Dr. Stephen Henson
ad187f8905
Fix unitialized warnings
2009-10-04 16:52:35 +00:00
Dr. Stephen Henson
fed5333248
PR: 2056
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_wirte error handling in asn1_par.c
2009-10-01 00:11:49 +00:00
Dr. Stephen Henson
6c29853bf2
PR: 1644
...
Submitted by: steve@openssl.org
Fix to make DHparams_dup() et al work in C++.
For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.
2009-09-06 15:49:12 +00:00
Dr. Stephen Henson
e5eb96c83a
PR: 2013
...
Submitted by: steve@openssl.org
Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.
Add error checking to CRL generation in ca utility when nextUpdate is being
set.
2009-09-02 13:55:22 +00:00
Dr. Stephen Henson
ff0945cbdc
PR: 2004
...
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Approved by: steve@openssl.org
Handle fractional seconds properly in ASN1_GENERALIZEDTIME_print
2009-08-10 14:57:11 +00:00
Dr. Stephen Henson
ec6158d029
PR: 1996
...
Submitted by: steve@openssl.org
Change conflicting name "BLOCK" to "OPENSSL_BLOCK".
2009-07-27 21:21:25 +00:00
Dr. Stephen Henson
b4c81fb6db
Update from 0.9.8-stable
2009-07-24 11:15:55 +00:00
Dr. Stephen Henson
0c644f1462
PR: 1985
...
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Approved by: steve@openssl.org
Initialise flags.
2009-07-11 21:42:47 +00:00
Dr. Stephen Henson
c9a1778134
Fix error codes.
2009-04-05 11:54:34 +00:00
Dr. Stephen Henson
a6b03f4138
Make update fixing duplicate ASN1 error codes.
2009-04-01 08:55:54 +00:00
Dr. Stephen Henson
73ba116e96
Update from stable branch.
2009-03-25 12:54:14 +00:00
Dr. Stephen Henson
80b2ff978d
Update from stable branch.
2009-03-25 12:53:50 +00:00
Dr. Stephen Henson
7ce8c95d58
Update from stable branch.
2009-03-25 12:53:26 +00:00
Dr. Stephen Henson
854a225a27
Update from stable branch.
2009-03-14 18:33:49 +00:00
Dr. Stephen Henson
33ab2e31f3
PR: 1854
...
Submitted by: Oliver Martin <oliver@volatilevoid.net>
Reviewed by: steve@openssl.org
Support GeneralizedTime in ca utility.
2009-03-09 13:59:07 +00:00
Dr. Stephen Henson
477fd4596f
PR: 1835
...
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org
Fix various typos.
2009-02-14 21:49:38 +00:00
Dr. Stephen Henson
ede6ef5e08
Submitted by: Peter Sylvester <Peter.Sylvester@edelweb.fr>
...
Reviewed by: steve
If tagging is universal and SET or SEQUENCE set constructed bit.
2009-02-10 12:13:08 +00:00
Dr. Stephen Henson
57f39cc826
Print out UTF8 and NumericString types in ASN1 parsing utility.
2009-01-28 12:54:52 +00:00
Dr. Stephen Henson
6489573224
Update from stable branch.
2009-01-28 12:36:14 +00:00
Dr. Stephen Henson
079e00e646
Typo: just copy across an unknown type.
2009-01-28 12:32:03 +00:00
Ben Laurie
23b973e600
Calculate offset correctly. (Coverity ID 233)
2009-01-01 18:30:51 +00:00
Ben Laurie
ccf529928f
!a && !a->b is clearly wrong! Changed to !a || !a->b (Coverity ID 145).
2008-12-26 15:32:59 +00:00
Geoff Thorpe
6343829a39
Revert the size_t modifications from HEAD that had led to more
...
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2e5975285e
Update obsolete email address...
2008-11-05 18:39:08 +00:00
Dr. Stephen Henson
5947ca0409
Don't use clobbered 'i' for checking UTCTime and GeneralizedTime length.
2008-11-05 18:28:24 +00:00
Ben Laurie
5e4430e70d
More size_tification.
2008-11-01 16:40:37 +00:00
Ben Laurie
4d6e1e4f29
size_tification.
2008-11-01 14:37:00 +00:00
Dr. Stephen Henson
e19106f5fb
Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros
...
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.
This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
2008-10-22 15:43:01 +00:00
Dr. Stephen Henson
606f6c477a
Fix a shed load or warnings:
...
Duplicate const.
Use of ; outside function.
2008-10-20 15:12:00 +00:00
Ben Laurie
babb379849
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
Dr. Stephen Henson
87d3a0cd90
Experimental new date handling routines. These fix issues with X509_time_adj()
...
and should avoid any OS date limitations such as the year 2038 bug.
2008-10-07 22:55:27 +00:00
Dr. Stephen Henson
d43c4497ce
Initial support for delta CRLs. If "use deltas" flag is set attempt to find
...
a delta CRL in addition to a full CRL. Check and search delta in addition to
the base.
2008-09-01 15:15:16 +00:00
Dr. Stephen Henson
4b96839f06
Add support for CRLs partitioned by reason code.
...
Tidy CRL scoring system.
Add new CRL path validation error.
2008-08-29 11:37:21 +00:00
Dr. Stephen Henson
d0fff69dc9
Initial indirect CRL support.
2008-08-20 16:42:19 +00:00
Dr. Stephen Henson
e9746e03ee
Initial support for name constraints certificate extension.
...
TODO: robustness checking on name forms.
2008-08-08 15:35:29 +00:00
Dr. Stephen Henson
6d6c47980e
Correctly handle errors in CMS I/O code.
2008-08-05 15:55:53 +00:00
Dr. Stephen Henson
3e727a3b37
Add support for nameRelativeToCRLIssuer field in distribution point name
...
fields.
2008-08-04 15:34:27 +00:00
Bodo Möller
efa73a77e4
Make sure not to read beyond end of buffer
2008-07-16 18:10:27 +00:00
Dr. Stephen Henson
d4cdbab99b
Avoid warnings with -pedantic, specifically:
...
Conversion between void * and function pointer.
Value computed not used.
Signed/unsigned argument.
2008-07-04 23:12:52 +00:00
Dr. Stephen Henson
6cb9fca70d
Fix memory leak. The canonical X509_NAME_ENTRY STACK is reallocated rather
...
than referencing existing X509_NAME_ENTRY structures so needs to be
completely freed.
2008-06-06 11:26:07 +00:00
Ben Laurie
5ce278a77b
More type-checking.
2008-06-04 11:01:43 +00:00
Dr. Stephen Henson
964c7e8f6d
Fix it properly this time....
2008-03-31 18:21:30 +00:00
Dr. Stephen Henson
f6a45ac5ac
Fix macro.
2008-03-31 18:14:10 +00:00
Dr. Stephen Henson
2e86f0d8d7
Use correct headers for signed receipts. Use consistent naming.
...
Update cms-test.pl to support OpenSSL 0.9.8.
2008-03-31 15:03:55 +00:00
Dr. Stephen Henson
ab568a17cf
Fix duplicate asn1 ctrl values.
2008-03-23 14:13:45 +00:00
Dr. Stephen Henson
fe591284be
Update dependencies.
2008-03-22 18:52:03 +00:00
Geoff Thorpe
1e26a8baed
Fix a variety of warnings generated by some elevated compiler-fascism,
...
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
2008-03-16 21:05:46 +00:00
Dr. Stephen Henson
7c337e00d2
Fix some warnings.
2008-03-16 20:59:10 +00:00
Dr. Stephen Henson
a78a03744d
Only call free once in CHOICE type.
2008-03-14 00:57:01 +00:00
Dr. Stephen Henson
8931b30d84
And so it begins...
...
Initial support for CMS.
Add zlib compression BIO.
Add AES key wrap implementation.
Generalize S/MIME MIME code to support CMS and/or PKCS7.
2008-03-12 21:14:28 +00:00
Dr. Stephen Henson
56c7754cab
Avoid warnings.
2008-02-28 14:05:01 +00:00
Dr. Stephen Henson
a70a49a018
Fix typo and avoid warning.
2008-02-28 13:18:26 +00:00
Dr. Stephen Henson
1ad90a916b
Extend attribute setting routines to support non-string types.
2008-02-11 13:59:33 +00:00
Dr. Stephen Henson
9e5df8e448
Support custom primitive type printing routines and add one to LONG type.
2008-02-08 13:07:04 +00:00
Andy Polyakov
4be63cfb55
Source readability fix, which incidentally works around XLC compiler bug.
2007-12-29 18:32:34 +00:00
Dr. Stephen Henson
2f0550c4c1
Lookup public key ASN1 methods by string by iterating through all
...
implementations instead of all added ENGINEs to cover case where an
ENGINE is not added.
2007-11-21 17:25:58 +00:00
Dr. Stephen Henson
94e6ae7a69
Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
...
Make {d2i,i2d}_PrivateKey() fall back to PKCS#8 format if no legacy format
supported. Add support in d2i_AutoPrivateKey().
2007-11-20 13:37:51 +00:00
Andy Polyakov
ebc06fba67
Bunch of constifications.
2007-10-13 15:51:32 +00:00
Dr. Stephen Henson
67c8e7f414
Support for certificate status TLS extension.
2007-09-26 21:56:59 +00:00
Andy Polyakov
a005fb019f
Addenum to "Constify obj_dat.[ch]."
2007-09-18 22:15:31 +00:00
Dr. Stephen Henson
7c5921e736
Handle empty case in X509_NAME canonical encoding.
2007-09-14 18:11:17 +00:00
Dr. Stephen Henson
a6fbcb4220
Change safestack reimplementation to match 0.9.8.
...
Fix additional gcc 4.2 value not used warnings.
2007-09-07 13:25:15 +00:00
Andy Polyakov
34994068a4
Respect ISO aliasing rules.
...
PR: 1296
2007-07-27 20:34:10 +00:00
Dr. Stephen Henson
54b5fd537f
WIN32 fixes.
2007-06-08 00:26:16 +00:00
Dr. Stephen Henson
3c07d3a3d3
Finish gcc 4.2 changes.
2007-06-07 13:14:42 +00:00
Dr. Stephen Henson
64a5c5d1be
Fix X509_REQ_print_ex() to process extension options.
2007-05-22 23:31:29 +00:00
Dr. Stephen Henson
e77dbf325f
Prepend signature name in dgst output.
2007-05-17 16:19:17 +00:00
Dr. Stephen Henson
e69adea539
New function EVP_PKEY_asn1_copy(). Use default MD if type param is NULL.
2007-05-15 23:52:03 +00:00
Dr. Stephen Henson
f8492ffeaa
More useful ASN1 macros for static allocation functions.
2007-05-10 17:34:42 +00:00
Bodo Möller
96afc1cfd5
Add SEED encryption algorithm.
...
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:48:59 +00:00
Dr. Stephen Henson
18f547734e
New function ASN1_STRING_copy() to copy to an already
...
alloacted ASN1_STRING structure.
2007-04-14 17:53:55 +00:00
Dr. Stephen Henson
9cfc8a9d5c
Update smime utility to support streaming for -encrypt and -sign -nodetach
...
options. Add new streaming i2d (though strictly speaking it is BER format
when streaming) and PEM functions.
These all process content on the fly without storing it all in memory.
2007-04-13 01:06:41 +00:00
Dr. Stephen Henson
74633553a9
Experimental HMAC support via EVP_PKEY_METHOD.
2007-04-11 12:33:06 +00:00
Dr. Stephen Henson
0cc361f3e7
Fix from stable branch.
2007-04-08 17:45:47 +00:00
Nils Larsch
a0d48e7e7e
remove unused file
2007-03-02 19:42:16 +00:00
Lutz Jänicke
0636c39bb1
Fix incorrect handling of special characters
...
PR: 1459
Submitted by: tnitschke@innominate.com
Reviewed by: steve@openssl.org
2007-02-21 17:44:53 +00:00
Nils Larsch
92ada7cc52
remove unreachable code
2007-02-10 09:45:07 +00:00
Dr. Stephen Henson
2d3e956ae0
Update from 0.9.7-stable.
2007-01-23 17:53:48 +00:00
Dr. Stephen Henson
560b79cbff
Constify version strings and some structures.
2007-01-21 13:07:17 +00:00
Dr. Stephen Henson
11d8cdc6ad
Experimental streaming PKCS#7 support.
...
I thought it was about time I dusted this off. This stuff had been sitting on
my hard drive for *ages* (2003 in fact). Hasn't been tested well and may not
work properly.
Nothing uses it at present which is just as well.
Think of this as a traditional Christmas present which looks far more
impressive in the adverts and on the box, some of the bits are missing and
falls to bits if you play with it too much.
2006-12-24 16:22:56 +00:00
Nils Larsch
34f0a19309
remove trailing '\'
...
PR: 1438
2006-12-19 19:49:02 +00:00
Dr. Stephen Henson
10ca15f3fa
Fix change to OPENSSL_NO_RFC3779
2006-12-06 13:36:48 +00:00
Dr. Stephen Henson
4d7aff707e
Update dependencies.
2006-11-30 13:41:47 +00:00
Ben Laurie
96ea4ae91c
Add RFC 3779 support.
2006-11-27 14:18:05 +00:00
Dr. Stephen Henson
47a9d527ab
Update from 0.9.8 stable. Eliminate duplicate error codes.
2006-11-21 21:29:44 +00:00
Dr. Stephen Henson
de12116417
Initial, incomplete support for typesafe macros without using function
...
casts.
2006-11-16 00:19:39 +00:00
Dr. Stephen Henson
b37a68cc8f
Initialize old_priv_encode, old_priv_decode.
2006-10-27 11:43:27 +00:00
Bodo Möller
d326582cab
ASN1_item_verify needs to initialize ctx before any "goto err" can
...
happen; the new code for the OID cross reference table failed to do so.
2006-10-04 06:14:36 +00:00
Dr. Stephen Henson
f4c630abb3
Place standard CRL behaviour in default X509_CRL_METHOD new functions to
...
create, free and set default CRL method.
2006-10-03 02:47:59 +00:00
Mark J. Cox
348be7ec60
Fix ASN.1 parsing of certain invalid structures that can result
...
in a denial of service. (CVE-2006-2937) [Steve Henson]
2006-09-28 13:20:44 +00:00
Dr. Stephen Henson
5b73c3609b
Using correct lock for X509_REQ.
...
PR:1348
2006-09-22 17:06:09 +00:00
Dr. Stephen Henson
eebeb52b29
Update length if copying MSB set in asn1_string_canon().
2006-09-22 13:37:15 +00:00
Dr. Stephen Henson
1182301ca7
Do CRL method init after other operations.
2006-09-21 12:48:56 +00:00
Dr. Stephen Henson
010fa0b331
Tidy up CRL handling by checking for critical extensions when it is
...
loaded. Add new function X509_CRL_get0_by_serial() to lookup a revoked
entry to avoid the need to access the structure directly.
Add new X509_CRL_METHOD to allow common CRL operations (verify, lookup) to be
redirected.
2006-09-21 12:42:15 +00:00
Dr. Stephen Henson
4d50a2b4d6
Add verify callback functions to lookup a STACK of matching certs or CRLs
...
based on subject name.
New thread safe functions to retrieve matching STACK from X509_STORE.
Cache some IDP components.
2006-09-10 12:38:37 +00:00
Dr. Stephen Henson
539d4c1030
Fix leak
2006-08-31 20:10:37 +00:00
Dr. Stephen Henson
edc540211c
Cache some CRL related extensions.
2006-07-24 12:39:22 +00:00
Dr. Stephen Henson
2eed3a3cc8
Avoid warning.
2006-07-21 22:46:19 +00:00
Dr. Stephen Henson
450ea83495
Store canonical encodings of Name structures. Update X509_NAME_cmp() to use
...
them.
2006-07-18 12:36:19 +00:00
Dr. Stephen Henson
5c95c2ac23
Fix various error codes to match functions.
2006-07-17 16:33:31 +00:00
Bodo Möller
f3dea9a595
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:44:59 +00:00
Andy Polyakov
6f344eab03
Fix obvious typo.
2006-06-05 16:04:09 +00:00
Dr. Stephen Henson
41eacc84a0
Clarify comment and add #ifdef.
2006-06-05 12:38:22 +00:00
Dr. Stephen Henson
01b8b3c7d2
Complete EVP_PKEY_ASN1_METHOD ENGINE support.
2006-06-05 11:52:46 +00:00
Dr. Stephen Henson
ae519a247f
Extended PBES2 function supporting application supplied IV and PRF NID.
2006-05-17 12:47:17 +00:00
Dr. Stephen Henson
6d3a1eac3b
Add PRF preference ctrl to ciphers.
2006-05-15 18:35:13 +00:00
Richard Levitte
98bf13c36b
make update
2006-05-12 15:31:28 +00:00
Dr. Stephen Henson
399a6f0bd1
Update PKCS#7 enveloped data to new API.
2006-05-08 12:44:25 +00:00
Dr. Stephen Henson
03919683f9
Add support for default public key digest type ctrl.
2006-05-07 17:09:39 +00:00
Dr. Stephen Henson
cddaba8ede
Add 'flags' parameter to EVP_PKEY_asn1_meth_new() to set algorithm flags.
2006-04-21 17:38:58 +00:00
Dr. Stephen Henson
ee1d9ec019
Remove link between digests and signature algorithms.
...
Use cross reference table in ASN1_item_sign(), ASN1_item_verify() to eliminate
the need for algorithm specific code.
2006-04-19 17:05:59 +00:00
Dr. Stephen Henson
492a9e2415
Allow public key ASN1 methods to set PKCS#7 SignerInfo structures.
2006-04-17 17:12:23 +00:00
Dr. Stephen Henson
c20276e4ae
Fix (most) WIN32 warnings and errors.
2006-04-17 12:08:22 +00:00
Dr. Stephen Henson
5950bf7943
Revert to original...
2006-04-15 13:15:25 +00:00
Dr. Stephen Henson
4141c803d8
Oops...
2006-04-15 13:12:42 +00:00
Dr. Stephen Henson
f3481ca28f
Print out zero length string properly.
2006-04-14 16:47:18 +00:00
Dr. Stephen Henson
f5cda4cbb1
Initial keygen support.
2006-04-11 13:28:52 +00:00
Dr. Stephen Henson
07e970c7e6
Initial functions for RSA EVP_PKEY_METHOD.
...
Update dependencies.
2006-04-08 00:15:07 +00:00
Dr. Stephen Henson
9e4d0f0be2
New utility 'pkeyutl' a general purpose version of 'rsautl'.
2006-04-07 19:33:28 +00:00
Dr. Stephen Henson
e46691a0bc
New function to add dynamic alias.
2006-04-05 13:24:19 +00:00
Dr. Stephen Henson
9c9c98ad2e
Typo.
2006-04-05 12:00:22 +00:00
Dr. Stephen Henson
863779065e
Fix dynamic public key method lookup.
2006-04-04 18:32:19 +00:00
Dr. Stephen Henson
0b33dac310
New function to retrieve ASN1 info on public key algorithms. New command
...
line option to print out info.
2006-04-04 18:16:03 +00:00
Dr. Stephen Henson
db98bbc114
Initial support for generalized public key parameters.
2006-03-24 13:46:58 +00:00
Dr. Stephen Henson
e42633140e
Add support for legacy PEM format private keys in EVP_PKEY_ASN1_METHOD.
2006-03-23 18:02:23 +00:00
Dr. Stephen Henson
d82e2718e2
Add information and pem strings. Update dependencies.
2006-03-23 11:54:51 +00:00
Dr. Stephen Henson
18e377b4ff
Make EVP_PKEY_ASN1_METHOD opaque. Add application level functions to
...
initialize it. Initial support for application added public key ASN1.
2006-03-22 17:59:49 +00:00
Dr. Stephen Henson
1b593194be
Move algorithm specific print code from crypto/asn1/t_pkey.c to separate
...
*_prn.c files in each algorithm directory.
2006-03-22 13:34:19 +00:00
Dr. Stephen Henson
35208f368c
Gather printing routines into EVP_PKEY_ASN1_METHOD.
2006-03-22 13:09:35 +00:00
Dr. Stephen Henson
6f81892e6b
Transfer parameter handling and key comparison to algorithm methods.
2006-03-20 17:56:05 +00:00
Dr. Stephen Henson
448be74335
Initial support for pluggable public key ASN1 support. Process most public
...
key ASN1 handling through a single EVP_PKEY_ASN1_METHOD structure and move
the spaghetti algorithm specific code to a single ASN1 module for each
algorithm.
2006-03-20 12:22:24 +00:00
Nils Larsch
67b6f1ca88
fix problems found by coverity: remove useless code
2006-03-15 17:45:43 +00:00
Nils Larsch
40f51f506c
create BN_CTX object
2006-03-15 08:37:35 +00:00
Nils Larsch
6c73d01142
constify some print and ts functions
2006-03-05 20:19:05 +00:00
Nils Larsch
6384e46da3
make some parameters const
2006-03-04 13:55:02 +00:00
Dr. Stephen Henson
350a404cb8
Print out <INVALID> if an OID value is invalid.
2006-02-21 01:00:08 +00:00
Dr. Stephen Henson
827c55741b
Tolerate a SEQUENCE in DN components.
2006-02-19 13:44:47 +00:00
Nils Larsch
b3e72fc37f
make some internal functions static; patch supplied by Kurt Roeckx
2006-02-15 20:20:20 +00:00
Dr. Stephen Henson
e7a8b47f1a
Fix warnings.
2006-02-15 14:45:31 +00:00
Ulf Möller
3b408d83fe
make update
2006-02-12 23:21:56 +00:00
Ulf Möller
c7235be6e3
RFC 3161 compliant time stamp request creation, response generation
...
and response verification.
Submitted by: Zoltan Glozik <zglozik@opentsa.org>
Reviewed by: Ulf Moeller
2006-02-12 23:11:56 +00:00
Nils Larsch
82e8372f17
p could be uninitialized
2006-02-08 18:51:17 +00:00
Dr. Stephen Henson
15ac971681
Update filenames in makefiles.
2006-02-04 01:45:59 +00:00
Dr. Stephen Henson
c7474d077b
Ignore zero length constructed segments.
2006-01-31 18:36:29 +00:00
Nils Larsch
8c5a2bd6bb
add additional checks + cleanup
...
Submitted by: David Hartman <david_hartman@symantec.com>
2006-01-29 23:12:22 +00:00
Dr. Stephen Henson
25a58453ff
Fixes for BOOL handling: produce errors for invalid string for mini-compiler,
...
correctly encode FALSE for BOOL in ASN1_TYPE.
2006-01-19 17:16:56 +00:00
Nils Larsch
802d7fa6d5
support numeric strings in ASN1_generate_nconf
2006-01-14 09:21:33 +00:00
Bodo Möller
51eb1b81f6
Avoid contradictive error code assignments.
...
"make errors".
2006-01-08 21:54:24 +00:00
Bodo Möller
739a543ea8
Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)
2006-01-08 19:42:30 +00:00
Dr. Stephen Henson
9ee0f7b7e0
In ASN1_parse() show tag value for ASN1 tags > 30.
2006-01-03 14:20:07 +00:00