wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
12138 commits 20 branches 302 tags 153 MiB
Commit graph

739 commits

Author SHA1 Message Date
Bodo Möller
9d0397e977 make update 2011-02-03 10:17:53 +00:00
Bodo Möller
2440d8b1db Fix error codes. 2011-02-03 10:03:23 +00:00
Dr. Stephen Henson
df6de39fe7 Change AR to ARX to allow exclusion of fips object modules 2011-01-26 16:08:08 +00:00
Dr. Stephen Henson
7d05edd12e PR: 2433 
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().
 2011-01-24 16:19:52 +00:00
Dr. Stephen Henson
d3f17e5ed3 stop warning with no-engine 2011-01-13 15:41:58 +00:00
Dr. Stephen Henson
968062b7d3 Fix escaping code for string printing. If *any* escaping is enabled we 
must escape the escape character itself (backslash).
 2011-01-03 01:31:24 +00:00
Dr. Stephen Henson
d7d5a55d22 Support routines for ASN1 scanning function, doesn't do much yet. 2010-12-13 18:15:28 +00:00
Dr. Stephen Henson
8ec3fa0597 fix signature printing routines 2010-10-04 13:58:41 +00:00
Dr. Stephen Henson
39239280f3 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(), 
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
 2010-10-03 18:58:09 +00:00
Ben Laurie
c8bbd98a2b Fix warnings. 2010-06-12 14:13:23 +00:00
Dr. Stephen Henson
359b0c9fb8 experimental function to convert ASN1_TIME to tm, not used or even compiled in yet 2010-05-03 12:17:44 +00:00
Dr. Stephen Henson
e19f6678f5 print signature parameters with CRLs too 2010-03-14 13:10:48 +00:00
Dr. Stephen Henson
8d207ee3d1 add X509_CRL_sign_ctx function 2010-03-14 12:52:38 +00:00
Dr. Stephen Henson
85522a074c Algorithm specific ASN1 signing functions. 2010-03-11 13:32:38 +00:00
Dr. Stephen Henson
ce25c7207b New function X509_ALGOR_set_md() to set X509_ALGOR (DigestAlgorithmIdentifier) 
from a digest algorithm.
 2010-03-11 13:27:05 +00:00
Dr. Stephen Henson
31904ecdf3 RSA PSS verification support including certificates and certificate 
requests. Add new ASN1 signature initialisation function to handle this
case.
 2010-03-08 18:10:35 +00:00
Dr. Stephen Henson
809cd0a22d print outermost signature algorithm parameters too 2010-03-07 17:02:47 +00:00
Dr. Stephen Henson
7ed485bc9f The OID sanity check was incorrect. It should only disallow *leading* 0x80 
values.
 2010-03-07 16:40:05 +00:00
Dr. Stephen Henson
9ef6fe8c2e typo 2010-03-07 15:37:37 +00:00
Dr. Stephen Henson
a5667732b9 update ASN1 sign/verify to use EVP_DigestSign and EVP_DigestVerify 2010-03-07 12:05:45 +00:00
Dr. Stephen Henson
148924c1f4 fix indent, newline 2010-03-06 18:14:13 +00:00
Dr. Stephen Henson
fa1ba589f3 Add algorithm specific signature printing. An individual ASN1 method can 
now print out signatures instead of the standard hex dump.

More complex signatures (e.g. PSS) can print out more meaningful information.

Sample DSA version included that prints out the signature parameters r, s.

[Note EVP_PKEY_ASN1_METHOD is an application opaque structure so adding
 new fields in the middle has no compatibility issues]
 2010-03-06 18:05:05 +00:00
Dr. Stephen Henson
c8ef656df2 Make CMAC API similar to HMAC API. Add methods for CMAC. 2010-02-08 15:31:35 +00:00
Dr. Stephen Henson
ec7d16ffdd Check it actually compiles this time ;-) 2009-12-02 14:25:40 +00:00
Dr. Stephen Henson
5656f33cea PR: 2120 
Submitted by: steve@openssl.org

Initialize fields correctly if pem_str or info are NULL in  EVP_PKEY_asn1_new().
 2009-12-02 13:56:45 +00:00
Dr. Stephen Henson
3d63b3966f Split PBES2 into cipher and PBKDF2 versions. This tidies the code somewhat 
and is a pre-requisite to adding password based CMS support.
 2009-11-25 22:01:06 +00:00
Dr. Stephen Henson
c18e51ba5e PR: 2088 
Submitted by: Aleksey Samsonov <s4ms0n0v@gmail.com>
Approved by: steve@openssl.org

Fix memory leak in d2i_PublicKey().
 2009-11-12 19:56:56 +00:00
Dr. Stephen Henson
b599006751 PR: 2090 
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

Improve error checking in asn1_gen.c
 2009-11-10 00:48:07 +00:00
Dr. Stephen Henson
04f9095d9e Fix unitialized warnings 2009-10-04 16:52:51 +00:00
Dr. Stephen Henson
78ca13a272 PR: 2056 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_wirte error handling in asn1_par.c
 2009-10-01 00:11:04 +00:00
Dr. Stephen Henson
b6dcdbfc94 Audit libcrypto for unchecked return values: fix all cases enountered 2009-09-23 23:43:49 +00:00
Dr. Stephen Henson
f4274da164 PR: 1644 
Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.
 2009-09-06 15:49:46 +00:00
Dr. Stephen Henson
17b5326ba9 PR: 2013 
Submitted by: steve@openssl.org

Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.

Add error checking to CRL generation in ca utility when nextUpdate is being
set.
 2009-09-02 13:54:50 +00:00
Dr. Stephen Henson
e33d290159 PR: 2004 
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Approved by: steve@openssl.org

Handle fractional seconds properly in ASN1_GENERALIZEDTIME_print
 2009-08-10 14:56:57 +00:00
Dr. Stephen Henson
d9d0f1b52c Reject leading 0x80 in OID subidentifiers. 2009-08-06 16:32:54 +00:00
Dr. Stephen Henson
512d359e26 Update from 1.0.0-stable. 2009-07-27 21:22:02 +00:00
Dr. Stephen Henson
6e0c9e6008 Update from 1.0.0-stable. 2009-07-11 21:43:50 +00:00
Dr. Stephen Henson
220bd84911 Updates from 1.0.0-stable 2009-04-06 15:22:01 +00:00
Dr. Stephen Henson
14023fe352 Merge from 1.0.0-stable branch. 2009-04-03 11:45:19 +00:00
Dr. Stephen Henson
73ba116e96 Update from stable branch. 2009-03-25 12:54:14 +00:00
Dr. Stephen Henson
80b2ff978d Update from stable branch. 2009-03-25 12:53:50 +00:00
Dr. Stephen Henson
7ce8c95d58 Update from stable branch. 2009-03-25 12:53:26 +00:00
Dr. Stephen Henson
854a225a27 Update from stable branch. 2009-03-14 18:33:49 +00:00
Dr. Stephen Henson
33ab2e31f3 PR: 1854 
Submitted by: Oliver Martin <oliver@volatilevoid.net>
Reviewed by: steve@openssl.org

Support GeneralizedTime in ca utility.
 2009-03-09 13:59:07 +00:00
Dr. Stephen Henson
477fd4596f PR: 1835 
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org

Fix various typos.
 2009-02-14 21:49:38 +00:00
Dr. Stephen Henson
ede6ef5e08 Submitted by: Peter Sylvester <Peter.Sylvester@edelweb.fr> 
Reviewed by: steve

If tagging is universal and SET or SEQUENCE set constructed bit.
 2009-02-10 12:13:08 +00:00
Dr. Stephen Henson
57f39cc826 Print out UTF8 and NumericString types in ASN1 parsing utility. 2009-01-28 12:54:52 +00:00
Dr. Stephen Henson
6489573224 Update from stable branch. 2009-01-28 12:36:14 +00:00
Dr. Stephen Henson
079e00e646 Typo: just copy across an unknown type. 2009-01-28 12:32:03 +00:00
Ben Laurie
23b973e600 Calculate offset correctly. (Coverity ID 233) 2009-01-01 18:30:51 +00:00
Ben Laurie
ccf529928f !a && !a->b is clearly wrong! Changed to !a || !a->b (Coverity ID 145). 2008-12-26 15:32:59 +00:00
Geoff Thorpe
6343829a39 Revert the size_t modifications from HEAD that had led to more 
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
 2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2e5975285e Update obsolete email address... 2008-11-05 18:39:08 +00:00
Dr. Stephen Henson
5947ca0409 Don't use clobbered 'i' for checking UTCTime and GeneralizedTime length. 2008-11-05 18:28:24 +00:00
Ben Laurie
5e4430e70d More size_tification. 2008-11-01 16:40:37 +00:00
Ben Laurie
4d6e1e4f29 size_tification. 2008-11-01 14:37:00 +00:00
Dr. Stephen Henson
e19106f5fb Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros 
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.

This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
 2008-10-22 15:43:01 +00:00
Dr. Stephen Henson
606f6c477a Fix a shed load or warnings: 
Duplicate const.
Use of ; outside function.
 2008-10-20 15:12:00 +00:00
Ben Laurie
babb379849 Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
Dr. Stephen Henson
87d3a0cd90 Experimental new date handling routines. These fix issues with X509_time_adj() 
and should avoid any OS date limitations such as the year 2038 bug.
 2008-10-07 22:55:27 +00:00
Dr. Stephen Henson
d43c4497ce Initial support for delta CRLs. If "use deltas" flag is set attempt to find 
a delta CRL in addition to a full CRL. Check and search delta in addition to
the base.
 2008-09-01 15:15:16 +00:00
Dr. Stephen Henson
4b96839f06 Add support for CRLs partitioned by reason code. 
Tidy CRL scoring system.

Add new CRL path validation error.
 2008-08-29 11:37:21 +00:00
Dr. Stephen Henson
d0fff69dc9 Initial indirect CRL support. 2008-08-20 16:42:19 +00:00
Dr. Stephen Henson
e9746e03ee Initial support for name constraints certificate extension. 
TODO: robustness checking on name forms.
 2008-08-08 15:35:29 +00:00
Dr. Stephen Henson
6d6c47980e Correctly handle errors in CMS I/O code. 2008-08-05 15:55:53 +00:00
Dr. Stephen Henson
3e727a3b37 Add support for nameRelativeToCRLIssuer field in distribution point name 
fields.
 2008-08-04 15:34:27 +00:00
Bodo Möller
efa73a77e4 Make sure not to read beyond end of buffer 2008-07-16 18:10:27 +00:00
Dr. Stephen Henson
d4cdbab99b Avoid warnings with -pedantic, specifically: 
Conversion between void * and function pointer.
Value computed not used.
Signed/unsigned argument.
 2008-07-04 23:12:52 +00:00
Dr. Stephen Henson
6cb9fca70d Fix memory leak. The canonical X509_NAME_ENTRY STACK is reallocated rather 
than referencing existing X509_NAME_ENTRY structures so needs to be
completely freed.
 2008-06-06 11:26:07 +00:00
Ben Laurie
5ce278a77b More type-checking. 2008-06-04 11:01:43 +00:00
Dr. Stephen Henson
964c7e8f6d Fix it properly this time.... 2008-03-31 18:21:30 +00:00
Dr. Stephen Henson
f6a45ac5ac Fix macro. 2008-03-31 18:14:10 +00:00
Dr. Stephen Henson
2e86f0d8d7 Use correct headers for signed receipts. Use consistent naming. 
Update cms-test.pl to support OpenSSL 0.9.8.
 2008-03-31 15:03:55 +00:00
Dr. Stephen Henson
ab568a17cf Fix duplicate asn1 ctrl values. 2008-03-23 14:13:45 +00:00
Dr. Stephen Henson
fe591284be Update dependencies. 2008-03-22 18:52:03 +00:00
Geoff Thorpe
1e26a8baed Fix a variety of warnings generated by some elevated compiler-fascism, 
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
 2008-03-16 21:05:46 +00:00
Dr. Stephen Henson
7c337e00d2 Fix some warnings. 2008-03-16 20:59:10 +00:00
Dr. Stephen Henson
a78a03744d Only call free once in CHOICE type. 2008-03-14 00:57:01 +00:00
Dr. Stephen Henson
8931b30d84 And so it begins... 
Initial support for CMS.

Add zlib compression BIO.

Add AES key wrap implementation.

Generalize S/MIME MIME code to support CMS and/or PKCS7.
 2008-03-12 21:14:28 +00:00
Dr. Stephen Henson
56c7754cab Avoid warnings. 2008-02-28 14:05:01 +00:00
Dr. Stephen Henson
a70a49a018 Fix typo and avoid warning. 2008-02-28 13:18:26 +00:00
Dr. Stephen Henson
1ad90a916b Extend attribute setting routines to support non-string types. 2008-02-11 13:59:33 +00:00
Dr. Stephen Henson
9e5df8e448 Support custom primitive type printing routines and add one to LONG type. 2008-02-08 13:07:04 +00:00
Andy Polyakov
4be63cfb55 Source readability fix, which incidentally works around XLC compiler bug. 2007-12-29 18:32:34 +00:00
Dr. Stephen Henson
2f0550c4c1 Lookup public key ASN1 methods by string by iterating through all 
implementations instead of all added ENGINEs to cover case where an
ENGINE is not added.
 2007-11-21 17:25:58 +00:00
Dr. Stephen Henson
94e6ae7a69 Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru> 
Make {d2i,i2d}_PrivateKey() fall back to PKCS#8 format if no legacy format
supported. Add support in d2i_AutoPrivateKey().
 2007-11-20 13:37:51 +00:00
Andy Polyakov
ebc06fba67 Bunch of constifications. 2007-10-13 15:51:32 +00:00
Dr. Stephen Henson
67c8e7f414 Support for certificate status TLS extension. 2007-09-26 21:56:59 +00:00
Andy Polyakov
a005fb019f Addenum to "Constify obj_dat.[ch]." 2007-09-18 22:15:31 +00:00
Dr. Stephen Henson
7c5921e736 Handle empty case in X509_NAME canonical encoding. 2007-09-14 18:11:17 +00:00
Dr. Stephen Henson
a6fbcb4220 Change safestack reimplementation to match 0.9.8. 
Fix additional gcc 4.2 value not used warnings.
 2007-09-07 13:25:15 +00:00
Andy Polyakov
34994068a4 Respect ISO aliasing rules. 
PR: 1296
 2007-07-27 20:34:10 +00:00
Dr. Stephen Henson
54b5fd537f WIN32 fixes. 2007-06-08 00:26:16 +00:00
Dr. Stephen Henson
3c07d3a3d3 Finish gcc 4.2 changes. 2007-06-07 13:14:42 +00:00
Dr. Stephen Henson
64a5c5d1be Fix X509_REQ_print_ex() to process extension options. 2007-05-22 23:31:29 +00:00
Dr. Stephen Henson
e77dbf325f Prepend signature name in dgst output. 2007-05-17 16:19:17 +00:00
Dr. Stephen Henson
e69adea539 New function EVP_PKEY_asn1_copy(). Use default MD if type param is NULL. 2007-05-15 23:52:03 +00:00
Dr. Stephen Henson
f8492ffeaa More useful ASN1 macros for static allocation functions. 2007-05-10 17:34:42 +00:00
Bodo Möller
96afc1cfd5 Add SEED encryption algorithm. 
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
 2007-04-23 23:48:59 +00:00
Dr. Stephen Henson
18f547734e New function ASN1_STRING_copy() to copy to an already 
alloacted ASN1_STRING structure.
 2007-04-14 17:53:55 +00:00