wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1296 commits 20 branches 302 tags 153 MiB
Commit graph

235 commits

Author SHA1 Message Date
Dr. Stephen Henson
bb7cd4e3eb Remainder of SSL purpose and trust code: trust and purpose setting in 
SSL_CTX and SSL, functions to set them and defaults if no values set.
 1999-11-29 22:35:00 +00:00
Dr. Stephen Henson
13938aceca Add part of chain verify SSL support code: not complete or doing anything 
yet.

Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.

Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
 1999-11-29 01:09:25 +00:00
Dr. Stephen Henson
51630a3706 Add trust setting support to the verify code. It now checks the 
trust settings of the root CA.

After a few fixes it seems to work OK.

Still need to add support to SSL and S/MIME code though.
 1999-11-27 19:43:10 +00:00
Dr. Stephen Henson
9868232ae1 Initial trust code: allow setting of trust checking functions 
in a table. Doesn't do too much yet.

Make the -<digestname> options in 'x509' affect all relevant
options.

Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.

A few constification changes.
 1999-11-27 01:14:04 +00:00
Dr. Stephen Henson
d4cec6a13d New options to the -verify program which can be used for chain verification. 
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.

Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
 1999-11-26 00:27:07 +00:00
Dr. Stephen Henson
52664f5081 Transparent support for PKCS#8 private keys in RSA/DSA. 
New universal public key format.

Fix CRL+cert load problem in by_file.c

Make verify report errors when loading files or dirs
 1999-11-21 22:28:31 +00:00
Ben Laurie
44eca70641 Update dependencies. 1999-11-18 14:32:54 +00:00
Ben Laurie
5ef738240a Fix warning. 1999-11-18 14:10:53 +00:00
Dr. Stephen Henson
f76d8c4747 Modify verify code to handle self signed certificates. 1999-11-17 01:20:29 +00:00
Dr. Stephen Henson
91895a5938 Fix for a bug in PKCS#7 code and non-detached data. 
Remove rc4-64 from ciphers since it doesn't exist...
 1999-11-16 14:54:50 +00:00
Dr. Stephen Henson
fd699ac55f Add a salt to the key derivation using the 'enc' program. 1999-11-16 02:49:25 +00:00
Dr. Stephen Henson
06556a1744 'req' fixes. Reinstate length check one request fields. 
Fix to stop null being added to attributes.
Modify X509_LOOKUP, X509_INFO to handle auxiliary info.
 1999-11-14 23:10:50 +00:00
Dr. Stephen Henson
a0e9f529a4 Add support for the 40 and 64 bit RC2 and RC4 ciphers in 'enc' 
add documentation for 'enc'.
 1999-11-14 03:23:17 +00:00
Richard Levitte
849c0fe240 Adjust to changes in apps/openssl.cnf 1999-11-12 01:59:47 +00:00
Richard Levitte
ca0e2bc973 Adjust to changes in apps/Makefile.ssl 1999-11-12 01:52:59 +00:00
Dr. Stephen Henson
954ef7ef69 Merge some common functionality in the apps, delete 
the encryption option in the pkcs7 utility (they never
did anything) and add a couple more options to pkcs7.
 1999-11-12 01:42:25 +00:00
Dr. Stephen Henson
af29811edd Add password command line options to some utils. Fix and update man 
pages.
 1999-11-11 18:41:31 +00:00
Dr. Stephen Henson
53b1899e3c Fix a couple of outstanding issues: update STATUS file, fix NO_FP_API problems. 
Update docs, change 'ca' to use the new callback parameter. Now moved key_callback
into app.c because some other utilities will use it soon.
 1999-11-11 13:58:41 +00:00
Ben Laurie
95fdc5eef9 Fix (spurious) warnings. 1999-11-09 12:09:24 +00:00
Bodo Möller
5fe2085bba Avoid some warnings. 1999-11-09 10:00:15 +00:00
Dr. Stephen Henson
a0ad17bb6c Fix to the -revoke option in ca. It was leaking memory, crashing and just 
plain not working :-(

Also fix some memory leaks in the new X509_NAME code.

Fix so new app_rand code doesn't crash 'x509' and move #include so it compiles
under Win32.
 1999-11-08 13:58:08 +00:00
Dr. Stephen Henson
ce1b4fe146 Allow additional information to be attached to a 
certificate: currently this includes trust settings
and a "friendly name".
 1999-11-04 00:45:35 +00:00
Dr. Stephen Henson
74400f7348 Continued multibyte character support. 
Add a bunch of functions to simplify the creation of X509_NAME structures.

Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.
 1999-10-27 00:15:11 +00:00
Bodo Möller
847c52e47f Warn about RANDFILE being overwritten. 1999-10-26 11:27:42 +00:00
Bodo Möller
640588bbfb New file app_rand.c with some functionality used in various openssl 
applications.
 1999-10-26 01:59:11 +00:00
Bodo Möller
a31011e8e0 Various randomness handling bugfixes and improvements -- 
some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.
 1999-10-26 01:56:29 +00:00
Bodo Möller
798757762a Improve support for running everything as a monolithic application. 
Submitted by: Lennart Bång, Bodo Möller
 1999-10-25 19:36:01 +00:00
Dr. Stephen Henson
673b102c5b Initial support for certificate purpose checking: this will 
ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.
 1999-10-13 01:11:56 +00:00
Dr. Stephen Henson
def38e38ec Fix incorrect usage messages in some commands. 1999-10-06 22:59:21 +00:00
Dr. Stephen Henson
d71c6bc5a4 Fix for bug in pkcs12 program and typo in ASN1_tag2str(). 1999-10-05 13:10:21 +00:00
Dr. Stephen Henson
2d681b779c Fix for bug in pkcs12 program and typo in ASN1_tag2str(). 1999-10-05 12:57:50 +00:00
Dr. Stephen Henson
3908cdf442 New option -dhparam to s_server to allow the DH parameter file to be set 
explicitly. Previously it couldn't be changed because it was hard coded as
"server.pem".
 1999-10-04 23:56:06 +00:00
Dr. Stephen Henson
3ea23631d4 Add support for public key input and output in rsa and dsa utilities with some 
new DSA public key functions that were missing.

Also beginning of a cache for X509_EXTENSION structures: this will allow them
to be accessed more quickly for things like certificate chain verification...
 1999-10-04 21:17:47 +00:00
Ben Laurie
18c77bf29e Fix warnings. 1999-10-03 18:09:45 +00:00
Dr. Stephen Henson
c91e125934 Modify the 'speed' application so it now uses RSA_sign and RSA_verify 
instead of RSA_private_encrypt and RSA_public_decrypt
 1999-10-02 01:18:19 +00:00
Bodo Möller
39b30b6ab7 "make update" 1999-09-27 15:12:30 +00:00
Bodo Möller
8569c322be Fix typo in error message. 
Submitted by: Alan Batie
 1999-09-25 11:26:31 +00:00
Bodo Möller
dd73193c83 Honor BUFSIZZ definition in s_server, don't use tiny 32 byte 
buffer (which leads to truncation of client cipher list).
 1999-09-25 11:24:53 +00:00
Bodo Möller
4ad378ea43 Bugfix: avoid opening CAfile when it's NULL. 1999-09-24 20:27:20 +00:00
Bodo Möller
f4e723f3e7 typo 1999-09-21 14:03:20 +00:00
Dr. Stephen Henson
06f4536a61 Fix to make s_client and s_server work under Windows. A bit of a hack but 
an improvement on not working at all.
 1999-09-20 22:09:17 +00:00
Dr. Stephen Henson
090d848ea8 Various CRL enhancements tidies and workaround for broken CRLs. 1999-09-18 01:42:02 +00:00
Bodo Möller
9a0f732d75 Document -startdate and -enddate in usage summary. 1999-09-17 16:35:29 +00:00
Dr. Stephen Henson
d79812b0fa Fix typo. 1999-09-15 21:12:23 +00:00
Bodo Möller
396f631458 some more patches for avoiding problems with non-automatic variables 1999-09-08 21:58:13 +00:00
Dr. Stephen Henson
c1cd88a0eb Oops... forgot the other RSA_NULL patches... 1999-09-08 18:19:45 +00:00
Bodo Möller
a32640b0f4 Reinitialize conf to NULL whenver ca application is started. 
Submitted by: Lennart Bang
 1999-09-05 20:53:08 +00:00
Bodo Möller
b74ba295da Reinitialize global variables when necessary (for monolith application). 1999-09-03 23:08:45 +00:00
Dr. Stephen Henson
8ce97163a2 Add new 'spkac' utility and several SPKAC utility functions. 1999-09-03 01:08:34 +00:00
Dr. Stephen Henson
87a25f9032 Allow the extension section specified in config files to be overridden 
on the command line for various utilities.
 1999-08-27 00:08:17 +00:00