Commit graph

187 commits

Author SHA1 Message Date
Dr. Stephen Henson
420eb6a306 PKCS7_verify() performance optimization. When the content is large and a
memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots
of slow memory copies from the memory BIO by saving the content in a
temporary read only memory BIO.
2005-01-14 17:53:16 +00:00
Dr. Stephen Henson
da8534693c Add lots of checks for memory allocation failure, error codes to indicate
failure and freeing up memory if a failure occurs.

PR:620
2004-12-05 01:04:44 +00:00
Richard Levitte
a2617f727d Don't use $(EXHEADER) directly in for loops, as most shells will break
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:53:31 +00:00
Dr. Stephen Henson
d06db8ad9e Check ASN1_TYPE structure type is a SEQUENCE in PKCS7_get_smimecap(). 2004-09-15 23:38:45 +00:00
Ben Laurie
3642f632d3 Pull FIPS back into stable. 2004-05-11 12:46:24 +00:00
Dr. Stephen Henson
a0cac0ff75 Make S/MIME encrypt work again. 2004-03-25 00:57:23 +00:00
Richard Levitte
cc056d6395 Use sh explicitely to run point.sh
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:00:24 +00:00
Dr. Stephen Henson
2d4b834926 Oops! 2003-11-10 01:29:27 +00:00
Dr. Stephen Henson
c22e6753ef Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex(). 2003-11-10 01:25:11 +00:00
Dr. Stephen Henson
79e4022a33 Simplify cipher and digest lookup in PKCS#7 code. 2003-10-11 16:47:44 +00:00
Dr. Stephen Henson
80986c9ced Retrieve correct content to sign when the
type is "other".
2003-10-10 23:24:10 +00:00
Dr. Stephen Henson
00dc2d7551 Return EOF when an S/MIME part have been read. 2003-06-24 17:12:22 +00:00
Dr. Stephen Henson
9d92486cfb Only count 'LF' as EOL in pk7_mime.c, this avoids incorrect
results if CR+LF straddles the line buffer.
2003-06-02 17:52:19 +00:00
Dr. Stephen Henson
bb41fdb5ec Stop checking for CRLF when start of buffer is reached. 2003-06-02 01:03:08 +00:00
Dr. Stephen Henson
3410aa1aa8 Various S/MIME bug and compatibility fixes. 2003-06-01 20:45:44 +00:00
Richard Levitte
75e3026a14 Cleanse memory using the new OPENSSL_cleanse() function.
I've covered all the memset()s I felt safe modifying, but may have missed some.
2002-11-28 08:09:03 +00:00
Ben Laurie
9831d941ca Many security improvements (CHATS) and a warning fix. 2002-11-12 13:23:40 +00:00
Richard Levitte
ff90d659e6 Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:21:33 +00:00
Dr. Stephen Henson
12a296edfc Really fix PKCS7_set_detached this time... 2002-09-08 16:25:55 +00:00
Dr. Stephen Henson
e696a05791 Fix typos in PKCS#12 ASN1 code.
Make PKCS7_set_detached work again.
2002-09-07 22:59:34 +00:00
Lutz Jänicke
3720ea24f0 "make update"
Submitted by:
Reviewed by:
PR:
2002-07-30 07:18:03 +00:00
Richard Levitte
4289131ae6 Don't clobber loop variable.
PR: 159
2002-07-24 14:42:38 +00:00
Richard Levitte
b334853d72 Reverse the change with the following log, it needs further investigation:
Make S/MIME output conform with the mail and MIME standards.
PR: 151
2002-07-18 10:39:49 +00:00
Richard Levitte
4b5d50e26b Make S/MIME output conform with the mail and MIME standards.
PR: 151
2002-07-18 08:47:56 +00:00
Richard Levitte
ca55c617e5 Pass CFLAG to dependency makers, so non-standard system include paths are
handled properly.
Part of PR 75
2002-06-27 16:44:52 +00:00
Dr. Stephen Henson
bb9dcc99cf Always init ctx_tmp in PKCS7_dataFinal since it is always cleaned up. 2002-02-26 19:32:16 +00:00
Richard Levitte
67fec850e1 Allow verification of other types than DATA.
Submitted by Leonard Janke <leonard@votehere.net>
2002-01-02 11:54:38 +00:00
Bodo Möller
4d7072f4b5 remove redundant ERR_load_... declarations 2001-12-17 19:22:23 +00:00
Dr. Stephen Henson
f3e24baddf Don't overwrite signing time. 2001-12-07 00:36:32 +00:00
Richard Levitte
b476df64a1 make update
perl util/mkerr.pl -recurse -write -rebuild
2001-11-15 12:25:14 +00:00
Dr. Stephen Henson
581f1c8494 Modify EVP cipher behaviour in a similar way
to digests to retain compatibility.
2001-10-17 00:37:12 +00:00
Dr. Stephen Henson
20d2186c87 Retain compatibility of EVP_DigestInit() and EVP_DigestFinal()
with existing code.

Modify library to use digest *_ex() functions.
2001-10-16 01:24:29 +00:00
Richard Levitte
f8000b9345 'make update' 2001-10-04 07:49:09 +00:00
Richard Levitte
2aa9043ad3 Because there's chances we clash with the system's types.h, rename our
types.h to ossl_typ.h.
2001-10-04 07:32:46 +00:00
Richard Levitte
e3a7463c5d A lot of things are undeclared unless x509.h is included. 2001-10-02 11:06:42 +00:00
Dr. Stephen Henson
68dbba9817 Replace old (and invalid) copyright notice. 2001-09-08 12:15:09 +00:00
Geoff Thorpe
79aa04ef27 Make the necessary changes to work with the recent "ex_data" overhaul.
See the commit log message for that for more information.

NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
2001-09-01 20:02:13 +00:00
Ben Laurie
d66ace9da5 Start to reduce some of the header bloat. 2001-08-05 18:02:16 +00:00
Richard Levitte
710e5d5639 make update 2001-07-31 17:07:24 +00:00
Ben Laurie
dbad169019 Really add the EVP and all of the DES changes. 2001-07-30 23:57:25 +00:00
Dr. Stephen Henson
1241126adf More linker bloat reorganisation:
Split private key PEM and normal PEM handling. Private key
handling needs to link in stuff like PKCS#8.

Relocate the ASN1 *_dup() functions, to the relevant ASN1
modules using new macro IMPLEMENT_ASN1_DUP_FUNCTION. Previously
these were all in crypto/x509/x_all.c along with every ASN1
BIO/fp function which linked in *every* ASN1 function if
a single dup was used.

Move the authority key id ASN1 structure to a separate file.
This is used in the X509 routines and its previous location
linked in all the v3 extension code.

Also move ASN1_tag2bit to avoid linking in a_bytes.c which
is now largely obsolete.

So far under Linux stripped binary with single PEM_read_X509
is now 238K compared to 380K before these changes.
2001-07-27 02:22:42 +00:00
Richard Levitte
4ac881ede3 Fix couple of memory leaks in PKCS7_dataDecode().
(provided by Stephen)
2001-04-05 10:19:12 +00:00
Richard Levitte
271da5a2e0 avoid linking problems when OpenSSL is built with no-dsa. Spotted by Hellan,Kim KHE <khe@kmd.dk> 2001-03-20 15:36:59 +00:00
Bodo Möller
4e20b1a656 Instead of telling both 'make' and the user that ranlib
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
2001-03-09 14:01:42 +00:00
Dr. Stephen Henson
1358835050 Change the EVP_somecipher() and EVP_somedigest()
functions to return constant EVP_MD and EVP_CIPHER
pointers.

Update docs.
2001-03-09 02:51:02 +00:00
Bodo Möller
5277d7cb7c Fix ERR_R_... problems. 2001-03-07 01:19:07 +00:00
Richard Levitte
d88a26c489 make update
Note that all *_it variables are suddenly non-existant according to
libeay.num.  This is a bug that will be corrected.  Please be patient.
2001-02-26 10:54:08 +00:00
Dr. Stephen Henson
db4a465974 Stop PKCS7_verify() core dumping with unknown public
key algorithms and leaking if the signature verify
fails.
2001-02-24 01:38:56 +00:00
Dr. Stephen Henson
d339187b1a Get rid of ASN1_ITEM_FUNCTIONS dummy function
prototype hack. This unfortunately means that
every ASN1_*_END construct cannot have a
trailing ;
2001-02-23 12:47:06 +00:00
Dr. Stephen Henson
bb5ea36b96 Initial support for ASN1_ITEM_FUNCTION option to
change the way ASN1 modules are exported.

Still needs a bit of work for example the hack which a
dummy function prototype to avoid compilers warning about
multiple ;s.
2001-02-23 03:16:09 +00:00