the DH library, and make some minor changes along the way. 2000-01-22 20:05:23 +00:00
Ulf Möller
0b5cfe32e9 Use comment from md_rand.c in rand.pod 2000-01-21 23:36:40 +00:00
Bodo Möller
2c8aeddc5d change comments 2000-01-21 20:18:09 +00:00
Bodo Möller
720b3598d6 Avoid integer overflow in entropy counter. 
Slightly clarify the RAND_... documentation.
 2000-01-21 19:54:22 +00:00
Ulf Möller
60b5245360 Document RAND library. 2000-01-21 17:50:27 +00:00
Bodo Möller
674b8eec4c In RAND_write_file, truncate the file to the no. of bytes written 
(we're now using fopen(..., "rb+") instead of fopen(..., "wb"),
so the file is not truncated automatically).
 2000-01-21 17:11:26 +00:00
Ulf Möller
e7f97e2d22 Check RAND_bytes() return value or use RAND_pseudo_bytes(). 2000-01-21 01:15:56 +00:00
Ulf Möller
731d9c5fb5 Some more ifdefs for no-xxx options. 2000-01-21 00:03:51 +00:00
Ulf Möller
b25c8db872 AFAICS lst1 stands for "lshift test" not "list". 2000-01-21 00:00:12 +00:00
Bodo Möller
4146aa6b42 Rename lst1 to list1 to avoid name conflict on some platforms. 2000-01-20 23:15:50 +00:00
Dr. Stephen Henson
281959aa61 Oops... undo change to wrong prototype. 2000-01-20 02:27:36 +00:00
Dr. Stephen Henson
6e6bc352b1 Finish off the X509_ATTRIBUTE string stuff. 2000-01-20 01:37:17 +00:00
Dr. Stephen Henson
77b47b9036 Rename X509_att*() stuff to X509at_*(), add X509_REQ wrappers. 2000-01-19 01:02:13 +00:00
Ulf Möller
721b5b2a5c Rename rsa_oaep_test to the more appropriate name rsa_test for the 
benefit of MS-DOS users.
 2000-01-18 15:08:49 +00:00
Richard Levitte
a9188d4e17 Compaq C 6.2 for VMS will complain when we want to convert 
non-function pointers to function pointers and vice versa.
The current solution is to have unions that describe the
conversion we want to do, and gives us the ability to extract
the type of data we want.

The current solution is a quick fix, and can probably be made
in a more general or elegant way.
 2000-01-18 09:30:51 +00:00
Richard Levitte
ea5e7bcf63 Avoid converting void * to a function pointer when NULL is defined as 
((void *)0), by have a 0 instead.
 2000-01-18 08:23:15 +00:00
Richard Levitte
7256ce6a8c SOCKETSHR is showing bad declarations again. However, a simple cast 
which does no harm fixes that problem.
 2000-01-17 01:07:36 +00:00
Richard Levitte
2697557764 Give the user the possibility to ask for compilation of only the files 
that are directly in crypto/, and prepare for a possible disabling of
certain messages that DEC C spews out.
 2000-01-17 00:57:10 +00:00
Richard Levitte
b058a08085 It doesn't make sense to try see if these variables are negative, since they're unsigned. 2000-01-17 00:49:52 +00:00
Ulf Möller
b0bb2b914a Header for RAND_seed() 2000-01-16 21:07:36 +00:00
Ulf Möller
373b575f5a New function RAND_pseudo_bytes() generated pseudorandom numbers that 
are not guaranteed to be unpredictable.
 2000-01-16 15:58:17 +00:00
Richard Levitte
29ccd81f58 Cut'n'paste error 2000-01-16 12:30:16 +00:00
Richard Levitte
d593983da4 Synchronise with the makefiles. 2000-01-16 02:11:19 +00:00
Bodo Möller
7d388202bd add "randomness" 2000-01-15 21:48:46 +00:00
Bodo Möller
691401fc53 RAND_bytes's return values is 0 for an error, not -1. 2000-01-15 20:24:12 +00:00
Richard Levitte
ed84dfab00 Typo... 2000-01-14 21:54:34 +00:00
Bodo Möller
105c0be00f Let "make test" survive without DEVRANDOM 
(and rename a target in test/Makefile.ssl to make it
easier to guess the name of the file executed by it)
 2000-01-14 18:43:22 +00:00
Bodo Möller
7f5b6f0f19 In EVP_PKEY_assign[_...], return 0 for an error when they 
"key" is NULL.
 2000-01-14 18:41:28 +00:00
Bodo Möller
0c50e02b30 - Pseudo-seed the PRNG in programs used for "make test" 
because otherwise BN_rand will fail unless DEVRANDOM works,
  which causes the programs to dump core because they
  don't check the return value of BN_rand (and if they
  did, we still couldn't test anything).

- add comment to some files that appear not to be used at all.
 2000-01-14 17:55:37 +00:00
Bodo Möller
a8eeb155b5 Avoid some warnings, and run "make update". 2000-01-14 17:28:48 +00:00
Bodo Möller
2f878669b7 Avoid shadowing variables, 
and re-enable seeding with more data than read from DEVRANDOM -- just
don't pretend it contains entropy.
 2000-01-14 09:08:39 +00:00
Ulf Möller
f2b86c955c minor change for the prng 2000-01-14 02:31:32 +00:00
Bodo Möller
11afb40c01 Use CRYPTO_push_info to track down memory leak 
(only the CRYPTO_push_info's in the apps/ directory
are included in the CVS commit, not all those I used
in crypto/)
 2000-01-13 22:52:52 +00:00
Ulf Möller
eb952088f0 Precautions against using the PRNG uninitialized: RAND_bytes() now 
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
 2000-01-13 20:59:17 +00:00
Bodo Möller
76aa0ddc86 Turn BN_prime_checks into a macro. 
Primes p where (p-1)/2 is prime too are called "safe", not "strong".
 2000-01-12 11:57:30 +00:00
Bodo Möller
e4b7645631 add dependency and auto-generation rule for bn_prime.h 
(created by bn_prime.pl, which now prints the copyright/license
note as found in bn_prime.h)
 2000-01-12 09:16:22 +00:00
Dr. Stephen Henson
25f923ddd1 New function X509_CTX_rget_chain(), make SSL_SESSION_print() display return code. 
Remove references to 'TXT' in -inform and -outform switches.
 2000-01-09 14:21:40 +00:00
Ben Laurie
752d706aaf Make NO_RSA compile with pedantic. 2000-01-08 21:06:24 +00:00
Dr. Stephen Henson
c3ed3b6eab Add -prexit command to s_client and patch some BIO 
functions so it doesn't crash. Document s_client.
 2000-01-08 19:05:47 +00:00
Bodo Möller
d2b6c3f31f apps/openssl.cnf and the documentation say it's "nombstr", 
but crypto/asn1/a_strnid.c had "nombchar".
 2000-01-07 13:05:41 +00:00
Bodo Möller
63da21c01b make no-des and no-rc2 work. 2000-01-07 12:15:54 +00:00
Bodo Möller
b64e735b08 add V_CRYPTO_MDEBUG_ALL 
Submitted by:
Reviewed by:
PR:
 2000-01-07 10:50:54 +00:00
Dr. Stephen Henson
fc6be0fa56 #undef PKCS7_SIGNER_INFO for Win32 to avoid clashes. 
Fix so CRLDistributionPoints relativeName option uses
the correct type.
 2000-01-07 02:23:42 +00:00
Dr. Stephen Henson
35f4850ae0 More X509_ATTRIBUTE changes. 2000-01-07 00:55:54 +00:00
Dr. Stephen Henson
b38f9f66c3 Initial automation changes to 'req' and X509_ATTRIBUTE functions. 2000-01-06 01:26:48 +00:00
Andy Polyakov
1eab9a1fbb Metrowerks for Motorola tune-up. 2000-01-02 22:03:10 +00:00
Dr. Stephen Henson
3d14b9d04a Add support for MS "fast SGC". 2000-01-02 18:52:58 +00:00
Dr. Stephen Henson
20432eae41 Fix some of the command line password stuff. New function 
that can automatically determine the type of a DER encoded
"traditional" format private key and change some of the
d2i functions to use it instead of requiring the application
to work out the key type.
 2000-01-01 16:42:49 +00:00
Dr. Stephen Henson
f45f40ffff Add OIDs for idea and blowfish. Unfortunately these are in 
the middle of the OID table so the diff is rather large :-(
 1999-12-29 02:59:18 +00:00
Dr. Stephen Henson
6447cce372 Simplify the trust structure: basically zap the bit strings and 
represent everything by OIDs.
 1999-12-29 00:40:28 +00:00
Andy Polyakov
76997b7dd0 MacOS updates. Initial support for GUSI (MacOS socket implementation) 
is added.
 1999-12-26 22:46:49 +00:00
Dr. Stephen Henson
e6f3c5850e New {i2d,d2i}_PrivateKey_{bio, fp} functions. 1999-12-26 19:20:03 +00:00
Andy Polyakov
b96eb06f79 Makefile clean-ups, crypto/bn/asm/alpha.s compiles on Alpha Linux. 1999-12-25 16:08:31 +00:00
Dr. Stephen Henson
36217a9424 Allow passwords to be included on command line for a few 
more utilities.
 1999-12-24 23:53:57 +00:00
Dr. Stephen Henson
12aefe78f0 Fixes so NO_RSA works again. 1999-12-24 17:26:33 +00:00
Dr. Stephen Henson
525f51f6c9 Add PKCS#8 utility functions and add PBE options. 1999-12-23 02:02:42 +00:00
Richard Levitte
a9e9db8153 Synchronising 1999-12-22 05:57:00 +00:00
Dr. Stephen Henson
e76f935ead Support for ASN1 NULL type. 1999-12-22 01:39:23 +00:00
Andy Polyakov
404fb7149e Even more late break-in MacOS tidbits... 1999-12-19 22:56:23 +00:00
Andy Polyakov
a7c5241f5f Late break-in patch for MacOS support. 1999-12-19 21:35:29 +00:00
Andy Polyakov
099f1b32c8 Initial support for MacOS is now available 
Submitted by: Roy Woods <roy@centricsystems.ca>
Reviewed by: Andy Polyakov
 1999-12-19 16:17:45 +00:00
Andy Polyakov
9a1e34e5de MacOS updates. 1999-12-19 16:07:19 +00:00
Bodo Möller
2b6313d0da Rename 
CRYPTO_add_info    => CRYPTO_push_info
   CRYPTO_remove_info => CRYPTO_pop_info
in the hope that these names are more descriptive;
and "make update".
 1999-12-18 13:51:47 +00:00
Bodo Möller
75acc288ca fix typos and other little errors ... 1999-12-18 13:25:45 +00:00
Bodo Möller
0cd08cce17 - Don't assume that int and size_t have the same representation 
(and that malloc can be called with an int argument).
- Use proper prototypes (with argument list) for various function pointers,
  avoid casts  (however there are still many such cases left in these files).
- Avoid collissions in app_info_cmp if sizeof int != sizeof long.
- Use CRYPTO_LOCK_MALLOC in mem_dbg.c.
 1999-12-18 05:22:50 +00:00
Richard Levitte
f3a2a04496 - Added more documentation in CHANGES. 
- Made CRYPTO_MDEBUG even less used in crypto.h, giving
   MemCheck_start() and MemCheck_stop() only one possible definition.
 - Made the values of the debug function pointers in mem.c dependent
   on the existence of the CRYPTO_MDEBUG macro, and made the rest of
   the code understand the NULL case.

That's it.  With this code, the old behvior of the debug functionality
is restored, but you can still opt to have it on, even when the
library wasn't compiled with a defined CRYPTO_MDEBUG.
 1999-12-18 02:34:37 +00:00
Richard Levitte
d8df48a9bc - Made sure some changed behavior is documented in CHANGES. 
- Moved the handling of compile-time defaults from crypto.h to
   mem_dbg.c, since it doesn't make sense for the library users to try
   to affect this without recompiling libcrypto.
 - Made sure V_CRYPTO_MDEBUG_TIME and V_CRYPTO_MDEBUG_THREAD had clear
   and constant definitions.
 - Aesthetic correction.
 1999-12-18 01:14:39 +00:00
Richard Levitte
08807172b2 Clear out license confusion. 1999-12-17 16:49:23 +00:00
Richard Levitte
9ac42ed8fc Rebuild of the OpenSSL memory allocation and deallocation routines. 
With this change, the following is provided and present at all times
(meaning CRYPTO_MDEBUG is no longer required to get this functionality):

  - hooks to provide your own allocation and deallocation routines.
    They have to have the same interface as malloc(), realloc() and
    free().  They are registered by calling CRYPTO_set_mem_functions()
    with the function pointers.

  - hooks to provide your own memory debugging routines.  The have to
    have the same interface as as the CRYPTO_dbg_*() routines.  They
    are registered by calling CRYPTO_set_mem_debug_functions() with
    the function pointers.

I moved everything that was already built into OpenSSL and did memory
debugging to a separate file (mem_dbg.c), to make it clear what is
what.

With this, the relevance of the CRYPTO_MDEBUG has changed.  The only
thing in crypto/crypto.h that it affects is the definition of the
MemCheck_start and MemCheck_stop macros.
 1999-12-17 12:56:24 +00:00
Richard Levitte
8a1580096b Synchronise VMS scripts with Unix Makefiles 1999-12-16 19:57:50 +00:00
Dr. Stephen Henson
1887988497 Delete an unused variable and make the PKCS#12 keygen debugging code work 
again.
 1999-12-15 02:36:48 +00:00
Dr. Stephen Henson
3fc9635ea7 Fix the S/MIME code to use canonical MIME format for 
encrypted mail. Also update the smime docs.
 1999-12-15 01:26:17 +00:00
Ulf Möller
3b14cb717d Solaris x86 assembler problem is already addressed in ./config 
(bug reports keep coming in because that was still missing in 0.9.4)
 1999-12-14 15:28:10 +00:00
Dr. Stephen Henson
55f30198ad Various S/MIME fixes. Fix for memory leak, recipient list bug 
and not excluding parameters with DSA keys.
 1999-12-14 02:44:27 +00:00
Dr. Stephen Henson
2449961ab2 Fix a typo in a_enum.c. 1999-12-13 13:14:14 +00:00
Dr. Stephen Henson
b216664f66 Various S/MIME fixes. 1999-12-11 20:04:06 +00:00
Dr. Stephen Henson
d8223efd04 Fix for crashing INTEGERs, ENUMERATEDs and OBJECT IDENTIFIERs. 
Also fix a memory leak in PKCS#7 routines.
 1999-12-10 13:46:48 +00:00
Dr. Stephen Henson
e3775a33c1 Make the PKCS#7 S/MIME functions check for passed NULL pointers. 
Fix the usage message of smime utility and sanitise the return
codes.

Add some documentation.
 1999-12-09 01:31:32 +00:00
Ulf Möller
a4af39ac44 Don't use inline assembler on x86 Solaris (would need a different syntax). 1999-12-08 22:55:06 +00:00
Dr. Stephen Henson
a2121e0aee Add i2d_ASN1_PRINTABLESTRING() function, and do 'make update' 1999-12-08 00:56:15 +00:00
Dr. Stephen Henson
55ec5861c8 Modify S/MIME application so the -signer option writes the signer(s) 
to a file if we are verifying.
 1999-12-07 02:35:52 +00:00
Dr. Stephen Henson
5a9a4b299c Merge in my S/MIME library and utility. 1999-12-05 00:40:59 +00:00
Bodo Möller
23fb9bc0eb Use des_set_key_unchecked, not des_set_key. 1999-12-03 20:26:20 +00:00
Bodo Möller
cddfe788fb Add functions des_set_key_checked, des_set_key_unchecked. 
Never use des_set_key (it depends on the global variable des_check_key),
but usually des_set_key_unchecked.
Only destest.c bothered to look at the return values of des_set_key,
but it did not set des_check_key -- if it had done so,
most checks would have failed because of wrong parity and
because of weak keys.
 1999-12-03 20:24:21 +00:00
Dr. Stephen Henson
21131f00d7 New function PKC12_newpass() 1999-12-03 03:46:18 +00:00
Dr. Stephen Henson
6ea5314007 Fix a bug in the modified purpose code: it wasn't updated to use the 
new purpose getting function.

Update the ca-cert.pem and pca-cert.pem "CA" certificates so they
really are CA certificate: that is they have the appropriate extensions.
 1999-12-03 00:53:48 +00:00
Dr. Stephen Henson
dd4134101f Change the trust and purpose code so it doesn't need init 
either and has a static and dynamic mix.
 1999-12-02 02:33:56 +00:00
Dr. Stephen Henson
08cba61011 Modify the X509 V3 extension lookup code. 1999-12-01 01:49:46 +00:00
Dr. Stephen Henson
bb7cd4e3eb Remainder of SSL purpose and trust code: trust and purpose setting in 
SSL_CTX and SSL, functions to set them and defaults if no values set.
 1999-11-29 22:35:00 +00:00