Dr. Stephen Henson
21131f00d7
New function PKC12_newpass()
1999-12-03 03:46:18 +00:00
Dr. Stephen Henson
6ea5314007
Fix a bug in the modified purpose code: it wasn't updated to use the
...
new purpose getting function.
Update the ca-cert.pem and pca-cert.pem "CA" certificates so they
really are CA certificate: that is they have the appropriate extensions.
1999-12-03 00:53:48 +00:00
Dr. Stephen Henson
dd4134101f
Change the trust and purpose code so it doesn't need init
...
either and has a static and dynamic mix.
1999-12-02 02:33:56 +00:00
Dr. Stephen Henson
08cba61011
Modify the X509 V3 extension lookup code.
1999-12-01 01:49:46 +00:00
Dr. Stephen Henson
bb7cd4e3eb
Remainder of SSL purpose and trust code: trust and purpose setting in
...
SSL_CTX and SSL, functions to set them and defaults if no values set.
1999-11-29 22:35:00 +00:00
Dr. Stephen Henson
13938aceca
Add part of chain verify SSL support code: not complete or doing anything
...
yet.
Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.
Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
1999-11-29 01:09:25 +00:00
Dr. Stephen Henson
51630a3706
Add trust setting support to the verify code. It now checks the
...
trust settings of the root CA.
After a few fixes it seems to work OK.
Still need to add support to SSL and S/MIME code though.
1999-11-27 19:43:10 +00:00
Richard Levitte
74ecf9e2bb
Add compilation of x509_trs
1999-11-27 15:26:48 +00:00
Dr. Stephen Henson
21f775522b
Oops! Commit died on me :-(
1999-11-27 01:18:39 +00:00
Dr. Stephen Henson
9868232ae1
Initial trust code: allow setting of trust checking functions
...
in a table. Doesn't do too much yet.
Make the -<digestname> options in 'x509' affect all relevant
options.
Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.
A few constification changes.
1999-11-27 01:14:04 +00:00
Dr. Stephen Henson
d4cec6a13d
New options to the -verify program which can be used for chain verification.
...
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.
Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
1999-11-26 00:27:07 +00:00
Dr. Stephen Henson
1126239111
Initial chain verify code: not tested probably not working
...
at present. However nothing enables it yet so this doesn't
matter :-)
1999-11-24 01:31:49 +00:00
Dr. Stephen Henson
6d3724d3b0
Support for authority information access extension.
...
Fix so EVP_PKEY_rset_*() check return codes.
1999-11-23 18:50:28 +00:00
Dr. Stephen Henson
52664f5081
Transparent support for PKCS#8 private keys in RSA/DSA.
...
New universal public key format.
Fix CRL+cert load problem in by_file.c
Make verify report errors when loading files or dirs
1999-11-21 22:28:31 +00:00
Dr. Stephen Henson
a716d72734
Support for otherName in GeneralName.
1999-11-19 02:19:58 +00:00
Ben Laurie
44eca70641
Update dependencies.
1999-11-18 14:32:54 +00:00
Ulf Möller
4f23052492
Missing #ifdef NO_DES
1999-11-17 13:03:29 +00:00
Dr. Stephen Henson
f76d8c4747
Modify verify code to handle self signed certificates.
1999-11-17 01:20:29 +00:00
Bodo Möller
b1fe6ca175
Store verify_result with sessions to avoid potential security hole.
1999-11-16 23:15:41 +00:00
Dr. Stephen Henson
91895a5938
Fix for a bug in PKCS#7 code and non-detached data.
...
Remove rc4-64 from ciphers since it doesn't exist...
1999-11-16 14:54:50 +00:00
Dr. Stephen Henson
e947f39689
New function X509_cmp().
1999-11-16 00:56:03 +00:00
Dr. Stephen Henson
06556a1744
'req' fixes. Reinstate length check one request fields.
...
Fix to stop null being added to attributes.
Modify X509_LOOKUP, X509_INFO to handle auxiliary info.
1999-11-14 23:10:50 +00:00
Richard Levitte
6828f02c9a
The info removal code was overcomplicated, and error-prone (references being wrongly decreased). Fixed.
1999-11-12 21:51:24 +00:00
Bodo Möller
47d216940c
Avoid deadlock.
1999-11-12 16:20:30 +00:00
Richard Levitte
71d7526b72
Avoid some silly compiler warnings, and add the change log I forgot :-)
1999-11-12 03:12:46 +00:00
Richard Levitte
1f575f1b1d
Two changes have been made:
...
1. Added code to the memory leak detecting code to give the user the
possibility to add information, thereby forming a traceback.
2. Make the memory leak detecting code multithread-safe.
The idea is that we're actually dealing with two separate critical
sections, one containing the hash tables with the information, the
other containing the current memory checking mode. Those should not
be handled with the same lock, especially since their handling overlap.
Hence, the added second lock.
1999-11-12 02:51:24 +00:00
Richard Levitte
f18a93ab04
Some crypto applications are now being built on Unix, so they should on VMS as well. Not by default, however.
1999-11-12 02:21:49 +00:00
Richard Levitte
03da458a06
It's possible that considering the configuration file as a binary file
...
works on Unix and MS-DOS/Windows. It does not under VMS, so open it
as text.
1999-11-12 02:19:05 +00:00
Richard Levitte
f48158b854
Avoid silly compiler warnings about functions not being declared and an int missing.
1999-11-12 02:10:23 +00:00
Richard Levitte
b3e1a4c68c
Some new names in asn1.h are longer than 31 chars, which disturbs the VMS C compilers...
1999-11-12 02:04:30 +00:00
Richard Levitte
c96ab5101a
Make sure installed files are world readable
1999-11-12 01:42:59 +00:00
Dr. Stephen Henson
53b1899e3c
Fix a couple of outstanding issues: update STATUS file, fix NO_FP_API problems.
...
Update docs, change 'ca' to use the new callback parameter. Now moved key_callback
into app.c because some other utilities will use it soon.
1999-11-11 13:58:41 +00:00
Bodo Möller
0d9cfe1ae7
Undo silly change.
1999-11-09 16:41:52 +00:00
Ben Laurie
95fdc5eef9
Fix (spurious) warnings.
1999-11-09 12:09:24 +00:00
Bodo Möller
5fe2085bba
Avoid some warnings.
1999-11-09 10:00:15 +00:00
Dr. Stephen Henson
a0ad17bb6c
Fix to the -revoke option in ca. It was leaking memory, crashing and just
...
plain not working :-(
Also fix some memory leaks in the new X509_NAME code.
Fix so new app_rand code doesn't crash 'x509' and move #include so it compiles
under Win32.
1999-11-08 13:58:08 +00:00
Dr. Stephen Henson
ce1b4fe146
Allow additional information to be attached to a
...
certificate: currently this includes trust settings
and a "friendly name".
1999-11-04 00:45:35 +00:00
Mark J. Cox
ce2c95b2a2
Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). The
...
problem was that one of the replacement routines had not been working since
SSLeay releases. For now the offending routine has been replaced with
non-optimised assembler. Even so, this now gives around 95% performance
improvement for 1024 bit RSA signs.
1999-11-03 14:10:10 +00:00
Ulf Möller
b05eaeb545
*** empty log message ***
1999-10-30 19:09:05 +00:00
Dr. Stephen Henson
9716a8f9f2
Fix to PKCS#7 routines so it can decrypt some oddball RC2 handling.
1999-10-29 13:06:25 +00:00
Dr. Stephen Henson
74400f7348
Continued multibyte character support.
...
Add a bunch of functions to simplify the creation of X509_NAME structures.
Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.
1999-10-27 00:15:11 +00:00
Bodo Möller
62ac293801
Always hash the pid in the first iteration in ssleay_rand_bytes,
...
don't try to detect fork()s by looking at getpid().
The reason is that threads sharing the same memory can have different
PIDs; it's inefficient to run RAND_seed each time a different thread
calls RAND_bytes.
1999-10-26 16:26:48 +00:00
Bodo Möller
c1e744b912
Make md_rand.c more robust.
1999-10-26 14:49:12 +00:00
Bodo Möller
a31011e8e0
Various randomness handling bugfixes and improvements --
...
some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.
1999-10-26 01:56:29 +00:00
Bodo Möller
38899535f8
Report an error from X509_STORE_load_locations
...
when X509_LOOKUP_load_file or X509_LOOKUP_add_dir failed.
1999-10-26 01:52:16 +00:00
Bodo Möller
798757762a
Improve support for running everything as a monolithic application.
...
Submitted by: Lennart Bång, Bodo Möller
1999-10-25 19:36:01 +00:00
Bodo Möller
a5fcd09e75
Respect PEX_LIBS and EX_LIBS when building binaries
...
(needed for RSAREF builds)
1999-10-25 19:28:38 +00:00
Dr. Stephen Henson
f769ce3ea4
More multibyte character support.
...
Functions to get keys from EVP_PKEY structures.
1999-10-25 02:00:09 +00:00
Ben Laurie
042a93e443
Constification.
1999-10-23 09:30:09 +00:00
Ben Laurie
cbb448c945
Don't return stuff from void functions.
1999-10-23 09:19:42 +00:00
Dr. Stephen Henson
462f79ec44
New function ASN1_mbstring_copy() to handle ASN1 string copying. Ultimately
...
this will be used to clear up the horrible DN mess.
1999-10-21 13:20:49 +00:00
Dr. Stephen Henson
08e9c1af6c
Replace the macros in asn1.h with function equivalents. Also make UTF8Strings
...
tolerated in certificates.
1999-10-20 01:50:23 +00:00
Bodo Möller
023c8d0b0a
Use of DEVRANDOM must be #ifdef'ed (the #ifdef was commented out
...
between SSLeay 0.8.1b and 0.9.0b with no apparent reason).
If we *want* an error when DEVRANDOM is not defined (it always is with
the current e_os.h) we should use #error.
1999-10-14 17:31:53 +00:00
Dr. Stephen Henson
673b102c5b
Initial support for certificate purpose checking: this will
...
ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.
1999-10-13 01:11:56 +00:00
Dr. Stephen Henson
56a3fec1b1
Add EX_DATA support to X509.
...
Fix a bug in the X509_get_d2i() functions which didn't check if crit was NULL.
1999-10-11 01:30:04 +00:00
Dr. Stephen Henson
4654ef985b
New functions to parse and get extensions.
1999-10-09 02:54:10 +00:00
Andy Polyakov
2dae04d038
RC4 tune-up featuring 30-40% performance improvement on most RISC
...
platforms. See crypto/rc4/rc4_enc.c for further details.
1999-10-07 12:03:59 +00:00
Dr. Stephen Henson
2d681b779c
Fix for bug in pkcs12 program and typo in ASN1_tag2str().
1999-10-05 12:57:50 +00:00
Dr. Stephen Henson
3ea23631d4
Add support for public key input and output in rsa and dsa utilities with some
...
new DSA public key functions that were missing.
Also beginning of a cache for X509_EXTENSION structures: this will allow them
to be accessed more quickly for things like certificate chain verification...
1999-10-04 21:17:47 +00:00
Dr. Stephen Henson
393f2c651d
Fix for d2i_ASN1_bytes and stop PKCS#7 routines crashing is signed message
...
contains no certificates.
Also fix typo in RANLIB changes.
1999-10-04 12:08:59 +00:00
Ralf S. Engelschall
f846335657
Add prototypes for new DSA functions Steve added recently.
1999-10-04 10:55:04 +00:00
Dr. Stephen Henson
4579dd5dc6
Fix for base64 BIO decoding bug
1999-10-02 13:33:06 +00:00
Ulf Möller
8e1589ece5
VC++ warning.
1999-09-29 22:11:06 +00:00
Ulf Möller
49e747e670
Generate obj_dat.h in "make update".
1999-09-29 21:03:02 +00:00
Bodo Möller
e405b8d120
new control code BIO_C_RESET_READ_REQUEST
1999-09-27 13:43:59 +00:00
Andy Polyakov
6cc4ee03df
RC4 tune-up.
...
See comments in the code (after #if defined(RC4_CHUNK)) for more details.
1999-09-26 12:47:17 +00:00
Dr. Stephen Henson
bf1966354a
Lots of evil casts to stop VC++ choking with "possible loss of data"
...
warnings :-(
1999-09-19 00:40:56 +00:00
Dr. Stephen Henson
1c80019a2c
Add new sign and verify members to RSA_METHOD and change SSL code to use sign
...
and verify rather than direct encrypt/decrypt.
1999-09-18 22:37:44 +00:00
Dr. Stephen Henson
090d848ea8
Various CRL enhancements tidies and workaround for broken CRLs.
1999-09-18 01:42:02 +00:00
Andy Polyakov
17f389bbbf
Initial support for MacOS.
...
This will soon be complemented with MacOS specific source code files and
INSTALL.MacOS.
I (Andy) have decided to get rid of a number of #include <sys/types.h>.
I've verified it's ok (both by examining /usr/include/*.h and compiling)
on a number of Unix platforms. Unfortunately I don't have Windows box
to verify this on. I really appreciate if somebody could try to compile
it and contact me a.s.a.p. in case a problem occurs.
Submitted by: Roy Wood <roy@centricsystems.ca>
Reviewed by: Andy Polyakov <appro@fy.chalmers.se>
1999-09-11 17:54:18 +00:00
Ulf Möller
778f1092dd
Parantheses not needed.
1999-09-10 16:13:24 +00:00
Bodo Möller
5671876d1d
"make update"
1999-09-10 15:34:55 +00:00
Bodo Möller
6f7af1524e
Use non-copying BIO interface in ssltest.c.
1999-09-10 14:03:21 +00:00
Bodo Möller
ac3e3cdc96
typo
1999-09-10 13:25:25 +00:00
Ulf Möller
953ad1bc10
Correction for the testapps lines.
1999-09-10 11:44:52 +00:00
Ben Laurie
d680ba8617
Correct warnings.
1999-09-09 20:15:17 +00:00
Bodo Möller
396f631458
some more patches for avoiding problems with non-automatic variables
1999-09-08 21:58:13 +00:00
Dr. Stephen Henson
0d64ea89f7
Fix typo.
1999-09-08 20:01:28 +00:00
Dr. Stephen Henson
c1cd88a0eb
Oops... forgot the other RSA_NULL patches...
1999-09-08 18:19:45 +00:00
Dr. Stephen Henson
4a61a64f50
This is preliminary support for an "RSA null" cipher. Unfortunately when
...
OpenSSL is compiled with NO_RSA, no RSA operations can be used: including
key generation storage and display of RSA keys. Since these operations are
not covered by the RSA patent (my understanding is it only covers encrypt,
decrypt, sign and verify) they can be included: this is an often requested
feature, attempts to use the patented operations return an error code.
This is enabled by setting RSA_NULL. This means that if a particular application
has its own legal US RSA implementation then it can use that instead by setting
it as the default RSA method.
Still experimental and needs some fiddling of the other libraries so they have
some options that don't attempt to use RSA if it isn't allowed.
1999-09-08 18:02:25 +00:00
Ulf Möller
6882a96446
Use proper flags to build the testapps (default CC value causes confusion
...
on Solaris)
1999-09-08 16:14:52 +00:00
Bodo Möller
c1082a90bb
Non-copying interface to BIO pairs.
...
It's still totally untested ...
1999-09-07 21:37:09 +00:00
Dr. Stephen Henson
a785abc324
New function to convert ASN1 tag values to strings. Also fix typo in asn1.h
1999-09-07 12:16:29 +00:00
Ben Laurie
092ec334f0
Fix warnings.
1999-09-06 11:06:54 +00:00
Ben Laurie
232616efce
Fix warnings.
1999-09-06 09:29:29 +00:00
Andy Polyakov
69fb1c3f9d
SHA clean-up Intel assembler companion.
...
I've chosen to nest two functions in order to save about 4K. As a result
s1-win32.asm doesn't look right (nested PROC/ENDP SEGMENT/ENDS) and it's
probably impossible to compile. I assume I have to reconsider... But not
today...
1999-09-05 14:17:42 +00:00
Andy Polyakov
7f7c318cfc
SHA clean-up and (LP64) tune-up.
...
"Clean-up" stands for the fact that it's using common message digest
template ../md32_common.h and sha[1_]dgst.c are reduced down to
'#define SHA_[01]' and then '#include "sha_locl.h"'. It stands "(LP64)"
there because it's 64 bit platforms which benefit most from the tune-up.
The updated code exhibits 40% performance improvement on IRIX64
(sounds too good, huh? I probably should double check if it's not
some cache trashing that was holding it back before), 28% - on
Alpha Linux and 12% - Solaris 7/64.
1999-09-05 12:42:04 +00:00
Dr. Stephen Henson
aef838fc95
New UTF8 utility functions to parse/generate UTF8 strings.
1999-09-04 17:19:55 +00:00
Bodo Möller
074309b7ee
Fix server behaviour when facing backwards-compatible client hellos.
1999-09-03 16:33:11 +00:00
Dr. Stephen Henson
8ce97163a2
Add new 'spkac' utility and several SPKAC utility functions.
1999-09-03 01:08:34 +00:00
Dr. Stephen Henson
ac8b4ee04a
Make DH_free() free up any ex_data and also call the finish method.
1999-09-01 23:50:43 +00:00
Andy Polyakov
2d0c55eda2
RIPEMD160 shape-up Intel assembler companion. Cycle counter benchmarks
...
went down from 1050 to 921 cycles on Pentium II. I haven't checked the
figures on Pentium yet.
1999-08-28 13:07:51 +00:00
Andy Polyakov
28e0be13f6
RIPEMD160 shape-up. Major news are that it's operational on all platforms
...
now and I'm putting it back to 'make test' later today.
1999-08-28 12:55:45 +00:00
Ulf Möller
b357e95cc4
make testapps after the library.
1999-08-28 12:50:48 +00:00
Andy Polyakov
1cbde6e4fa
md32_common.h update and accompanying MD5 update.
1999-08-28 12:41:03 +00:00
Dr. Stephen Henson
c79b16e11d
Allow extensions to be added to certificate requests, update the sample
...
config file (change RAW to DER).
1999-08-25 16:59:26 +00:00
Ulf Möller
43ca6c02dc
make update.
1999-08-24 17:45:16 +00:00
Andy Polyakov
0bbd03525e
Minor MIPS III/IV tune-up.
1999-08-24 16:02:16 +00:00
Dr. Stephen Henson
7b65c3298f
Fix for a bug which meant encrypting BIOs sometimes wouldn't read the final
...
block.
1999-08-24 13:21:35 +00:00
Dr. Stephen Henson
13066cee60
Initial support for DH_METHOD. Also added a DH lock. A few changes made to
...
DSA_METHOD to make it more consistent with RSA_METHOD.
1999-08-23 23:11:32 +00:00
Dr. Stephen Henson
c0711f7f0f
Initial support for DSA_METHOD...
1999-08-22 17:57:38 +00:00
Dr. Stephen Henson
8484721adb
Allow memory bios to be read only and change PKCS#7 routines to use them.
1999-08-19 13:07:43 +00:00
Bodo Möller
6e4a3b5529
Really undo the base64 change so that make test survives
1999-08-18 16:42:27 +00:00
Dr. Stephen Henson
c6c3450643
Fix PKCS7_ENC_CONTENT_new() to include a sensible default content type and add
...
support for encrypted content type in PKCS7_set_content().
1999-08-17 12:58:01 +00:00
Ulf Möller
364836ca1c
Undo base64 decoding change (was not a bug fix).
1999-08-14 20:49:37 +00:00
Ulf Möller
2b7af70139
Fix faulty base64 decoding of data that was 46 or 47 bytes long.
...
Submitted by: Ivan Nejgebauer <ian@uns.ns.ac.yu>
1999-08-13 19:42:33 +00:00
Ulf Möller
1bf0b46b13
Add pkcs7 and des apps to "make all".
1999-08-13 19:21:53 +00:00
Ulf Möller
27ad06a627
Compile pkcs7 and des apps.
1999-08-13 18:04:04 +00:00
Bodo Möller
690233bccc
Submitted by: Lidong Zhou <ldzhou@cs.cornell.edu>
1999-08-11 13:31:03 +00:00
Dr. Stephen Henson
fd52057729
Add functions to allow extensions to be added to certificate requests.
...
Modify obj_dat.pl to take its files from the command line. Usage is now
perl obj_dat.pl objects.h obj_dat.h
this should avoid redirection shell escape problems under Win32.
1999-08-11 13:08:58 +00:00
Bodo Möller
8b94634428
Fix typo.
1999-08-11 08:28:40 +00:00
Bodo Möller
019a7aba4a
Updates.
...
Prototypes and constant declarations for non-copying reads and writes for
BIO pairs (which is totally untested as of now, so I don't yet commit
the actual source code, but reserve the numbers to avoid conflicts).
1999-08-10 11:36:22 +00:00
Dr. Stephen Henson
87c49f622e
Support for parsing of certificate extensions in PKCS#10 requests: these are
...
used by things like Xenroll. Also include documentation for extendedKeyUsage
extension.
1999-08-09 22:38:05 +00:00
Ralf S. Engelschall
d91e201e96
Bump after tarball rolling.
...
Friends, feel free to start again hacking for 0.9.5... ;)
1999-08-09 11:14:08 +00:00
Ralf S. Engelschall
2c720c746b
Bump version to 0.9.4
1999-08-09 10:40:38 +00:00
Bodo Möller
a9642be663
more consistent formatting
1999-08-08 14:06:29 +00:00
Ralf S. Engelschall
1d5edd0882
Fix two remaining prototype-related warnings
1999-08-08 11:25:32 +00:00
Ralf S. Engelschall
9639515871
A few more ``#ifndef NO_FP_API / #endif'' pairs for consistency.
...
Hint from: Andrija Antonijevic <TheAntony2@bigfoot.com>
1999-08-08 10:15:43 +00:00
Bodo Möller
9918762413
change formatting a bit
1999-08-07 02:45:31 +00:00
Bodo Möller
a12258fcd2
fix the bug
1999-08-06 12:27:39 +00:00
Bodo Möller
48c843c367
New function DSA_dup_DH, and fixes for bugs that were found
...
while implementing and using it.
1999-08-05 11:50:18 +00:00
Ben Laurie
ab8f6b415f
More diagnostics.
1999-08-03 10:19:02 +00:00
Ben Laurie
97e84e38df
Make it compile under -pedantic.
1999-08-03 10:18:27 +00:00
Bodo Möller
316d5cdc85
comment
1999-08-03 08:31:13 +00:00
Bodo Möller
4c8319c0f5
Revert erroneous change.
1999-08-03 06:05:54 +00:00
Bodo Möller
50ccbc13f6
automatically use no-mdc2 if no-des is requested.
1999-08-02 22:13:46 +00:00
Bodo Möller
a851544169
avoid some NO_<cipher> problems
1999-08-02 21:44:49 +00:00
Bodo Möller
927ddaffeb
avoid cast
1999-08-02 19:55:51 +00:00
Andy Polyakov
4c22909e31
Extra i386+gcc bn_div.c tune-up featuring inline division and saving
...
the remainder left in %edx. Here is the resulting performance improvement
matrix (improvement as a result of this *and* previous tune-up committed
two days ago). The results were obtained by profiling the "div" part of
the crypto/bn/bnspeed.c.
CPU BN_div bn_div_words overall comment
------------------------------------------------------------------------
PII +16% accumulated by +2-3% PII multiplies damn fast! Taking
inlining multiplication out of the loop
didn't make too much difference.
Eliminating of the multiplication
involved in remainder calculation
is the major factor.
Pentium +45% accumulated by +7-9% mull isn't that fast and replacing
inlining multiplications with additions in
the loop has more visible effect:-)
MIPS +75% +12% +20-25% In addition to the taking mults
R10000 out of the loop (giving 12% in the
asm/mips3.s) three mults were
eliminated in BN_div.
Alpha +30% +50% +10-15% Same as above. But remember that
EV4 bn_div_words is a C implementation.
It takes 4 Alpha mults in C to do
the same thing as 1 MIPS mult in
assembler does. So the effect (50%)
is more impressive. But not the
overall one... Well, if Alpha
bn_mul_add would be implemented
in assembler overall improvement
would be closer to MIPS...
1999-07-31 23:27:41 +00:00
Bodo Möller
8d85b33eb5
by request: let BN_dup(NULL) just return NULL
1999-07-30 19:22:57 +00:00
Andy Polyakov
0dd25e3606
Bignum division tune-up. Idea is to move multiplications in front of
...
loop body and replace 'em with addition/subtraction.
1999-07-30 11:43:43 +00:00
Bodo Möller
a40f6dce87
correct error signalling for opendir() failure
1999-07-30 10:43:34 +00:00
Dr. Stephen Henson
08dbdb85ee
Fix to PKCS#12 code to use the cipher block length when allocating a buffer
...
for encrypted data, rather than hard coding '8'.
1999-07-30 10:11:21 +00:00
Dr. Stephen Henson
922180d794
Allow the PKCS#7 (S/MIME encrypt) application to support more than one
...
recipient.
1999-07-30 01:12:46 +00:00
Ulf Möller
fd556cbfb6
No use in naming the cblock _; the structure still is incompatible
...
to Kerberos.
1999-07-29 16:15:48 +00:00
Ulf Möller
7463ca9acc
obj_dat.h is autogenerated (it was in the CVS because old versions of
...
Configure didn't generate the file in Windows builds).
1999-07-29 14:10:20 +00:00
Bodo Möller
571199434c
Always use buildinf.h, which now includes the mk1mfinf.h data.
...
Using different files caused problems because the dependencies
in the Makefiles produced by mk1mf.pl were for the standard case,
i.e. mentioned buildinf.h and not mk1mfinf.h.
1999-07-29 12:57:23 +00:00
Ulf Möller
37b7185b5d
Restore compability with kerberos/des.h (I had deleted some seemingly useless
...
definitions such as C_Block earlier).
1999-07-29 00:09:49 +00:00
Ulf Möller
8c197cc55e
VMS updates.
...
Submitted by: Richard Levitte <levitte@stacken.kth.se>
1999-07-28 23:25:59 +00:00
Dr. Stephen Henson
3e3d2ea2fc
New function OBJ_obj2txt()
1999-07-27 22:22:58 +00:00
Dr. Stephen Henson
770d19b862
New RSA flag RSA_FLAG_EXT_PKEY, to always call rsa_mod_exp.
1999-07-27 21:58:08 +00:00
Andy Polyakov
5965902e6e
when invoking bn_*_comba[48] result->top wasn't always set correctly.
1999-07-27 09:36:59 +00:00
Bodo Möller
2e0fc87599
Use correct CFLAG definition for makefile.one builds.
1999-07-27 09:10:36 +00:00
Andy Polyakov
1656ef2997
SPARC Solaris config updates.
...
./config sences whole range of SPARC instruction sets. Do note that
it favors Sun C now if both gcc and cc 4.2 or later are present!
1999-07-25 22:25:12 +00:00
Andy Polyakov
6841fb0d1e
Minor MD5 tune-up for WIN32 on Intel.
1999-07-25 15:25:30 +00:00
Andy Polyakov
a0618e3e5e
Added support for SPARC Linux.
1999-07-25 15:13:49 +00:00
Andy Polyakov
ccb8a026c0
GNU assembler (read SPARC Linux) support added.
1999-07-25 14:07:48 +00:00
Andy Polyakov
fccbb9b34f
- performance retunes, v8plus bn_*_comba routines are reimplemented;
...
- support for GNU assembler (read SPARC Linux);
1999-07-25 12:34:30 +00:00
Bodo Möller
f66c303201
Don't include x509.h when we just need asn1.h
1999-07-24 03:09:01 +00:00
Ulf Möller
40e29b1976
Remove obsolete files.
1999-07-22 21:57:41 +00:00
Bodo Möller
22341d4085
ignore r586unix.cpp
1999-07-22 16:23:54 +00:00
Bodo Möller
cad4e62b24
date.h no longer to be deleted by "make clean"
1999-07-22 16:22:11 +00:00
Ulf Möller
49b8142262
Make the perl module compile and eliminate some of the warnings.
...
Still doesn't work (the destructor on BIO and SSL is called immediately
after creating the object. Why that??)
1999-07-22 16:10:31 +00:00
Bodo Möller
f0e8ae723c
Torture weak compilers less by not automatically including x509.h where
...
it is not needed.
1999-07-21 22:10:23 +00:00
Bodo Möller
74678cc2f8
Additional user data argument to pem_password_cb function type
...
and to lots of PEM_... functions.
Submitted by: Damien Miller <dmiller@ilogic.com.au>
1999-07-21 20:57:16 +00:00
Bodo Möller
664b99853c
avoid -DPLATFORM=\"...\" and -DCFLAGS=\"...\" command lines,
...
use new file buildinf.h instead.
1999-07-21 20:49:15 +00:00
Bodo Möller
16bc9fea4d
slight clean-up
1999-07-21 20:47:51 +00:00
Bodo Möller
ae6767430e
Auto-generated file -- this should not be under version control
...
(and the other */asm/*.cpp files are not)
1999-07-21 20:47:19 +00:00
Andy Polyakov
cea538154b
Get rid of redundant multiplications in bn_div_words.
1999-07-21 13:53:01 +00:00
Andy Polyakov
7363455fac
MIPS III/IV assembler module is reimplemented.
1999-07-20 15:50:20 +00:00
Andy Polyakov
eaccfe8b29
crypto/bn/asm/mips3.s is moved to crypto/bn/asm/obsolete/
1999-07-20 13:43:26 +00:00
Andy Polyakov
d2759c2135
crypto/bn/asm/mips3.s is obsolete. I'm moving it to crypto/bn/asm/obsolete
...
in order to replace it with a new version.
1999-07-20 13:40:02 +00:00
Bodo Möller
e391116a48
New compile time option -DCRYPTO_MDEBUG_THREAD.
1999-07-19 10:36:10 +00:00
Bodo Möller
458cddc104
Have CRYPTO_MDEBUG_TIME automatically set CRYPTO_MDEBUG,
...
and make it the default for some debugging configurations.
1999-07-19 09:25:35 +00:00
Bodo Möller
3dff94c2e4
Add optional (compile-time configurable) time to CRYPTO_mem_leaks output.
...
This is much more helpful than the counter when doing tests with the library
interactively.
1999-07-18 22:39:45 +00:00
Bodo Möller
dc347119e6
"make clean" has to delete date.h
1999-07-17 15:17:14 +00:00
Ulf Möller
cfa3747ba9
More DES library cleanups: remove references to srand/rand
...
and delete an unused file.
1999-07-15 23:47:02 +00:00
Ulf Möller
4f6235f701
RSA private keys without dmp1/dmq1/iqmp are also valid (but slower).
1999-07-15 23:45:04 +00:00
Ulf Möller
9a3bbbce91
NO_HMAC.
1999-07-15 23:44:04 +00:00
Dr. Stephen Henson
924154d9f2
Eliminate a warning: BN_mod_inverse() returns a (BIGNUM *) and remove and
...
unnecessary cast.
1999-07-13 00:00:05 +00:00
Bodo Möller
7eea36bb48
cosmetic changes
1999-07-12 18:50:34 +00:00
Dr. Stephen Henson
bbdb543844
More NASM support code it still doesn't work but it doesn't work less than it
...
didn't work before :-)
1999-07-12 18:12:43 +00:00
Bodo Möller
d9f0016bc5
typo in string
1999-07-12 16:46:28 +00:00
Dr. Stephen Henson
72e2ffee20
Beginnings of experimental support for NASM assembler. This is a free
...
assembler for various X86 platforms including Win32. It can output object files
that VC++ will tolerate so it could be used to provide assembly language support
to Win32 without the need for MASM.
This is preliminary stuff: it doesn't even work yet.
1999-07-12 12:33:16 +00:00
Bodo Möller
3a55fc1aab
correct error handling
...
insert spaces in products that occur in error codes
1999-07-12 09:46:34 +00:00
Bodo Möller
8735ee6f5d
typo
1999-07-11 22:06:54 +00:00
Bodo Möller
6519b2cb92
New function RSA_check_key.
1999-07-11 22:01:41 +00:00
Bodo Möller
03cd49447f
New function RSA_check_key,
...
openssl rsa -check
1999-07-11 22:00:55 +00:00
Dr. Stephen Henson
f598cd13a3
Various changes to stop VC++ choking under Win32.
1999-07-11 17:09:04 +00:00
Dr. Stephen Henson
f513939ebb
Add a debugging option to PKCS#5 v2.0 key generation function.
1999-07-11 12:40:46 +00:00
Dr. Stephen Henson
0ab8beb480
Copy flags in ASN1_STRING_dup()
1999-07-11 12:30:55 +00:00
Dr. Stephen Henson
f8be08d200
SXnet code was freeing up the extension data rather than the temporary
...
zone number.
1999-07-10 12:48:31 +00:00
Bodo Möller
777ab7e611
Fix memory checking.
1999-07-09 16:27:30 +00:00
Ulf Möller
a026fd201f
Obsolete/experimental code.
1999-07-09 15:23:11 +00:00
Bodo Möller
5685dcd445
improve readability of #if conditions (ELF, if defined, supersedes BSDI
...
[which we don't really define if ELF is defined, but who knows])
1999-07-06 17:28:29 +00:00
Bodo Möller
c91b5c717c
avoid confliction definitions of NDEBUG
1999-07-05 11:01:16 +00:00
Bodo Möller
e334d78b87
Disable asserts for standard configurations.
1999-07-05 10:18:51 +00:00
Ulf Möller
5271ebd9a3
More no-xxx option tweaks.
1999-06-30 00:42:56 +00:00
Ulf Möller
5676d8cb76
Fix no-hmac and no-ripemd.
1999-06-29 23:52:08 +00:00
Dr. Stephen Henson
ce8b257413
New functions to allow RSA_METHODs to be changed without poking round in
...
RSA structure internals.
1999-06-29 22:22:42 +00:00
Ulf Möller
e371828067
Use "long long" for all Win32 gcc ports.
1999-06-28 16:17:38 +00:00
Bodo Möller
7722424462
With mingw32, use "long long" rather than "_int64" (the latter does
...
not work, at least the package mentioned in INSTALL.W32 does not know
about it).
1999-06-28 14:38:31 +00:00
Bodo Möller
baac3b4b5f
Close another memory hole.
1999-06-25 13:49:55 +00:00
Bodo Möller
227cd06ffe
Avoid some memory holes, one of which was pointed out by
...
"Chad C. Mulligan" <mulligan@antipope.org>.
1999-06-25 13:41:35 +00:00
Dr. Stephen Henson
034292ad6a
Fix d2i_ASN1_INTEGER() and i2d_ASN1_INTEGER() so it correctly works out
...
the length of negative integers.
1999-06-24 01:50:27 +00:00
Bodo Möller
946cbf67af
Don't use inline assembler when configured for "no-asm".
1999-06-23 12:18:31 +00:00
Dr. Stephen Henson
170afce58d
New function PKCS7_signatureVerify to allow the signing certificate to
...
be explicitly stated with PKCS#7 verify.
Also fix for util/mkerr.pl: if the -nostatic option is being used this will be
for an external library so the autogenerated C file should include the
header file as:
#include "any/path/to/header.h"
rather than the internal library form:
#include <openssl/header.h>
1999-06-22 13:33:22 +00:00
Dr. Stephen Henson
dbd665c210
Change the PEM_* function prototypes to use DECLARE_PEM macros and change
...
util/mkdef.pl to handle this. Also do a 'make update'.
1999-06-22 01:38:31 +00:00
Dr. Stephen Henson
66ab08b1cf
Implement STACK_OF(ANS1_OBJECT) for extended key usage extension, change the
...
documentation to reflect the STACK_OF(CONF_VALUE) change to the CONF lib and
use ANSI typedefs for X509V3_EXT_I2D and X509V3_EXT_FREE.
1999-06-21 23:59:09 +00:00
Ben Laurie
10cea23bd4
Don't shadow.
1999-06-21 10:08:56 +00:00
Bodo Möller
a6c1b3a9ac
"make update"
1999-06-21 10:04:48 +00:00
Dr. Stephen Henson
ba404b5e86
Convert the CONF library to use a typesafe stack: a STACK_OF(CONF_VALUE). It
...
seemed like a good idea at the time... several hours later it was rather
obvious that these are used all over the place making the changes rather
extensive.
1999-06-20 22:18:16 +00:00
Dr. Stephen Henson
8623f693d9
New functions CONF_load_bio() and CONF_load_fp() to load a configuration
...
file from a bio or fp. Added some more constification to the BN library.
1999-06-20 17:36:11 +00:00
Bodo Möller
a111306bbc
New function CRYPTO_num_locks.
1999-06-18 16:14:18 +00:00
Bodo Möller
2de625408a
Use same name in the definition as in the header file declaration :-/
...
(the extra "get" makes the name quite long, but otherwise it'd sound
as if you could request something rather than obtain information
about what the peer did).
1999-06-18 12:28:29 +00:00
Bodo Möller
2eae234023
Some people don't have /dev/fd/0 on Solaris, so use - instead.
1999-06-15 23:17:09 +00:00
Bodo Möller
6c82fda2dd
Don't try to use zero-byte buffers.
1999-06-15 18:07:44 +00:00
Bodo Möller
b52d109518
long obsolete
1999-06-14 15:51:26 +00:00
Bodo Möller
11e4b79a3a
rc4_locl.h and bf_locl.h incorrectly defined _HEADER_...;
...
opensslconf.h always expects HEADER_... (no leading underscore).
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-06-14 14:48:25 +00:00
Bodo Möller
d7fcc7f6c6
Bugfix.
1999-06-12 11:07:52 +00:00
Bodo Möller
e0f12c41de
Avoid some warnings (on silly compilers).
1999-06-12 09:52:44 +00:00
Bodo Möller
95d29597b7
BIO pairs.
1999-06-12 01:03:40 +00:00
Dr. Stephen Henson
9bce3070ac
Fix to i2d_DSAPublicKey() to return the correct length.
...
Submitted by: Jeon KyoungHo <khjeon@sds.samsung.co.kr>
1999-06-11 22:30:45 +00:00
Dr. Stephen Henson
565d1065c3
Document the X509V3 code and change some of the extension function pointers
...
to use 'void *' rather than 'char *' for an "arbitrary extension".
1999-06-11 01:58:42 +00:00
Ben Laurie
84757d677f
Fix warnings.
1999-06-10 19:45:25 +00:00
Bodo Möller
247cf8d279
Avoid warning.
1999-06-10 18:03:14 +00:00
Dr. Stephen Henson
b7d135b353
Two new functions to write out PKCS#8 private keys. Also fixes for some of
...
the the PBE code and a new constant PKCS5_DEFAULT_ITER for the default
iteration count if it is passed as zero.
1999-06-10 17:32:52 +00:00
Bodo Möller
d58d092bc9
Avoid warnings.
1999-06-10 16:29:32 +00:00
Bodo Möller
0b977773d2
Repair PEM_write_PrivateKey and PEM_write_bio_PrivateKey.
1999-06-09 23:12:08 +00:00
Ulf Möller
adc7fe123b
Circumvent bug in SC5 without patch #107357-01.
...
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-06-09 21:13:27 +00:00
Dr. Stephen Henson
f62676b92d
Change the PEM function implementation to use a common set of macros: this
...
should make modifying them easier.
Fix the selfsign demo: it was rather ancient and used deleted functions.
1999-06-09 18:05:30 +00:00
Bodo Möller
a7bd03960c
des_cbc_encrypt / des_ncbc_encrypt issue.
1999-06-09 18:01:49 +00:00
Bodo Möller
5765e24f14
Update dependencies.
1999-06-09 17:38:32 +00:00
Bodo Möller
3bcfce2881
Unify DES library: ncbc_enc.c wasn't used, but its content was almost
...
duplicated in cbc_enc.c (without IV updating) and in des_enc.c
As pointed out by others on the openssl-dev list, des_cbc_encrypt (without
IV updating; defined in cbc_enc.c) exists only for historical reasons:
des_ncbc_encrypt should be used instead (and the caller does not have
to manually update the IV).
If des_cbc_enrypt is not needed for backwards compatibility, the
definition of des_ncbc_encrypt should be put back into des_enc.c, and
both cbc_enc.c and ncbc_enc.c can be deleted.
If des_cbc_encrypt *is* needed for backwards compatibility, its behaviour
obviously should not change (i.e., don't add IV updating).
1999-06-09 17:28:30 +00:00
Ulf Möller
4e6ec1da04
Remove old libdes version number.
1999-06-09 16:26:50 +00:00
Bodo Möller
7740a1c6ef
"make update" (added to top Makefile, and applied).
1999-06-09 16:18:53 +00:00
Bodo Möller
c77f47abfa
DES CBC change looks dubious to me.
1999-06-09 13:41:51 +00:00
Bodo Möller
e766a681aa
Some pre-POSIX systems don't have unistd.h (but e.g. lib.c).
...
Allow configuring the name of that header file.
1999-06-09 13:23:38 +00:00
Ben Laurie
9e952fc877
Oops. Get rid of now incorrect comment.
1999-06-09 11:09:12 +00:00
Ben Laurie
05861c77e7
I keep forgetting to fix this: update the IV! Most important!
1999-06-09 11:08:36 +00:00
Ben Laurie
233bf734d3
Make "make test" fail if bntest fails an internal selfcheck.
1999-06-09 10:19:53 +00:00
Ulf Möller
9fe6729b46
The des app.
1999-06-08 20:11:02 +00:00
Ben Laurie
72fbe87dc6
Survive pedanticism.
1999-06-08 18:37:43 +00:00
Ulf Möller
908eb7b85a
Call our crypt implementation des_crypt(). crypt() now is a wrapper if
...
there is no system crypt() available.
1999-06-08 16:35:11 +00:00
Ulf Möller
bf0870ac73
Casts.
1999-06-08 16:25:21 +00:00
Ulf Möller
f947eb318e
Warnings and casts.
1999-06-08 16:17:25 +00:00
Ulf Möller
93fd0fd61f
Don't #define _, and eliminate casts.
1999-06-08 15:52:47 +00:00
Ulf Möller
bebf2787ea
Fix to compile the des app.
1999-06-08 15:35:57 +00:00
Bodo Möller
c035b0c3b2
"request" added.
1999-06-08 10:18:48 +00:00
Dr. Stephen Henson
8eb57af5fe
Complete support for PKCS#5 v2.0. Still needs extensive testing.
1999-06-08 00:09:51 +00:00
Bodo Möller
1aad3392e5
Fix for BIO pairs.
1999-06-07 22:51:55 +00:00
Bodo Möller
ba9f280885
Use locking in a way that makes more sense.
1999-06-07 22:50:12 +00:00
Dr. Stephen Henson
97e4a93245
This is the main PKCS#5 v2.0 key generation function, it parses the ASN1
...
structure and decides what key to generate (if any). Not currently added to
the PBE algorithm list because it is largely untested.
1999-06-07 21:00:19 +00:00
Bodo Möller
3928b6bf48
treat init properly
1999-06-07 20:34:36 +00:00
Bodo Möller
b1c4fe3625
Don't mix real tabs with tabs expanded as 8 spaces -- that's
...
a pain to read when using 4-space tabs.
1999-06-07 20:26:51 +00:00
Bodo Möller
9e06f6f601
Introduce "BIO pairs", which (when finished) will relay data
...
so that the SSL library can be used for applications that
have to handle all the actual I/O themselves.
1999-06-07 16:04:45 +00:00
Dr. Stephen Henson
8e21c14607
More PKCS#5 v2.0 development. Add a function to setup a PKCS#5 v2.0
...
AlgorithmIdentifier and make various ASN1 fixes.
1999-06-06 23:34:44 +00:00
Dr. Stephen Henson
2bd83ca1c9
Change PBE handling a bit more: now the key and iv generator does calls
...
EVP_CipherInit() this because the IV wont be easily available when doing
PKCS#5 v2.0
1999-06-06 18:41:52 +00:00
Dr. Stephen Henson
69cbf46811
Rewrite PBE handling read to support PKCS#5 v2.0 and update the function
...
list for Win32.
1999-06-06 13:07:13 +00:00
Dr. Stephen Henson
095ce35378
Change so PEM private key read routines can handle PKCS#8 transparently.
1999-06-05 18:40:51 +00:00