wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2218 commits 20 branches 302 tags 153 MiB
Commit graph

1127 commits

Author SHA1 Message Date
Ulf Möller
4e539aaa1e "print" is GNU bc specific. 2000-02-06 23:33:06 +00:00
Ulf Möller
fcb20be846 put missing line back in. 2000-02-06 16:35:28 +00:00
Ulf Möller
cae55bfc68 Improve bntest slightly, and fix another bug in the BN library. 2000-02-06 15:56:59 +00:00
Andy Polyakov
0fad6cb7e7 Support for MacOS X (Rhapsody) is added. Also get rid of volatile 
qualifier in asm definitions as it prevents compiler from moving
the instruction(s) during optimization pass.
 2000-02-06 11:15:20 +00:00
Ulf Möller
4a6222d71b BN_div bugfix. The q-- loop should not be entered in the n0==d0 case. 2000-02-06 00:25:39 +00:00
Bodo Möller
29a28ee503 Cosmetic changes. 2000-02-05 21:28:09 +00:00
Dr. Stephen Henson
66430207a4 Add support for some broken PKCS#8 formats. 2000-02-05 21:07:56 +00:00
Bodo Möller
eb5a6a55c5 Commit patch to bn.h that CVS decided to throw away during 'cvs update', 
and initialize too_many because memset(..., 0, ...) is not used here.
 2000-02-05 20:39:26 +00:00
Bodo Möller
37e48b88ad Generate just one error code if iterated SSL_CTX_get() fails. 
Avoid enabled 'assert()' in production library.
 2000-02-05 19:29:00 +00:00
Ulf Möller
6535eb1728 Use MONT_WORD macro to control if the word-based or the bignum 
algorithm is used.
 2000-02-05 18:23:05 +00:00
Ulf Möller
9b141126d4 New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access 
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
 2000-02-05 14:17:32 +00:00
Ulf Möller
c236e66d62 Document RC4. 2000-02-05 10:41:05 +00:00
Ulf Möller
981b87f712 Replace ridiculous libdes PRNG with RAND_bytes. These functions are not 
used anywhere in OpenSSL, but might be used by libdes applications.
 2000-02-05 10:39:54 +00:00
Andy Polyakov
d716308288 New xcbc_ok test vector is required after the parity bits in cbc2_key 
were fixed up. The catch is that in the DESX test the cbc2_key is used
as whitening key where *all* 64 bits are significant.
 2000-02-04 15:16:22 +00:00
Dr. Stephen Henson
af57d84312 Rename SSLeay_add_all_algorithms() et al to 
OpenSSL_add_all_algorithms(). Move these into
separate files so they work properly.
 2000-02-04 14:01:38 +00:00
Bodo Möller
f50c049707 Use correct, not American spelling. 2000-02-04 00:56:09 +00:00
Ulf Möller
ce76ce43ae *** empty log message *** 2000-02-03 23:38:55 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Ulf Möller
9dbc41d7ee Document hash functions. 2000-02-03 18:22:01 +00:00
Dr. Stephen Henson
82fc1d9c28 Add new -notext option to 'ca', -pubkey option to spkac. 
Remove some "WTF??" casts from applications.

Fixes to keep VC++ happy and avoid warnings.

Docs tidy.
 2000-02-03 02:56:48 +00:00
Bodo Möller
7999c65c9b Some 'const's for BNs. 2000-02-03 01:26:07 +00:00
Bodo Möller
bfe30e4d1b Include OpenSSL license. 2000-02-02 23:30:32 +00:00
Bodo Möller
aff0825c61 Tolerate negative numbers in BN_is_prime. 2000-02-02 22:18:01 +00:00
Bodo Möller
e74231ed9e rndsort{Miller, Rabin} primality test. 2000-02-02 21:20:44 +00:00
Andy Polyakov
fb81ac5e6b Support for "multiply high" instruction, see BN_UMULT_HIGH comment in 
crypto/bn/bn_lcl.h for further details. It should be noted that for
the moment of this writing the code was tested only on Alpha. If
compiled with DEC C the C implementation exhibits 12% performance
improvement over the crypto/bn/asm/alpha.s (on EV56 box running
AlphaLinux). GNU C is (unfortunately) 8% behind the assembler
implementation. But it's OpenVMS Alpha users who *may* benefit most
as 'apps/openssl speed rsa' exhibits 6 (six) times performance
improvement over the original VMS bignum implementation. Where "*may*"
means "as soon as code is enabled though #define SIXTY_FOUR_BIT and
crypto/bn/asm/vms.mar is skipped."
 2000-02-02 16:18:12 +00:00
Ulf Möller
1399f17a07 Bug fix: BN_is_prime() would fail with a high probability for small 
primes (negligible for larger ones).
 2000-02-01 23:48:55 +00:00
Ulf Möller
0bde1089f8 match the prototype 2000-02-01 23:47:24 +00:00
Bodo Möller
cb5b7850ac If n0 == d0, we must alway compute 'rem' "by hand" 2000-02-01 11:10:54 +00:00
Bodo Möller
fe7cd1647d Typo in preprocessor symbol. 2000-02-01 08:48:30 +00:00
Ulf Möller
f40c02d908 undo. I keep confusing my directories. :( 2000-02-01 02:24:10 +00:00
Ulf Möller
8efb60144d EBCDIC support. 
Submitted by: Martin Kraemer <martin.kraemer@mch.sni.de>
 2000-02-01 02:21:16 +00:00
Ulf Möller
4e3b0992da Checked in some junk. Sorry. 2000-01-30 23:46:18 +00:00
Ulf Möller
51ca375e7e Seek out and destroy another evil cast. 2000-01-30 23:33:40 +00:00
Ulf Möller
9d1a01be8f Source code cleanups: Use void * rather than char * in lhash, 
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
 2000-01-30 22:20:28 +00:00
Bodo Möller
1baa94907c Make output of "openssl dsaparam 1024" more interesting :-) 2000-01-30 03:32:28 +00:00
Bodo Möller
7865b871c0 Tiny changes to previous patch (the log message was meant to be 
"Make DSA_generate_parameters faster").
 2000-01-30 02:40:38 +00:00
Bodo Möller
a87030a1ed Make DSA_generate_parameters, and fix a couple of bug 
(including another problem in the s3_srvr.c state machine).
 2000-01-30 02:23:03 +00:00
Richard Levitte
1e264ff325 Reimplement so only one synchronous stack is used. The benefit is 
that function pointers are nicely tucker in their structure.
 2000-01-29 01:22:03 +00:00
Dr. Stephen Henson
e1314b5716 Fix CRL encoding bug. 2000-01-29 00:00:26 +00:00
Dr. Stephen Henson
90644dd74d New -pkcs12 option to CA.pl. 
Document CA.pl script.
Initialise and free up the extra DH fields
(nothing uses them yet though).
 2000-01-28 01:35:31 +00:00
Richard Levitte
f95a9f678a Declare BN_pseudo_rand(). 2000-01-27 22:07:42 +00:00
Bodo Möller
953aa79040 A couple of things were reversed for BN_pseudo_rand ... 2000-01-27 21:09:25 +00:00
Ulf Möller
157be2b67d comment was wrong. 2000-01-27 19:52:58 +00:00
Ulf Möller
38e33cef15 Document DSA and SHA. 
New function BN_pseudo_rand().
Use BN_prime_checks_size(BN_num_bits(w)) rounds of Miller-Rabin when
generating DSA primes (why not use BN_is_prime()?)
 2000-01-27 19:31:26 +00:00
Bodo Möller
2233bed1cb typo in a comment 2000-01-27 14:31:31 +00:00
Bodo Möller
ec1258dd44 Update comments to provide a better approximation of reality. 2000-01-27 13:00:10 +00:00
Bodo Möller
b99b110766 Add a pointer to a paper (is the algorithm in section 4.2 the 
word-based algorithm we are using?)
 2000-01-27 12:52:41 +00:00
Bodo Möller
6e0cad8d34 enable Montgomery test 2000-01-27 11:26:28 +00:00
Bodo Möller
5f5e96d92b Update references. 2000-01-27 09:15:49 +00:00
Ulf Möller
e93f9a3284 Run ispell. 
Clean up bn_mont.c.
 2000-01-27 01:50:42 +00:00
Bodo Möller
1d7d74647a Give the correct e-mail address even though the message is not quite serious 2000-01-24 10:20:45 +00:00
Bodo Möller
05ccd698b9 RAND_load_file(..., -1) now means "read the complete file"; 
this is what we now use to read $RANDFILE / $HOME/.rnd.
(Previously, after 'cat'ting lots of stuff into .rnd
only the first MB would be looked at.)

Bugfix for apps/enc.c: Continue if RAND_pseudo_bytes returns 0
(only -1 is an error).
 2000-01-24 10:03:24 +00:00
Bodo Möller
7be5af1ddf The des_xcbc_encrypt apparently always fails. 
Workaround so that "make test" continues anyway.
 2000-01-24 09:24:28 +00:00
Richard Levitte
baf32381b5 Add the PID to the output on Win32. 2000-01-24 04:05:00 +00:00
Ulf Möller
0e930f25d2 Rename asn1/pkcs8.c to asn1/p8_key.c to avoid name conflict. 2000-01-24 01:18:36 +00:00
Dr. Stephen Henson
dd9d233e2a Tidy up CRYPTO_EX_DATA structures. 2000-01-23 23:41:49 +00:00
Ulf Möller
dd8dec69b8 Document the BN library. 2000-01-23 22:06:24 +00:00
Bodo Möller
ce052b6c3b Under VMS, ftruncate should be available 2000-01-23 22:02:34 +00:00
Bodo Möller
e84c2d2679 As ftruncate is not availabe on all platforms, switch back to 
opening the output file with "wb" to truncate it except on VMS
(where the file now keeps its original length because it is opened
with "rb+" -- does VMS have ftruncate?)
 2000-01-23 19:58:03 +00:00
Bodo Möller
c88a900fa1 update PRNG documentation/comments 2000-01-22 23:11:13 +00:00
Ulf Möller
fcb76baeb0 fail on all errors. 2000-01-22 21:25:36 +00:00
Ulf Möller
4486d0cd7a Document the DH library, and make some minor changes along the way. 2000-01-22 20:05:23 +00:00
Ulf Möller
0b5cfe32e9 Use comment from md_rand.c in rand.pod 2000-01-21 23:36:40 +00:00
Bodo Möller
2c8aeddc5d change comments 2000-01-21 20:18:09 +00:00
Bodo Möller
720b3598d6 Avoid integer overflow in entropy counter. 
Slightly clarify the RAND_... documentation.
 2000-01-21 19:54:22 +00:00
Ulf Möller
60b5245360 Document RAND library. 2000-01-21 17:50:27 +00:00
Bodo Möller
674b8eec4c In RAND_write_file, truncate the file to the no. of bytes written 
(we're now using fopen(..., "rb+") instead of fopen(..., "wb"),
so the file is not truncated automatically).
 2000-01-21 17:11:26 +00:00
Ulf Möller
e7f97e2d22 Check RAND_bytes() return value or use RAND_pseudo_bytes(). 2000-01-21 01:15:56 +00:00
Ulf Möller
731d9c5fb5 Some more ifdefs for no-xxx options. 2000-01-21 00:03:51 +00:00
Ulf Möller
b25c8db872 AFAICS lst1 stands for "lshift test" not "list". 2000-01-21 00:00:12 +00:00
Bodo Möller
4146aa6b42 Rename lst1 to list1 to avoid name conflict on some platforms. 2000-01-20 23:15:50 +00:00
Dr. Stephen Henson
281959aa61 Oops... undo change to wrong prototype. 2000-01-20 02:27:36 +00:00
Dr. Stephen Henson
6e6bc352b1 Finish off the X509_ATTRIBUTE string stuff. 2000-01-20 01:37:17 +00:00
Dr. Stephen Henson
77b47b9036 Rename X509_att*() stuff to X509at_*(), add X509_REQ wrappers. 2000-01-19 01:02:13 +00:00
Ulf Möller
721b5b2a5c Rename rsa_oaep_test to the more appropriate name rsa_test for the 
benefit of MS-DOS users.
 2000-01-18 15:08:49 +00:00
Richard Levitte
a9188d4e17 Compaq C 6.2 for VMS will complain when we want to convert 
non-function pointers to function pointers and vice versa.
The current solution is to have unions that describe the
conversion we want to do, and gives us the ability to extract
the type of data we want.

The current solution is a quick fix, and can probably be made
in a more general or elegant way.
 2000-01-18 09:30:51 +00:00
Richard Levitte
ea5e7bcf63 Avoid converting void * to a function pointer when NULL is defined as 
((void *)0), by have a 0 instead.
 2000-01-18 08:23:15 +00:00
Richard Levitte
7256ce6a8c SOCKETSHR is showing bad declarations again. However, a simple cast 
which does no harm fixes that problem.
 2000-01-17 01:07:36 +00:00
Richard Levitte
2697557764 Give the user the possibility to ask for compilation of only the files 
that are directly in crypto/, and prepare for a possible disabling of
certain messages that DEC C spews out.
 2000-01-17 00:57:10 +00:00
Richard Levitte
b058a08085 It doesn't make sense to try see if these variables are negative, since they're unsigned. 2000-01-17 00:49:52 +00:00
Ulf Möller
b0bb2b914a Header for RAND_seed() 2000-01-16 21:07:36 +00:00
Ulf Möller
373b575f5a New function RAND_pseudo_bytes() generated pseudorandom numbers that 
are not guaranteed to be unpredictable.
 2000-01-16 15:58:17 +00:00
Richard Levitte
29ccd81f58 Cut'n'paste error 2000-01-16 12:30:16 +00:00
Richard Levitte
d593983da4 Synchronise with the makefiles. 2000-01-16 02:11:19 +00:00
Bodo Möller
7d388202bd add "randomness" 2000-01-15 21:48:46 +00:00
Bodo Möller
691401fc53 RAND_bytes's return values is 0 for an error, not -1. 2000-01-15 20:24:12 +00:00
Richard Levitte
ed84dfab00 Typo... 2000-01-14 21:54:34 +00:00
Bodo Möller
105c0be00f Let "make test" survive without DEVRANDOM 
(and rename a target in test/Makefile.ssl to make it
easier to guess the name of the file executed by it)
 2000-01-14 18:43:22 +00:00
Bodo Möller
7f5b6f0f19 In EVP_PKEY_assign[_...], return 0 for an error when they 
"key" is NULL.
 2000-01-14 18:41:28 +00:00
Bodo Möller
0c50e02b30 - Pseudo-seed the PRNG in programs used for "make test" 
because otherwise BN_rand will fail unless DEVRANDOM works,
  which causes the programs to dump core because they
  don't check the return value of BN_rand (and if they
  did, we still couldn't test anything).

- add comment to some files that appear not to be used at all.
 2000-01-14 17:55:37 +00:00
Bodo Möller
a8eeb155b5 Avoid some warnings, and run "make update". 2000-01-14 17:28:48 +00:00
Bodo Möller
2f878669b7 Avoid shadowing variables, 
and re-enable seeding with more data than read from DEVRANDOM -- just
don't pretend it contains entropy.
 2000-01-14 09:08:39 +00:00
Ulf Möller
f2b86c955c minor change for the prng 2000-01-14 02:31:32 +00:00
Bodo Möller
11afb40c01 Use CRYPTO_push_info to track down memory leak 
(only the CRYPTO_push_info's in the apps/ directory
are included in the CVS commit, not all those I used
in crypto/)
 2000-01-13 22:52:52 +00:00
Ulf Möller
eb952088f0 Precautions against using the PRNG uninitialized: RAND_bytes() now 
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
 2000-01-13 20:59:17 +00:00
Bodo Möller
76aa0ddc86 Turn BN_prime_checks into a macro. 
Primes p where (p-1)/2 is prime too are called "safe", not "strong".
 2000-01-12 11:57:30 +00:00
Bodo Möller
e4b7645631 add dependency and auto-generation rule for bn_prime.h 
(created by bn_prime.pl, which now prints the copyright/license
note as found in bn_prime.h)
 2000-01-12 09:16:22 +00:00
Dr. Stephen Henson
25f923ddd1 New function X509_CTX_rget_chain(), make SSL_SESSION_print() display return code. 
Remove references to 'TXT' in -inform and -outform switches.
 2000-01-09 14:21:40 +00:00
Ben Laurie
752d706aaf Make NO_RSA compile with pedantic. 2000-01-08 21:06:24 +00:00
Dr. Stephen Henson
c3ed3b6eab Add -prexit command to s_client and patch some BIO 
functions so it doesn't crash. Document s_client.
 2000-01-08 19:05:47 +00:00
Bodo Möller
d2b6c3f31f apps/openssl.cnf and the documentation say it's "nombstr", 
but crypto/asn1/a_strnid.c had "nombchar".
 2000-01-07 13:05:41 +00:00
Bodo Möller
63da21c01b make no-des and no-rc2 work. 2000-01-07 12:15:54 +00:00
Bodo Möller
b64e735b08 add V_CRYPTO_MDEBUG_ALL 
Submitted by:
Reviewed by:
PR:
 2000-01-07 10:50:54 +00:00
Dr. Stephen Henson
fc6be0fa56 #undef PKCS7_SIGNER_INFO for Win32 to avoid clashes. 
Fix so CRLDistributionPoints relativeName option uses
the correct type.
 2000-01-07 02:23:42 +00:00
Dr. Stephen Henson
35f4850ae0 More X509_ATTRIBUTE changes. 2000-01-07 00:55:54 +00:00
Dr. Stephen Henson
b38f9f66c3 Initial automation changes to 'req' and X509_ATTRIBUTE functions. 2000-01-06 01:26:48 +00:00
Andy Polyakov
1eab9a1fbb Metrowerks for Motorola tune-up. 2000-01-02 22:03:10 +00:00
Dr. Stephen Henson
3d14b9d04a Add support for MS "fast SGC". 2000-01-02 18:52:58 +00:00
Dr. Stephen Henson
20432eae41 Fix some of the command line password stuff. New function 
that can automatically determine the type of a DER encoded
"traditional" format private key and change some of the
d2i functions to use it instead of requiring the application
to work out the key type.
 2000-01-01 16:42:49 +00:00
Dr. Stephen Henson
f45f40ffff Add OIDs for idea and blowfish. Unfortunately these are in 
the middle of the OID table so the diff is rather large :-(
 1999-12-29 02:59:18 +00:00
Dr. Stephen Henson
6447cce372 Simplify the trust structure: basically zap the bit strings and 
represent everything by OIDs.
 1999-12-29 00:40:28 +00:00
Andy Polyakov
76997b7dd0 MacOS updates. Initial support for GUSI (MacOS socket implementation) 
is added.
 1999-12-26 22:46:49 +00:00
Dr. Stephen Henson
e6f3c5850e New {i2d,d2i}_PrivateKey_{bio, fp} functions. 1999-12-26 19:20:03 +00:00
Andy Polyakov
b96eb06f79 Makefile clean-ups, crypto/bn/asm/alpha.s compiles on Alpha Linux. 1999-12-25 16:08:31 +00:00
Dr. Stephen Henson
36217a9424 Allow passwords to be included on command line for a few 
more utilities.
 1999-12-24 23:53:57 +00:00
Dr. Stephen Henson
12aefe78f0 Fixes so NO_RSA works again. 1999-12-24 17:26:33 +00:00
Dr. Stephen Henson
525f51f6c9 Add PKCS#8 utility functions and add PBE options. 1999-12-23 02:02:42 +00:00
Richard Levitte
a9e9db8153 Synchronising 1999-12-22 05:57:00 +00:00
Dr. Stephen Henson
e76f935ead Support for ASN1 NULL type. 1999-12-22 01:39:23 +00:00
Andy Polyakov
404fb7149e Even more late break-in MacOS tidbits... 1999-12-19 22:56:23 +00:00
Andy Polyakov
a7c5241f5f Late break-in patch for MacOS support. 1999-12-19 21:35:29 +00:00
Andy Polyakov
099f1b32c8 Initial support for MacOS is now available 
Submitted by: Roy Woods <roy@centricsystems.ca>
Reviewed by: Andy Polyakov
 1999-12-19 16:17:45 +00:00
Andy Polyakov
9a1e34e5de MacOS updates. 1999-12-19 16:07:19 +00:00
Bodo Möller
2b6313d0da Rename 
CRYPTO_add_info    => CRYPTO_push_info
   CRYPTO_remove_info => CRYPTO_pop_info
in the hope that these names are more descriptive;
and "make update".
 1999-12-18 13:51:47 +00:00
Bodo Möller
75acc288ca fix typos and other little errors ... 1999-12-18 13:25:45 +00:00
Bodo Möller
0cd08cce17 - Don't assume that int and size_t have the same representation 
(and that malloc can be called with an int argument).
- Use proper prototypes (with argument list) for various function pointers,
  avoid casts  (however there are still many such cases left in these files).
- Avoid collissions in app_info_cmp if sizeof int != sizeof long.
- Use CRYPTO_LOCK_MALLOC in mem_dbg.c.
 1999-12-18 05:22:50 +00:00
Richard Levitte
f3a2a04496 - Added more documentation in CHANGES. 
- Made CRYPTO_MDEBUG even less used in crypto.h, giving
   MemCheck_start() and MemCheck_stop() only one possible definition.
 - Made the values of the debug function pointers in mem.c dependent
   on the existence of the CRYPTO_MDEBUG macro, and made the rest of
   the code understand the NULL case.

That's it.  With this code, the old behvior of the debug functionality
is restored, but you can still opt to have it on, even when the
library wasn't compiled with a defined CRYPTO_MDEBUG.
 1999-12-18 02:34:37 +00:00
Richard Levitte
d8df48a9bc - Made sure some changed behavior is documented in CHANGES. 
- Moved the handling of compile-time defaults from crypto.h to
   mem_dbg.c, since it doesn't make sense for the library users to try
   to affect this without recompiling libcrypto.
 - Made sure V_CRYPTO_MDEBUG_TIME and V_CRYPTO_MDEBUG_THREAD had clear
   and constant definitions.
 - Aesthetic correction.
 1999-12-18 01:14:39 +00:00
Richard Levitte
08807172b2 Clear out license confusion. 1999-12-17 16:49:23 +00:00
Richard Levitte
9ac42ed8fc Rebuild of the OpenSSL memory allocation and deallocation routines. 
With this change, the following is provided and present at all times
(meaning CRYPTO_MDEBUG is no longer required to get this functionality):

  - hooks to provide your own allocation and deallocation routines.
    They have to have the same interface as malloc(), realloc() and
    free().  They are registered by calling CRYPTO_set_mem_functions()
    with the function pointers.

  - hooks to provide your own memory debugging routines.  The have to
    have the same interface as as the CRYPTO_dbg_*() routines.  They
    are registered by calling CRYPTO_set_mem_debug_functions() with
    the function pointers.

I moved everything that was already built into OpenSSL and did memory
debugging to a separate file (mem_dbg.c), to make it clear what is
what.

With this, the relevance of the CRYPTO_MDEBUG has changed.  The only
thing in crypto/crypto.h that it affects is the definition of the
MemCheck_start and MemCheck_stop macros.
 1999-12-17 12:56:24 +00:00
Richard Levitte
8a1580096b Synchronise VMS scripts with Unix Makefiles 1999-12-16 19:57:50 +00:00
Dr. Stephen Henson
1887988497 Delete an unused variable and make the PKCS#12 keygen debugging code work 
again.
 1999-12-15 02:36:48 +00:00
Dr. Stephen Henson
3fc9635ea7 Fix the S/MIME code to use canonical MIME format for 
encrypted mail. Also update the smime docs.
 1999-12-15 01:26:17 +00:00
Ulf Möller
3b14cb717d Solaris x86 assembler problem is already addressed in ./config 
(bug reports keep coming in because that was still missing in 0.9.4)
 1999-12-14 15:28:10 +00:00
Dr. Stephen Henson
55f30198ad Various S/MIME fixes. Fix for memory leak, recipient list bug 
and not excluding parameters with DSA keys.
 1999-12-14 02:44:27 +00:00
Dr. Stephen Henson
2449961ab2 Fix a typo in a_enum.c. 1999-12-13 13:14:14 +00:00
Dr. Stephen Henson
b216664f66 Various S/MIME fixes. 1999-12-11 20:04:06 +00:00
Dr. Stephen Henson
d8223efd04 Fix for crashing INTEGERs, ENUMERATEDs and OBJECT IDENTIFIERs. 
Also fix a memory leak in PKCS#7 routines.
 1999-12-10 13:46:48 +00:00
Dr. Stephen Henson
e3775a33c1 Make the PKCS#7 S/MIME functions check for passed NULL pointers. 
Fix the usage message of smime utility and sanitise the return
codes.

Add some documentation.
 1999-12-09 01:31:32 +00:00
Ulf Möller
a4af39ac44 Don't use inline assembler on x86 Solaris (would need a different syntax). 1999-12-08 22:55:06 +00:00
Dr. Stephen Henson
a2121e0aee Add i2d_ASN1_PRINTABLESTRING() function, and do 'make update' 1999-12-08 00:56:15 +00:00
Dr. Stephen Henson
55ec5861c8 Modify S/MIME application so the -signer option writes the signer(s) 
to a file if we are verifying.
 1999-12-07 02:35:52 +00:00
Dr. Stephen Henson
5a9a4b299c Merge in my S/MIME library and utility. 1999-12-05 00:40:59 +00:00
Bodo Möller
23fb9bc0eb Use des_set_key_unchecked, not des_set_key. 1999-12-03 20:26:20 +00:00
Bodo Möller
cddfe788fb Add functions des_set_key_checked, des_set_key_unchecked. 
Never use des_set_key (it depends on the global variable des_check_key),
but usually des_set_key_unchecked.
Only destest.c bothered to look at the return values of des_set_key,
but it did not set des_check_key -- if it had done so,
most checks would have failed because of wrong parity and
because of weak keys.
 1999-12-03 20:24:21 +00:00
Dr. Stephen Henson
21131f00d7 New function PKC12_newpass() 1999-12-03 03:46:18 +00:00
Dr. Stephen Henson
6ea5314007 Fix a bug in the modified purpose code: it wasn't updated to use the 
new purpose getting function.

Update the ca-cert.pem and pca-cert.pem "CA" certificates so they
really are CA certificate: that is they have the appropriate extensions.
 1999-12-03 00:53:48 +00:00
Dr. Stephen Henson
dd4134101f Change the trust and purpose code so it doesn't need init 
either and has a static and dynamic mix.
 1999-12-02 02:33:56 +00:00
Dr. Stephen Henson
08cba61011 Modify the X509 V3 extension lookup code. 1999-12-01 01:49:46 +00:00
Dr. Stephen Henson
bb7cd4e3eb Remainder of SSL purpose and trust code: trust and purpose setting in 
SSL_CTX and SSL, functions to set them and defaults if no values set.
 1999-11-29 22:35:00 +00:00
Dr. Stephen Henson
13938aceca Add part of chain verify SSL support code: not complete or doing anything 
yet.

Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.

Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
 1999-11-29 01:09:25 +00:00
Dr. Stephen Henson
51630a3706 Add trust setting support to the verify code. It now checks the 
trust settings of the root CA.

After a few fixes it seems to work OK.

Still need to add support to SSL and S/MIME code though.
 1999-11-27 19:43:10 +00:00
Richard Levitte
74ecf9e2bb Add compilation of x509_trs 1999-11-27 15:26:48 +00:00
Dr. Stephen Henson
21f775522b Oops! Commit died on me :-( 1999-11-27 01:18:39 +00:00
Dr. Stephen Henson
9868232ae1 Initial trust code: allow setting of trust checking functions 
in a table. Doesn't do too much yet.

Make the -<digestname> options in 'x509' affect all relevant
options.

Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.

A few constification changes.
 1999-11-27 01:14:04 +00:00
Dr. Stephen Henson
d4cec6a13d New options to the -verify program which can be used for chain verification. 
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.

Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
 1999-11-26 00:27:07 +00:00
Dr. Stephen Henson
1126239111 Initial chain verify code: not tested probably not working 
at present. However nothing enables it yet so this doesn't
matter :-)
 1999-11-24 01:31:49 +00:00
Dr. Stephen Henson
6d3724d3b0 Support for authority information access extension. 
Fix so EVP_PKEY_rset_*() check return codes.
 1999-11-23 18:50:28 +00:00
Dr. Stephen Henson
52664f5081 Transparent support for PKCS#8 private keys in RSA/DSA. 
New universal public key format.

Fix CRL+cert load problem in by_file.c

Make verify report errors when loading files or dirs
 1999-11-21 22:28:31 +00:00
Dr. Stephen Henson
a716d72734 Support for otherName in GeneralName. 1999-11-19 02:19:58 +00:00
Ben Laurie
44eca70641 Update dependencies. 1999-11-18 14:32:54 +00:00
Ulf Möller
4f23052492 Missing #ifdef NO_DES 1999-11-17 13:03:29 +00:00
Dr. Stephen Henson
f76d8c4747 Modify verify code to handle self signed certificates. 1999-11-17 01:20:29 +00:00
Bodo Möller
b1fe6ca175 Store verify_result with sessions to avoid potential security hole. 1999-11-16 23:15:41 +00:00
Dr. Stephen Henson
91895a5938 Fix for a bug in PKCS#7 code and non-detached data. 
Remove rc4-64 from ciphers since it doesn't exist...
 1999-11-16 14:54:50 +00:00
Dr. Stephen Henson
e947f39689 New function X509_cmp(). 1999-11-16 00:56:03 +00:00
Dr. Stephen Henson
06556a1744 'req' fixes. Reinstate length check one request fields. 
Fix to stop null being added to attributes.
Modify X509_LOOKUP, X509_INFO to handle auxiliary info.
 1999-11-14 23:10:50 +00:00
Richard Levitte
6828f02c9a The info removal code was overcomplicated, and error-prone (references being wrongly decreased). Fixed. 1999-11-12 21:51:24 +00:00
Bodo Möller
47d216940c Avoid deadlock. 1999-11-12 16:20:30 +00:00
Richard Levitte
71d7526b72 Avoid some silly compiler warnings, and add the change log I forgot :-) 1999-11-12 03:12:46 +00:00
Richard Levitte
1f575f1b1d Two changes have been made: 
1. Added code to the memory leak detecting code to give the user the
     possibility to add information, thereby forming a traceback.

  2. Make the memory leak detecting code multithread-safe.

The idea is that we're actually dealing with two separate critical
sections, one containing the hash tables with the information, the
other containing the current memory checking mode.  Those should not
be handled with the same lock, especially since their handling overlap.
Hence, the added second lock.
 1999-11-12 02:51:24 +00:00
Richard Levitte
f18a93ab04 Some crypto applications are now being built on Unix, so they should on VMS as well. Not by default, however. 1999-11-12 02:21:49 +00:00
Richard Levitte
03da458a06 It's possible that considering the configuration file as a binary file 
works on Unix and MS-DOS/Windows.  It does not under VMS, so open it
as text.
 1999-11-12 02:19:05 +00:00
Richard Levitte
f48158b854 Avoid silly compiler warnings about functions not being declared and an int missing. 1999-11-12 02:10:23 +00:00
Richard Levitte
b3e1a4c68c Some new names in asn1.h are longer than 31 chars, which disturbs the VMS C compilers... 1999-11-12 02:04:30 +00:00
Richard Levitte
c96ab5101a Make sure installed files are world readable 1999-11-12 01:42:59 +00:00
Dr. Stephen Henson
53b1899e3c Fix a couple of outstanding issues: update STATUS file, fix NO_FP_API problems. 
Update docs, change 'ca' to use the new callback parameter. Now moved key_callback
into app.c because some other utilities will use it soon.
 1999-11-11 13:58:41 +00:00
Bodo Möller
0d9cfe1ae7 Undo silly change. 1999-11-09 16:41:52 +00:00
Ben Laurie
95fdc5eef9 Fix (spurious) warnings. 1999-11-09 12:09:24 +00:00
Bodo Möller
5fe2085bba Avoid some warnings. 1999-11-09 10:00:15 +00:00
Dr. Stephen Henson
a0ad17bb6c Fix to the -revoke option in ca. It was leaking memory, crashing and just 
plain not working :-(

Also fix some memory leaks in the new X509_NAME code.

Fix so new app_rand code doesn't crash 'x509' and move #include so it compiles
under Win32.
 1999-11-08 13:58:08 +00:00
Dr. Stephen Henson
ce1b4fe146 Allow additional information to be attached to a 
certificate: currently this includes trust settings
and a "friendly name".
 1999-11-04 00:45:35 +00:00
Mark J. Cox
ce2c95b2a2 Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). The 
problem was that one of the replacement routines had not been working since
SSLeay releases.  For now the offending routine has been replaced with
non-optimised assembler.  Even so, this now gives around 95% performance
improvement for 1024 bit RSA signs.
 1999-11-03 14:10:10 +00:00
Ulf Möller
b05eaeb545 *** empty log message *** 1999-10-30 19:09:05 +00:00
Dr. Stephen Henson
9716a8f9f2 Fix to PKCS#7 routines so it can decrypt some oddball RC2 handling. 1999-10-29 13:06:25 +00:00
Dr. Stephen Henson
74400f7348 Continued multibyte character support. 
Add a bunch of functions to simplify the creation of X509_NAME structures.

Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.
 1999-10-27 00:15:11 +00:00
Bodo Möller
62ac293801 Always hash the pid in the first iteration in ssleay_rand_bytes, 
don't try to detect fork()s by looking at getpid().
The reason is that threads sharing the same memory can have different
PIDs; it's inefficient to run RAND_seed each time a different thread
calls RAND_bytes.
 1999-10-26 16:26:48 +00:00
Bodo Möller
c1e744b912 Make md_rand.c more robust. 1999-10-26 14:49:12 +00:00
Bodo Möller
a31011e8e0 Various randomness handling bugfixes and improvements -- 
some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.
 1999-10-26 01:56:29 +00:00
Bodo Möller
38899535f8 Report an error from X509_STORE_load_locations 
when X509_LOOKUP_load_file or X509_LOOKUP_add_dir failed.
 1999-10-26 01:52:16 +00:00
Bodo Möller
798757762a Improve support for running everything as a monolithic application. 
Submitted by: Lennart Bång, Bodo Möller
 1999-10-25 19:36:01 +00:00
Bodo Möller
a5fcd09e75 Respect PEX_LIBS and EX_LIBS when building binaries 
(needed for RSAREF builds)
 1999-10-25 19:28:38 +00:00
Dr. Stephen Henson
f769ce3ea4 More multibyte character support. 
Functions to get keys from EVP_PKEY structures.
 1999-10-25 02:00:09 +00:00
Ben Laurie
042a93e443 Constification. 1999-10-23 09:30:09 +00:00
Ben Laurie
cbb448c945 Don't return stuff from void functions. 1999-10-23 09:19:42 +00:00
Dr. Stephen Henson
462f79ec44 New function ASN1_mbstring_copy() to handle ASN1 string copying. Ultimately 
this will be used to clear up the horrible DN mess.
 1999-10-21 13:20:49 +00:00
Dr. Stephen Henson
08e9c1af6c Replace the macros in asn1.h with function equivalents. Also make UTF8Strings 
tolerated in certificates.
 1999-10-20 01:50:23 +00:00
Bodo Möller
023c8d0b0a Use of DEVRANDOM must be #ifdef'ed (the #ifdef was commented out 
between SSLeay 0.8.1b and 0.9.0b with no apparent reason).
If we *want* an error when DEVRANDOM is not defined (it always is with
the current e_os.h) we should use #error.
 1999-10-14 17:31:53 +00:00
Dr. Stephen Henson
673b102c5b Initial support for certificate purpose checking: this will 
ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.
 1999-10-13 01:11:56 +00:00
Dr. Stephen Henson
56a3fec1b1 Add EX_DATA support to X509. 
Fix a bug in the X509_get_d2i() functions which didn't check if crit was NULL.
 1999-10-11 01:30:04 +00:00
Dr. Stephen Henson
4654ef985b New functions to parse and get extensions. 1999-10-09 02:54:10 +00:00
Andy Polyakov
2dae04d038 RC4 tune-up featuring 30-40% performance improvement on most RISC 
platforms. See crypto/rc4/rc4_enc.c for further details.
 1999-10-07 12:03:59 +00:00
Dr. Stephen Henson
2d681b779c Fix for bug in pkcs12 program and typo in ASN1_tag2str(). 1999-10-05 12:57:50 +00:00
Dr. Stephen Henson
3ea23631d4 Add support for public key input and output in rsa and dsa utilities with some 
new DSA public key functions that were missing.

Also beginning of a cache for X509_EXTENSION structures: this will allow them
to be accessed more quickly for things like certificate chain verification...
 1999-10-04 21:17:47 +00:00
Dr. Stephen Henson
393f2c651d Fix for d2i_ASN1_bytes and stop PKCS#7 routines crashing is signed message 
contains no certificates.

Also fix typo in RANLIB changes.
 1999-10-04 12:08:59 +00:00
Ralf S. Engelschall
f846335657 Add prototypes for new DSA functions Steve added recently. 1999-10-04 10:55:04 +00:00
Dr. Stephen Henson
4579dd5dc6 Fix for base64 BIO decoding bug 1999-10-02 13:33:06 +00:00
Ulf Möller
8e1589ece5 VC++ warning. 1999-09-29 22:11:06 +00:00
Ulf Möller
49e747e670 Generate obj_dat.h in "make update". 1999-09-29 21:03:02 +00:00
Bodo Möller
e405b8d120 new control code BIO_C_RESET_READ_REQUEST 1999-09-27 13:43:59 +00:00
Andy Polyakov
6cc4ee03df RC4 tune-up. 
See comments in the code (after #if defined(RC4_CHUNK)) for more details.
 1999-09-26 12:47:17 +00:00
Dr. Stephen Henson
bf1966354a Lots of evil casts to stop VC++ choking with "possible loss of data" 
warnings :-(
 1999-09-19 00:40:56 +00:00
Dr. Stephen Henson
1c80019a2c Add new sign and verify members to RSA_METHOD and change SSL code to use sign 
and verify rather than direct encrypt/decrypt.
 1999-09-18 22:37:44 +00:00
Dr. Stephen Henson
090d848ea8 Various CRL enhancements tidies and workaround for broken CRLs. 1999-09-18 01:42:02 +00:00
Andy Polyakov
17f389bbbf Initial support for MacOS. 
This will soon be complemented with MacOS specific source code files and
INSTALL.MacOS.

I (Andy) have decided to get rid of a number of #include <sys/types.h>.
I've verified it's ok (both by examining /usr/include/*.h and compiling)
on a number of Unix platforms. Unfortunately I don't have Windows box
to verify this on. I really appreciate if somebody could try to compile
it and contact me a.s.a.p. in case a problem occurs.

Submitted by: Roy Wood <roy@centricsystems.ca>
Reviewed by: Andy Polyakov <appro@fy.chalmers.se>
 1999-09-11 17:54:18 +00:00
Ulf Möller
778f1092dd Parantheses not needed. 1999-09-10 16:13:24 +00:00
Bodo Möller
5671876d1d "make update" 1999-09-10 15:34:55 +00:00
Bodo Möller
6f7af1524e Use non-copying BIO interface in ssltest.c. 1999-09-10 14:03:21 +00:00
Bodo Möller
ac3e3cdc96 typo 1999-09-10 13:25:25 +00:00
Ulf Möller
953ad1bc10 Correction for the testapps lines. 1999-09-10 11:44:52 +00:00
Ben Laurie
d680ba8617 Correct warnings. 1999-09-09 20:15:17 +00:00
Bodo Möller
396f631458 some more patches for avoiding problems with non-automatic variables 1999-09-08 21:58:13 +00:00
Dr. Stephen Henson
0d64ea89f7 Fix typo. 1999-09-08 20:01:28 +00:00
Dr. Stephen Henson
c1cd88a0eb Oops... forgot the other RSA_NULL patches... 1999-09-08 18:19:45 +00:00
Dr. Stephen Henson
4a61a64f50 This is preliminary support for an "RSA null" cipher. Unfortunately when 
OpenSSL is compiled with NO_RSA, no RSA operations can be used: including
key generation storage and display of RSA keys. Since these operations are
not covered by the RSA patent (my understanding is it only covers encrypt,
decrypt, sign and verify) they can be included: this is an often requested
feature, attempts to use the patented operations return an error code.

This is enabled by setting RSA_NULL. This means that if a particular application
has its own legal US RSA implementation then it can use that instead by setting
it as the default RSA method.

Still experimental and needs some fiddling of the other libraries so they have
some options that don't attempt to use RSA if it isn't allowed.
 1999-09-08 18:02:25 +00:00
Ulf Möller
6882a96446 Use proper flags to build the testapps (default CC value causes confusion 
on Solaris)
 1999-09-08 16:14:52 +00:00
Bodo Möller
c1082a90bb Non-copying interface to BIO pairs. 
It's still totally untested ...
 1999-09-07 21:37:09 +00:00
Dr. Stephen Henson
a785abc324 New function to convert ASN1 tag values to strings. Also fix typo in asn1.h 1999-09-07 12:16:29 +00:00
Ben Laurie
092ec334f0 Fix warnings. 1999-09-06 11:06:54 +00:00
Ben Laurie
232616efce Fix warnings. 1999-09-06 09:29:29 +00:00
Andy Polyakov
69fb1c3f9d SHA clean-up Intel assembler companion. 
I've chosen to nest two functions in order to save about 4K. As a result
s1-win32.asm doesn't look right (nested PROC/ENDP SEGMENT/ENDS) and it's
probably impossible to compile. I assume I have to reconsider... But not
today...
 1999-09-05 14:17:42 +00:00
Andy Polyakov
7f7c318cfc SHA clean-up and (LP64) tune-up. 
"Clean-up" stands for the fact that it's using common message digest
template ../md32_common.h and sha[1_]dgst.c are reduced down to
'#define SHA_[01]' and then '#include "sha_locl.h"'. It stands "(LP64)"
there because it's 64 bit platforms which benefit most from the tune-up.
The updated code exhibits 40% performance improvement on IRIX64
(sounds too good, huh? I probably should double check if it's not
some cache trashing that was holding it back before), 28% - on
Alpha Linux and 12% - Solaris 7/64.
 1999-09-05 12:42:04 +00:00
Dr. Stephen Henson
aef838fc95 New UTF8 utility functions to parse/generate UTF8 strings. 1999-09-04 17:19:55 +00:00
Bodo Möller
074309b7ee Fix server behaviour when facing backwards-compatible client hellos. 1999-09-03 16:33:11 +00:00
Dr. Stephen Henson
8ce97163a2 Add new 'spkac' utility and several SPKAC utility functions. 1999-09-03 01:08:34 +00:00
Dr. Stephen Henson
ac8b4ee04a Make DH_free() free up any ex_data and also call the finish method. 1999-09-01 23:50:43 +00:00
Andy Polyakov
2d0c55eda2 RIPEMD160 shape-up Intel assembler companion. Cycle counter benchmarks 
went down from 1050 to 921 cycles on Pentium II. I haven't checked the
figures on Pentium yet.
 1999-08-28 13:07:51 +00:00
Andy Polyakov
28e0be13f6 RIPEMD160 shape-up. Major news are that it's operational on all platforms 
now and I'm putting it back to 'make test' later today.
 1999-08-28 12:55:45 +00:00
Ulf Möller
b357e95cc4 make testapps after the library. 1999-08-28 12:50:48 +00:00
Andy Polyakov
1cbde6e4fa md32_common.h update and accompanying MD5 update. 1999-08-28 12:41:03 +00:00
Dr. Stephen Henson
c79b16e11d Allow extensions to be added to certificate requests, update the sample 
config file (change RAW to DER).
 1999-08-25 16:59:26 +00:00
Ulf Möller
43ca6c02dc make update. 1999-08-24 17:45:16 +00:00
Andy Polyakov
0bbd03525e Minor MIPS III/IV tune-up. 1999-08-24 16:02:16 +00:00
Dr. Stephen Henson
7b65c3298f Fix for a bug which meant encrypting BIOs sometimes wouldn't read the final 
block.
 1999-08-24 13:21:35 +00:00
Dr. Stephen Henson
13066cee60 Initial support for DH_METHOD. Also added a DH lock. A few changes made to 
DSA_METHOD to make it more consistent with RSA_METHOD.
 1999-08-23 23:11:32 +00:00
Dr. Stephen Henson
c0711f7f0f Initial support for DSA_METHOD... 1999-08-22 17:57:38 +00:00
Dr. Stephen Henson
8484721adb Allow memory bios to be read only and change PKCS#7 routines to use them. 1999-08-19 13:07:43 +00:00
Bodo Möller
6e4a3b5529 Really undo the base64 change so that make test survives 1999-08-18 16:42:27 +00:00
Dr. Stephen Henson
c6c3450643 Fix PKCS7_ENC_CONTENT_new() to include a sensible default content type and add 
support for encrypted content type in PKCS7_set_content().
 1999-08-17 12:58:01 +00:00
Ulf Möller
364836ca1c Undo base64 decoding change (was not a bug fix). 1999-08-14 20:49:37 +00:00
Ulf Möller
2b7af70139 Fix faulty base64 decoding of data that was 46 or 47 bytes long. 
Submitted by: Ivan Nejgebauer <ian@uns.ns.ac.yu>
 1999-08-13 19:42:33 +00:00
Ulf Möller
1bf0b46b13 Add pkcs7 and des apps to "make all". 1999-08-13 19:21:53 +00:00
Ulf Möller
27ad06a627 Compile pkcs7 and des apps. 1999-08-13 18:04:04 +00:00
Bodo Möller
690233bccc Submitted by: Lidong Zhou <ldzhou@cs.cornell.edu> 1999-08-11 13:31:03 +00:00
Dr. Stephen Henson
fd52057729 Add functions to allow extensions to be added to certificate requests. 
Modify obj_dat.pl to take its files from the command line. Usage is now
perl obj_dat.pl objects.h obj_dat.h
this should avoid redirection shell escape problems under Win32.
 1999-08-11 13:08:58 +00:00
Bodo Möller
8b94634428 Fix typo. 1999-08-11 08:28:40 +00:00
Bodo Möller
019a7aba4a Updates. 
Prototypes and constant declarations for non-copying reads and writes for
BIO pairs (which is totally untested as of now, so I don't yet commit
the actual source code, but reserve the numbers to avoid conflicts).
 1999-08-10 11:36:22 +00:00
Dr. Stephen Henson
87c49f622e Support for parsing of certificate extensions in PKCS#10 requests: these are 
used by things like Xenroll. Also include documentation for extendedKeyUsage
extension.
 1999-08-09 22:38:05 +00:00
Ralf S. Engelschall
d91e201e96 Bump after tarball rolling. 
Friends, feel free to start again hacking for 0.9.5... ;)
 1999-08-09 11:14:08 +00:00
Ralf S. Engelschall
2c720c746b Bump version to 0.9.4 1999-08-09 10:40:38 +00:00
Bodo Möller
a9642be663 more consistent formatting 1999-08-08 14:06:29 +00:00
Ralf S. Engelschall
1d5edd0882 Fix two remaining prototype-related warnings 1999-08-08 11:25:32 +00:00
Ralf S. Engelschall
9639515871 A few more ``#ifndef NO_FP_API / #endif'' pairs for consistency. 
Hint from: Andrija Antonijevic <TheAntony2@bigfoot.com>
 1999-08-08 10:15:43 +00:00
Bodo Möller
9918762413 change formatting a bit 1999-08-07 02:45:31 +00:00
Bodo Möller
a12258fcd2 fix the bug 1999-08-06 12:27:39 +00:00
Bodo Möller
48c843c367 New function DSA_dup_DH, and fixes for bugs that were found 
while implementing and using it.
 1999-08-05 11:50:18 +00:00
Ben Laurie
ab8f6b415f More diagnostics. 1999-08-03 10:19:02 +00:00
Ben Laurie
97e84e38df Make it compile under -pedantic. 1999-08-03 10:18:27 +00:00
Bodo Möller
316d5cdc85 comment 1999-08-03 08:31:13 +00:00
Bodo Möller
4c8319c0f5 Revert erroneous change. 1999-08-03 06:05:54 +00:00
Bodo Möller
50ccbc13f6 automatically use no-mdc2 if no-des is requested. 1999-08-02 22:13:46 +00:00
Bodo Möller
a851544169 avoid some NO_<cipher> problems 1999-08-02 21:44:49 +00:00
Bodo Möller
927ddaffeb avoid cast 1999-08-02 19:55:51 +00:00
Andy Polyakov
4c22909e31 Extra i386+gcc bn_div.c tune-up featuring inline division and saving 
the remainder left in %edx. Here is the resulting performance improvement
matrix (improvement as a result of this *and* previous tune-up committed
two days ago). The results were obtained by profiling the "div" part of
the crypto/bn/bnspeed.c.

CPU	BN_div	bn_div_words	overall	comment
------------------------------------------------------------------------
PII	+16%	accumulated by	+2-3%	PII multiplies damn fast! Taking
		inlining		multiplication out of the loop
					didn't make too much difference.
					Eliminating of the multiplication
					involved in remainder calculation
					is the major factor.

Pentium	+45%	accumulated by	+7-9%	mull isn't that fast and replacing
		inlining		multiplications with additions in
					the loop has more visible effect:-)

MIPS	+75%	+12%		+20-25%	In addition to the taking mults
R10000					out of the loop (giving 12% in the
					asm/mips3.s) three mults were
					eliminated in BN_div.

Alpha	+30%	+50%		+10-15%	Same as above. But remember that
EV4					bn_div_words is a C implementation.
					It takes 4 Alpha mults in C to do
					the same thing as 1 MIPS mult in
					assembler does. So the effect (50%)
					is more impressive. But not the
					overall one... Well, if Alpha
					bn_mul_add would be implemented
					in assembler overall improvement
					would be closer to MIPS...
 1999-07-31 23:27:41 +00:00
Bodo Möller
8d85b33eb5 by request: let BN_dup(NULL) just return NULL 1999-07-30 19:22:57 +00:00
Andy Polyakov
0dd25e3606 Bignum division tune-up. Idea is to move multiplications in front of 
loop body and replace 'em with addition/subtraction.
 1999-07-30 11:43:43 +00:00
Bodo Möller
a40f6dce87 correct error signalling for opendir() failure 1999-07-30 10:43:34 +00:00
Dr. Stephen Henson
08dbdb85ee Fix to PKCS#12 code to use the cipher block length when allocating a buffer 
for encrypted data, rather than hard coding '8'.
 1999-07-30 10:11:21 +00:00
Dr. Stephen Henson
922180d794 Allow the PKCS#7 (S/MIME encrypt) application to support more than one 
recipient.
 1999-07-30 01:12:46 +00:00
Ulf Möller
fd556cbfb6 No use in naming the cblock _; the structure still is incompatible 
to Kerberos.
 1999-07-29 16:15:48 +00:00
Ulf Möller
7463ca9acc obj_dat.h is autogenerated (it was in the CVS because old versions of 
Configure didn't generate the file in Windows builds).
 1999-07-29 14:10:20 +00:00
Bodo Möller
571199434c Always use buildinf.h, which now includes the mk1mfinf.h data. 
Using different files caused problems because the dependencies
in the Makefiles produced by mk1mf.pl were for the standard case,
i.e. mentioned buildinf.h and not mk1mfinf.h.
 1999-07-29 12:57:23 +00:00
Ulf Möller
37b7185b5d Restore compability with kerberos/des.h (I had deleted some seemingly useless 
definitions such as C_Block earlier).
 1999-07-29 00:09:49 +00:00
Ulf Möller
8c197cc55e VMS updates. 
Submitted by: Richard Levitte <levitte@stacken.kth.se>
 1999-07-28 23:25:59 +00:00
Dr. Stephen Henson
3e3d2ea2fc New function OBJ_obj2txt() 1999-07-27 22:22:58 +00:00
Dr. Stephen Henson
770d19b862 New RSA flag RSA_FLAG_EXT_PKEY, to always call rsa_mod_exp. 1999-07-27 21:58:08 +00:00
Andy Polyakov
5965902e6e when invoking bn_*_comba[48] result->top wasn't always set correctly. 1999-07-27 09:36:59 +00:00
Bodo Möller
2e0fc87599 Use correct CFLAG definition for makefile.one builds. 1999-07-27 09:10:36 +00:00
Andy Polyakov
1656ef2997 SPARC Solaris config updates. 
./config sences whole range of SPARC instruction sets. Do note that
it favors Sun C now if both gcc and cc 4.2 or later are present!
 1999-07-25 22:25:12 +00:00
Andy Polyakov
6841fb0d1e Minor MD5 tune-up for WIN32 on Intel. 1999-07-25 15:25:30 +00:00
Andy Polyakov
a0618e3e5e Added support for SPARC Linux. 1999-07-25 15:13:49 +00:00
Andy Polyakov
ccb8a026c0 GNU assembler (read SPARC Linux) support added. 1999-07-25 14:07:48 +00:00
Andy Polyakov
fccbb9b34f - performance retunes, v8plus bn_*_comba routines are reimplemented; 
- support for GNU assembler (read SPARC Linux);
 1999-07-25 12:34:30 +00:00
Bodo Möller
f66c303201 Don't include x509.h when we just need asn1.h 1999-07-24 03:09:01 +00:00
Ulf Möller
40e29b1976 Remove obsolete files. 1999-07-22 21:57:41 +00:00
Bodo Möller
22341d4085 ignore r586unix.cpp 1999-07-22 16:23:54 +00:00
Bodo Möller
cad4e62b24 date.h no longer to be deleted by "make clean" 1999-07-22 16:22:11 +00:00
Ulf Möller
49b8142262 Make the perl module compile and eliminate some of the warnings. 
Still doesn't work (the destructor on BIO and SSL is called immediately
after creating the object. Why that??)
 1999-07-22 16:10:31 +00:00
Bodo Möller
f0e8ae723c Torture weak compilers less by not automatically including x509.h where 
it is not needed.
 1999-07-21 22:10:23 +00:00
Bodo Möller
74678cc2f8 Additional user data argument to pem_password_cb function type 
and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>
 1999-07-21 20:57:16 +00:00
Bodo Möller
664b99853c avoid -DPLATFORM=\"...\" and -DCFLAGS=\"...\" command lines, 
use new file buildinf.h instead.
 1999-07-21 20:49:15 +00:00
Bodo Möller
16bc9fea4d slight clean-up 1999-07-21 20:47:51 +00:00
Bodo Möller
ae6767430e Auto-generated file -- this should not be under version control 
(and the other */asm/*.cpp files are not)
 1999-07-21 20:47:19 +00:00
Andy Polyakov
cea538154b Get rid of redundant multiplications in bn_div_words. 1999-07-21 13:53:01 +00:00
Andy Polyakov
7363455fac MIPS III/IV assembler module is reimplemented. 1999-07-20 15:50:20 +00:00
Andy Polyakov
eaccfe8b29 crypto/bn/asm/mips3.s is moved to crypto/bn/asm/obsolete/ 1999-07-20 13:43:26 +00:00
Andy Polyakov
d2759c2135 crypto/bn/asm/mips3.s is obsolete. I'm moving it to crypto/bn/asm/obsolete 
in order to replace it with a new version.
 1999-07-20 13:40:02 +00:00
Bodo Möller
e391116a48 New compile time option -DCRYPTO_MDEBUG_THREAD. 1999-07-19 10:36:10 +00:00
Bodo Möller
458cddc104 Have CRYPTO_MDEBUG_TIME automatically set CRYPTO_MDEBUG, 
and make it the default for some debugging configurations.
 1999-07-19 09:25:35 +00:00
Bodo Möller
3dff94c2e4 Add optional (compile-time configurable) time to CRYPTO_mem_leaks output. 
This is much more helpful than the counter when doing tests with the library
interactively.
 1999-07-18 22:39:45 +00:00
Bodo Möller
dc347119e6 "make clean" has to delete date.h 1999-07-17 15:17:14 +00:00
Ulf Möller
cfa3747ba9 More DES library cleanups: remove references to srand/rand 
and delete an unused file.
 1999-07-15 23:47:02 +00:00
Ulf Möller
4f6235f701 RSA private keys without dmp1/dmq1/iqmp are also valid (but slower). 1999-07-15 23:45:04 +00:00
Ulf Möller
9a3bbbce91 NO_HMAC. 1999-07-15 23:44:04 +00:00
Dr. Stephen Henson
924154d9f2 Eliminate a warning: BN_mod_inverse() returns a (BIGNUM *) and remove and 
unnecessary cast.
 1999-07-13 00:00:05 +00:00
Bodo Möller
7eea36bb48 cosmetic changes 1999-07-12 18:50:34 +00:00
Dr. Stephen Henson
bbdb543844 More NASM support code it still doesn't work but it doesn't work less than it 
didn't work before :-)
 1999-07-12 18:12:43 +00:00
Bodo Möller
d9f0016bc5 typo in string 1999-07-12 16:46:28 +00:00
Dr. Stephen Henson
72e2ffee20 Beginnings of experimental support for NASM assembler. This is a free 
assembler for various X86 platforms including Win32. It can output object files
that VC++ will tolerate so it could be used to provide assembly language support
to Win32 without the need for MASM.

This is preliminary stuff: it doesn't even work yet.
 1999-07-12 12:33:16 +00:00
Bodo Möller
3a55fc1aab correct error handling 
insert spaces in products that occur in error codes
 1999-07-12 09:46:34 +00:00
Bodo Möller
8735ee6f5d typo 1999-07-11 22:06:54 +00:00
Bodo Möller
6519b2cb92 New function RSA_check_key. 1999-07-11 22:01:41 +00:00
Bodo Möller
03cd49447f New function RSA_check_key, 
openssl rsa -check
 1999-07-11 22:00:55 +00:00
Dr. Stephen Henson
f598cd13a3 Various changes to stop VC++ choking under Win32. 1999-07-11 17:09:04 +00:00
Dr. Stephen Henson
f513939ebb Add a debugging option to PKCS#5 v2.0 key generation function. 1999-07-11 12:40:46 +00:00
Dr. Stephen Henson
0ab8beb480 Copy flags in ASN1_STRING_dup() 1999-07-11 12:30:55 +00:00
Dr. Stephen Henson
f8be08d200 SXnet code was freeing up the extension data rather than the temporary 
zone number.
 1999-07-10 12:48:31 +00:00
Bodo Möller
777ab7e611 Fix memory checking. 1999-07-09 16:27:30 +00:00
Ulf Möller
a026fd201f Obsolete/experimental code. 1999-07-09 15:23:11 +00:00
Bodo Möller
5685dcd445 improve readability of #if conditions (ELF, if defined, supersedes BSDI 
[which we don't really define if ELF is defined, but who knows])
 1999-07-06 17:28:29 +00:00
Bodo Möller
c91b5c717c avoid confliction definitions of NDEBUG 1999-07-05 11:01:16 +00:00
Bodo Möller
e334d78b87 Disable asserts for standard configurations. 1999-07-05 10:18:51 +00:00
Ulf Möller
5271ebd9a3 More no-xxx option tweaks. 1999-06-30 00:42:56 +00:00
Ulf Möller
5676d8cb76 Fix no-hmac and no-ripemd. 1999-06-29 23:52:08 +00:00
Dr. Stephen Henson
ce8b257413 New functions to allow RSA_METHODs to be changed without poking round in 
RSA structure internals.
 1999-06-29 22:22:42 +00:00
Ulf Möller
e371828067 Use "long long" for all Win32 gcc ports. 1999-06-28 16:17:38 +00:00
Bodo Möller
7722424462 With mingw32, use "long long" rather than "_int64" (the latter does 
not work, at least the package mentioned in INSTALL.W32 does not know
about it).
 1999-06-28 14:38:31 +00:00
Bodo Möller
baac3b4b5f Close another memory hole. 1999-06-25 13:49:55 +00:00
Bodo Möller
227cd06ffe Avoid some memory holes, one of which was pointed out by 
"Chad C. Mulligan" <mulligan@antipope.org>.
 1999-06-25 13:41:35 +00:00
Dr. Stephen Henson
034292ad6a Fix d2i_ASN1_INTEGER() and i2d_ASN1_INTEGER() so it correctly works out 
the length of negative integers.
 1999-06-24 01:50:27 +00:00
Bodo Möller
946cbf67af Don't use inline assembler when configured for "no-asm". 1999-06-23 12:18:31 +00:00
Dr. Stephen Henson
170afce58d New function PKCS7_signatureVerify to allow the signing certificate to 
be explicitly stated with PKCS#7 verify.

Also fix for util/mkerr.pl: if the -nostatic option is being used this will be
for an external library so the autogenerated C file should include the
header file as:
#include "any/path/to/header.h"
rather than the internal library form:
#include <openssl/header.h>
 1999-06-22 13:33:22 +00:00
Dr. Stephen Henson
dbd665c210 Change the PEM_* function prototypes to use DECLARE_PEM macros and change 
util/mkdef.pl to handle this. Also do a 'make update'.
 1999-06-22 01:38:31 +00:00
Dr. Stephen Henson
66ab08b1cf Implement STACK_OF(ANS1_OBJECT) for extended key usage extension, change the 
documentation to reflect the STACK_OF(CONF_VALUE) change to the CONF lib and
use ANSI typedefs for X509V3_EXT_I2D and X509V3_EXT_FREE.
 1999-06-21 23:59:09 +00:00
Ben Laurie
10cea23bd4 Don't shadow. 1999-06-21 10:08:56 +00:00
Bodo Möller
a6c1b3a9ac "make update" 1999-06-21 10:04:48 +00:00
Dr. Stephen Henson
ba404b5e86 Convert the CONF library to use a typesafe stack: a STACK_OF(CONF_VALUE). It 
seemed like a good idea at the time... several hours later it was rather
obvious that these are used all over the place making the changes rather
extensive.
 1999-06-20 22:18:16 +00:00
Dr. Stephen Henson
8623f693d9 New functions CONF_load_bio() and CONF_load_fp() to load a configuration 
file from a bio or fp. Added some more constification to the BN library.
 1999-06-20 17:36:11 +00:00
Bodo Möller
a111306bbc New function CRYPTO_num_locks. 1999-06-18 16:14:18 +00:00
Bodo Möller
2de625408a Use same name in the definition as in the header file declaration :-/ 
(the extra "get" makes the name quite long, but otherwise it'd sound
as if you could request something rather than obtain information
about what the peer did).
 1999-06-18 12:28:29 +00:00