Dr. Stephen Henson
246e09319c
Fix bug where freed OIDs could be accessed in EVP_cleanup() by
...
defering freeing in OBJ_cleanup().
2006-03-28 17:23:48 +00:00
Dr. Stephen Henson
db98bbc114
Initial support for generalized public key parameters.
2006-03-24 13:46:58 +00:00
Dr. Stephen Henson
e42633140e
Add support for legacy PEM format private keys in EVP_PKEY_ASN1_METHOD.
2006-03-23 18:02:23 +00:00
Dr. Stephen Henson
d82e2718e2
Add information and pem strings. Update dependencies.
2006-03-23 11:54:51 +00:00
Dr. Stephen Henson
18e377b4ff
Make EVP_PKEY_ASN1_METHOD opaque. Add application level functions to
...
initialize it. Initial support for application added public key ASN1.
2006-03-22 17:59:49 +00:00
Dr. Stephen Henson
35208f368c
Gather printing routines into EVP_PKEY_ASN1_METHOD.
2006-03-22 13:09:35 +00:00
Richard Levitte
c788e59365
VMS doesn't support includes of paths very well.
2006-03-22 11:26:57 +00:00
Dr. Stephen Henson
6f81892e6b
Transfer parameter handling and key comparison to algorithm methods.
2006-03-20 17:56:05 +00:00
Dr. Stephen Henson
448be74335
Initial support for pluggable public key ASN1 support. Process most public
...
key ASN1 handling through a single EVP_PKEY_ASN1_METHOD structure and move
the spaghetti algorithm specific code to a single ASN1 module for each
algorithm.
2006-03-20 12:22:24 +00:00
Nils Larsch
33af4421f2
remove unnecessary code
2006-03-18 14:22:20 +00:00
Dr. Stephen Henson
c1facbb681
Check EVP_DigestInit_ex() return value in EVP_BytesToKey().
2006-03-01 21:17:13 +00:00
Dr. Stephen Henson
15ac971681
Update filenames in makefiles.
2006-02-04 01:45:59 +00:00
Dr. Stephen Henson
b40228a61d
New functions to support opaque EVP_CIPHER_CTX handling.
2005-12-02 13:46:39 +00:00
Dr. Stephen Henson
200fc02848
Include EVP_whirlpool() prototype in evp.h
2005-12-02 13:25:52 +00:00
Andy Polyakov
8b9afce53a
Add Whirlpool to EVP.
2005-11-30 20:57:23 +00:00
Nils Larsch
8215e7a938
fix warnings when building openssl with the following compiler options:
...
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
-Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
-Wstrict-prototypes -Wreturn-type -Wpointer-arith -W -Wunused
-Wno-unused-parameter -Wuninitialized
2005-08-28 22:49:57 +00:00
Nils Larsch
c755c5fd8b
improved error checking and some fixes
...
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
2005-07-26 21:10:34 +00:00
Nils Larsch
b554eef43b
the final byte of a pkcs7 padded plaintext can never be 0
...
Submitted by: K S Sreeram <sreeram@tachyontech.net>
2005-07-20 22:03:36 +00:00
Nils Larsch
3eeaab4bed
make
...
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
make depend all test
work again
PR: 1159
2005-07-16 12:37:36 +00:00
Richard Levitte
0fc6b2c9e2
Do no try to pretend we're at the end of anything unless we're at the end
...
of a 4-character block.
2005-06-20 22:11:14 +00:00
Nils Larsch
63d740752f
changes from 0.9.8
2005-05-31 18:22:53 +00:00
Andy Polyakov
ce92b6eb9c
Further BUILDENV refinement, further fool-proofing of Makefiles and
...
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342 .
2005-05-16 16:55:47 +00:00
Nils Larsch
9dd8405341
ecc api cleanup; summary:
...
- hide the EC_KEY structure definition in ec_lcl.c + add
some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
2005-05-16 10:11:04 +00:00
Andy Polyakov
81a86fcf17
Fool-proofing Makefiles
2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
b6995add5c
Make -CSP option work again in pkcs12 utility by checking for
...
attribute in EVP_PKEY structure.
2005-05-15 00:54:45 +00:00
Bodo Möller
8afca8d9c6
Fix more error codes.
...
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
2005-05-11 03:45:39 +00:00
Nils Larsch
8b15c74018
give EC_GROUP_new_by_nid a more meanigful name:
...
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
2005-05-10 11:37:47 +00:00
Nils Larsch
7dc17a6cf0
give EC_GROUP_*_nid functions a more meaningful name
...
EC_GROUP_get_nid -> EC_GROUP_get_curve_name
EC_GROUP_set_nid -> EC_GROUP_set_curve_name
2005-05-08 22:09:12 +00:00
Andy Polyakov
405d9761a5
Allow for ./config no-sha0 [from stable].
2005-04-30 21:51:41 +00:00
Dr. Stephen Henson
a93b01be57
Increase offset for BIO_f_enc() to avoid problems with overlapping buffers
...
when decrypting data.
2005-04-28 00:21:29 +00:00
Bodo Möller
2e7245f5a3
Use OPENSSL_NO_CAST, not OPENSSL_NO_CAST5 in e_old.c
...
PR: 959
2005-04-25 23:09:00 +00:00
Ben Laurie
b5855b2f32
Add prototypes.
2005-04-22 23:57:46 +00:00
Richard Levitte
7c671508bd
Avoid compiler complaint about mismatched function signatures
...
(void * != RSA *)
2005-04-20 10:02:16 +00:00
Dr. Stephen Henson
29dc350813
Rebuild error codes.
2005-04-12 16:15:22 +00:00
Richard Levitte
4bb61becbb
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
Nils Larsch
70f34a5841
some const fixes and cleanup
2005-04-05 10:29:43 +00:00
Ben Laurie
73705abc34
If input is bad, we still need to clear the buffer.
2005-04-03 16:38:22 +00:00
Ben Laurie
41a15c4f0f
Give everything prototypes (well, everything that's actually used).
2005-03-31 09:26:39 +00:00
Ben Laurie
42ba5d2329
Blow away Makefile.ssl.
2005-03-30 13:05:57 +00:00
Nils Larsch
41e455bfc4
test, remove unnecessary const cast
2005-03-22 17:55:18 +00:00
Bodo Möller
9f6715d4bb
"make depend". This takes into account the algorithms that are now
...
disabled by default (MDC2 and RC5), which until now were skipped
by "make links" and yet supposedly required by some of the Makefiles,
meaning that the recent snapshots failed to compile.
Problem reported by Nils Larsch.
2005-03-13 19:49:47 +00:00
Dr. Stephen Henson
a0e7c8eede
Add lots of checks for memory allocation failure, error codes to indicate
...
failure and freeing up memory if a failure occurs.
PR:620
2004-12-05 01:03:15 +00:00
Richard Levitte
a2ac429da2
Don't use $(EXHEADER) directly in for loops, as most shells will break
...
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Andy Polyakov
2b247cf81f
OPENSSL_ia32cap final touches. Note that OPENSSL_ia32cap is no longer a
...
symbol, but a macro expanded as (*(OPENSSL_ia32cap_loc())). The latter
is the only one to be exported to application.
2004-08-29 16:36:05 +00:00
Andy Polyakov
746fc2526f
Fix compiler warnings in crypto/evp/bio_ok.c as pointed out by Geoff.
2004-08-29 16:19:27 +00:00
Dr. Stephen Henson
c128bb0fa2
Don't ignore return value of EVP_DigestInit_ex() in md BIOs and dgst utility.
2004-08-05 18:09:50 +00:00
Andy Polyakov
14e21f863a
Add framework for yet another assembler module dubbed "cpuid." Idea
...
is to have a placeholder to small routines, which can be written only
in assembler. In IA-32 case this includes processor capability
identification and access to Time-Stamp Counter. As discussed earlier
OPENSSL_ia32cap is introduced to control recently added SSE2 code
pathes (see docs/crypto/OPENSSL_ia32cap.pod). For the moment the
code is operational on ELF platforms only. I haven't checked it yet,
but I have all reasons to believe that Windows build should fail to
link too. I'll be looking into it shortly...
2004-07-26 20:18:55 +00:00
Andy Polyakov
0f71b77d5c
Make bio_ok.c Microsoft compiler savvy.
2004-07-25 20:13:30 +00:00
Andy Polyakov
3205db2bfe
Make bio_ok.c 64-bit savvy.
2004-07-25 19:37:41 +00:00
Richard Levitte
5906e8d5fe
I think it could be a good thing to know what went wrong with the tests...
2004-07-12 12:25:54 +00:00
Dr. Stephen Henson
c39c32dd65
PKCS#8 fixes from stable branch.
2004-07-04 16:44:52 +00:00
Andy Polyakov
31c2ac1cdc
EVP bindings to new SHA algorithms.
2004-05-31 13:14:08 +00:00
Geoff Thorpe
9c52d2cc75
After the latest round of header-hacking, regenerate the dependencies in
...
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
2004-05-17 19:26:06 +00:00
Geoff Thorpe
0f814687b9
Deprecate the recursive includes of bn.h from various API headers (asn1.h,
...
dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are
already declared in ossl_typ.h. Add explicit includes for bn.h in those C
files that need access to structure internals or API functions+macros.
2004-05-17 19:14:22 +00:00
Geoff Thorpe
7771b6c5b5
This file implements various functions that have since been redefined as
...
macros. I'm removing this from the NO_DEPRECATED build.
2004-05-15 18:26:15 +00:00
Andy Polyakov
9e0aad9fd6
size_t-fication of message digest APIs. We should size_t-fy more APIs...
2004-05-15 11:29:55 +00:00
Richard Levitte
1c7a0e2856
Reimplement old functions, so older software that link to libcrypto
...
don't crash and burn.
2004-05-14 17:56:30 +00:00
Geoff Thorpe
c57bc2dc51
make update
2004-04-19 18:33:41 +00:00
Geoff Thorpe
60a938c6bc
(oops) Apologies all, that last header-cleanup commit was from the wrong
...
tree. This further reduces header interdependencies, and makes some
associated cleanups.
2004-04-19 18:09:28 +00:00
Geoff Thorpe
3a87a9b9db
Reduce header interdependencies, initially in engine.h (the rest of the
...
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
2004-04-19 17:46:04 +00:00
Richard Levitte
ab23d5ffda
Add symbol hacks for some long names.
...
make update
2004-03-29 08:13:49 +00:00
Dr. Stephen Henson
216659eb87
Enhance EVP code to generate random symmetric keys of the
...
appropriate form, for example correct DES parity.
Update S/MIME code and EVP_SealInit to use new functions.
PR: 700
2004-03-28 17:38:00 +00:00
Richard Levitte
875a644a90
Constify d2i, s2i, c2i and r2i functions and other associated
...
functions and macros.
This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const. Those will be removed when this change has been
properly reviewed.
2004-03-15 23:15:26 +00:00
Dr. Stephen Henson
d4575825f1
Add flag to avoid continuous
...
memory allocate when calling EVP_MD_CTX_copy_ex().
Without this HMAC is several times slower than
< 0.9.7.
2004-02-01 13:39:51 +00:00
Richard Levitte
8d1ebe0bd1
Add the missing parts for DES CFB1 and CFB8.
...
Add the corresponding AES parts while I'm at it.
make update
2004-01-28 19:05:35 +00:00
Andy Polyakov
8c6336b0aa
CFB DES sync-up with FIPS branch.
2004-01-27 21:47:35 +00:00
Richard Levitte
112341031b
Correct documentation typos.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:04:54 +00:00
Richard Levitte
79b42e7654
Use sh explicitely to run point.sh
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:59:07 +00:00
Richard Levitte
d420ac2c7d
Use BUF_strlcpy() instead of strcpy().
...
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:40:17 +00:00
Richard Levitte
2fe9ab8e20
It was pointed out to me that if the requested size is 0, we shouldn't
...
ty to allocate anything at all. This will allow eNULL to still work.
PR: 751
Notified by: Lutz Jaenicke
2003-12-01 13:25:37 +00:00
Richard Levitte
1145e03870
Check that OPENSSL_malloc() really returned some memory.
...
PR: 751
Notified by: meder@mcs.anl.gov
Reviewed by: Lutz Jaenicke, Richard Levitte
2003-12-01 12:11:55 +00:00
Geoff Thorpe
2754597013
A general spring-cleaning (in autumn) to fix up signed/unsigned warnings.
...
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
2003-10-29 20:24:15 +00:00
Richard Levitte
5b6e7c8c65
Inclusion of openssl/engine.h should always be wrapped with a check that
...
OPENSSL_NO_ENGINE is not defined.
2003-08-04 10:12:36 +00:00
Bodo Möller
ada0e717fa
new function EC_GROUP_cmp() (used by EVP_PKEY_cmp())
...
Submitted by: Nils Larsch
2003-07-21 13:43:28 +00:00
Richard Levitte
eb3d68c454
Nils Larsch told me I could remove that variable entirely.
2003-06-26 11:52:23 +00:00
Richard Levitte
d55141ed7a
"Remove" unused variable
2003-06-26 10:23:00 +00:00
Bodo Möller
0fbffe7a71
implement PKCS #8 / SEC1 private key format for ECC
...
Submitted by: Nils Larsch
2003-06-25 21:35:05 +00:00
Richard Levitte
d1465bac90
make update
2003-05-01 04:10:32 +00:00
Richard Levitte
1a0c1f9052
make update
2003-04-10 20:11:09 +00:00
Richard Levitte
43eb3b0130
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form
...
of unneeded includes of openssl/engine.h.
2003-04-08 06:00:05 +00:00
Richard Levitte
7b36590b17
What was I smoking? EVP_PKEY_cmp() should return with 0 if
...
EVP_PKEY_cmp_parameters() returned 0, otherwise it should
go on processing the public key component. Thia has nothing
to do with the proper handling of EC parameters or not.
2003-04-07 10:15:32 +00:00
Richard Levitte
a8b728445c
Correct a typo.
...
Have EVP_PKEY_cmp() call EVP_PKEY_cmp_parameters(), and make a note
about the lack of parameter comparison for EC.
2003-04-07 10:09:44 +00:00
Richard Levitte
af0f0f3e8f
Constify
2003-04-06 15:31:18 +00:00
Richard Levitte
8d570498a2
Do not call ENGINE_setup_bsd_cryptodev() when OPENSSL_NO_ENGINE is defined.
...
PR: 564
2003-04-05 21:21:26 +00:00
Richard Levitte
e6526fbf4d
Add functionality to help making self-signed certificate.
2003-04-03 22:27:24 +00:00
Richard Levitte
be9bec9bc7
Make sure we get the definition of OPENSSL_NO_RSA.
2003-03-20 23:34:28 +00:00
Richard Levitte
9c35452842
Make sure we get the definition of OPENSSL_NO_HMAC and OPENSSL_NO_SHA.
2003-03-20 23:34:08 +00:00
Richard Levitte
69104cdf34
Make sure we get the definition of OPENSSL_NO_SHA.
2003-03-20 23:32:16 +00:00
Richard Levitte
dfefdb41f7
Make sure we get the definition of OPENSSL_NO_RIPEMD.
2003-03-20 23:31:56 +00:00
Richard Levitte
cd6ab56da0
Make sure we get the definition of OPENSSL_NO_MDC2.
2003-03-20 23:31:44 +00:00
Richard Levitte
c988c9b839
Make sure we get the definition of OPENSSL_NO_MD5.
2003-03-20 23:31:34 +00:00
Richard Levitte
bff8e1dddb
Make sure we get the definition of OPENSSL_NO_MD4.
2003-03-20 23:31:24 +00:00
Richard Levitte
641e6ef2cb
Make sure we get the definition of OPENSSL_NO_MD2.
2003-03-20 23:30:04 +00:00
Richard Levitte
9e9e8cb6a8
Make sure we get the definition of OPENSSL_NO_DES.
2003-03-20 23:29:38 +00:00
Richard Levitte
f118514501
Make sure we get the definition of OPENSSL_NO_RC5.
2003-03-20 23:29:26 +00:00
Richard Levitte
39c4b7092c
Make sure we get the definition of OPENSSL_NO_RC4.
2003-03-20 23:29:17 +00:00
Richard Levitte
c7e7fc3ee4
Make sure we get the definition of OPENSSL_NO_RC2.
2003-03-20 23:29:06 +00:00
Richard Levitte
786b0075d5
Make sure we get the definition of OPENSSL_NO_IDEA.
2003-03-20 23:28:55 +00:00
Richard Levitte
fb10590910
Make sure we get the definition of OPENSSL_NO_CAST.
2003-03-20 23:28:27 +00:00
Richard Levitte
abf21308d2
Make sure we get the definition of OPENSSL_NO_BF.
2003-03-20 23:28:16 +00:00
Richard Levitte
8c84b677e2
Make sure we get the definition of OPENSSL_NO_AES.
2003-03-20 23:28:03 +00:00
Dr. Stephen Henson
90e8a3102b
Fixes for EVP_DigestInit_ex() and OPENSSL_NO_ENGINE.
2003-03-12 02:31:40 +00:00
Dr. Stephen Henson
b8dc9693a7
Encryption BIOs misbehave when used with non blocking I/O.
...
Two fixes:
1. If BIO_write() fails inside enc_write() it should return the
total number of bytes successfully written.
2. If BIO_write() fails during BIO_flush() it should return immediately
with the error code: previously it would fall through to the final
encrypt, corrupting the buffer.
2003-02-27 14:07:59 +00:00
Bodo Möller
5c9a9c9c33
include OpenSSL license (in addition to EAY license)
2003-02-24 17:15:28 +00:00
Ulf Möller
b4f43344d5
Copy rather than symlink the test data.
...
This is needed because Windows doesn't support symlinks.
The Cygwin/MinGW build now passes "make test".
2003-02-22 22:19:48 +00:00
Dr. Stephen Henson
5562cfaca4
Base64 bio fixes. The base64 bio was seriously broken
...
when reading from a non blocking BIO.
It would incorrectly interpret retries as EOF, incorrectly
buffer initial data and have no buffering at all after initial
data (data would be sent one byte at a time to EVP_DecodeUpdate).
2003-02-22 02:12:52 +00:00
Dr. Stephen Henson
5672e3a321
Fix bug in base64 bios during write an non blocking I/O:
...
if the write fails when flushing the buffer return the
value to the application so it can retry.
2003-02-20 13:37:48 +00:00
Bodo Möller
37c660ff9b
implement fast point multiplication with precomputation
...
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
2003-02-06 19:25:12 +00:00
Ben Laurie
33cc07f79a
Fix warning.
2003-02-01 20:55:29 +00:00
Richard Levitte
5fe11c7533
The OPENSSL_NO_ENGINE has small problem: it changes certain structures. That's
...
bad, so let's not check OPENSSL_NO_ENGINE in those places. Fortunately, all
the header files where the problem existed include ossl_typ.h, which makes
a 'forward declaration' of the ENGINE type.
2003-01-30 18:52:46 +00:00
Richard Levitte
0b13e9f055
Add the possibility to build without the ENGINE framework.
...
PR: 287
2003-01-30 17:39:26 +00:00
Dr. Stephen Henson
59ae8c9419
EVP_DecryptInit() should call EVP_CipherInit() not EVP_CipherInit_ex().
2003-01-17 00:48:47 +00:00
Richard Levitte
c00cee00fd
FreeBSD has /dev/crypto as well.
...
PR: 462
2003-01-16 18:29:30 +00:00
Richard Levitte
5e42f9ab46
make update
2002-12-29 01:38:15 +00:00
Richard Levitte
7acf00a633
Finally get rid of all the algorithm inclusions that were done from
...
evp.h.
Application authors BEWARE! If you have had the habit to count on
evp.h to provide all those lower-level algorithm functions, you need
to think again! Please change your programs NOW, or you will be sorry
when 0.9.8 gets release (it's quite some time away...).
2002-12-29 01:37:35 +00:00
Richard Levitte
3dda0dd2a2
Some compilers are quite picky about non-void functions that don't return
...
anything.
2002-12-06 08:50:06 +00:00
Richard Levitte
848f735ae4
EXIT() needs to be in a function that returns int.
2002-12-01 01:23:35 +00:00
Richard Levitte
43d601641f
A few more memset()s converted to OPENSSL_cleanse().
...
I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343
2002-11-29 11:30:45 +00:00
Richard Levitte
55f78baf32
Have all tests use EXIT() to exit rather than exit(), since the latter doesn't
...
always give the expected result on some platforms.
2002-11-28 18:54:30 +00:00
Richard Levitte
4579924b7e
Cleanse memory using the new OPENSSL_cleanse() function.
...
I've covered all the memset()s I felt safe modifying, but may have missed some.
2002-11-28 08:04:36 +00:00
Ben Laurie
54a656ef08
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
Bodo Möller
8ee4845b65
'broken' PKCS #8 format does not apply to ECDSA
...
Submitted by: Nils Larsch
2002-10-28 14:13:38 +00:00
Richard Levitte
001ab3abad
Use double dashes so makedepend doesn't misunderstand the flags we
...
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:25:12 +00:00
Richard Levitte
293d5082c7
The OpenBSD project has replaced the first implementation of the /dev/crypto
...
engine with something they claim is better. I have nothing to compare to,
and I assume they know what they're talking about. The interesting part with
this one is that it's loaded by default on OpenBSD systems.
This change was originally introduced in OpenBSD's tracking of OpenSSL.
2002-10-02 00:19:33 +00:00
Bodo Möller
64376cd8ff
'EC' vs. 'ECDSA'
...
Submitted by: Nils Larsch
2002-08-16 11:19:07 +00:00
Dr. Stephen Henson
3f6db7f518
Fix block_size field for CFB and OFB modes: it should be 1.
2002-08-16 01:53:24 +00:00
Bodo Möller
5488bb6197
get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)
...
Submitted by: Nils Larsch
2002-08-12 08:47:41 +00:00
Bodo Möller
74cc4903ef
make update
2002-08-09 12:16:15 +00:00
Bodo Möller
14a7cfb32a
use a generic EC_KEY structure (EC keys are not ECDSA specific)
...
Submitted by: Nils Larsch
2002-08-07 10:49:54 +00:00
Lutz Jänicke
3aecef7697
"make update"
2002-07-30 12:44:33 +00:00
Bodo Möller
5dbd3efce7
Replace 'ecdsaparam' commandline utility by 'ecparam'
...
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.
Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.
Fix ec_asn1.c (take into account the desired conversion form).
'make update'.
Submitted by: Nils Larsch
2002-07-14 16:54:31 +00:00
Lutz Jänicke
7b63c0fa8c
Reorder inclusion of header files:
...
des_old.h redefines crypt:
#define crypt(b,s)\
DES_crypt((b),(s))
This scheme leads to failure, if header files with the OS's true definition
of crypt() are processed _after_ des_old.h was processed. This is e.g. the
case on HP-UX with unistd.h.
As evp.h now again includes des.h (which includes des_old.h), this problem
only came up after this modification.
Solution: move header files (indirectly) including e_os.h before the header
files (indirectly) including evp.h.
Submitted by:
Reviewed by:
PR:
2002-07-10 07:01:54 +00:00
Richard Levitte
17085b022c
Pass CFLAG to dependency makers, so non-standard system include paths are
...
handled properly.
Part of PR 75
2002-06-27 16:39:25 +00:00
Richard Levitte
4942ef6f0e
A number of includes were removed from evp.h some time ago. The reason
...
was that they weren't really needed any more for EVP itself. However,
it seems like soma applications (I know about OpenSSH, but there may
be more) used evp.h as the 'load all' header file, which makes sense
since we try our best to promote the use of EVP instead of the lower
level crypto algorithms. Therefore, I put the inclusions back so
the application authors don't get too shocked by all the errors they
would otherwise get.
Thanks to Theo de Raadt for making us aware of this.
2002-06-27 05:03:00 +00:00
Lutz Jänicke
bdb6171334
OpenSSL_add_all_algorithms has been replaced by configuration dependent
...
functions and is redirected by macros. Switch it off now, possible removal
later.
2002-06-16 10:18:25 +00:00
Lutz Jänicke
65ee74fbc7
Some more prototype fixes.
...
Use DECLARE macros in asn1* instead of direct declaration.
Submitted by: Goetz Babin-Ebell <babinebell@trustcenter.de>
Reviewed by:
PR: 89
2002-06-14 19:01:52 +00:00
Richard Levitte
6631a7e7f1
use sstrsep() to get the proper type to aoti().
...
Remove unneeded cast in ustrsep().
PR: 69
2002-06-03 15:27:46 +00:00
Richard Levitte
78055aa6a5
Add the AES test vectors from NIST document SP800-38A.
2002-05-31 13:13:43 +00:00
Richard Levitte
e6bd5e8a6d
Make it possible to give vectors only for decryption or encryption.
2002-05-31 13:12:49 +00:00
Richard Levitte
94f1b50c0f
For CFB and OFB modes, always create the encryption key.
2002-05-31 13:11:44 +00:00
Richard Levitte
bd54d55c1d
Declare the CFB and OFB modes for AES, and prepare for a declaration
...
of CTR mode.
2002-05-31 13:08:53 +00:00
Richard Levitte
9cdf87f194
Check the return values where memory allocation failures may happen.
...
PR: 49
2002-05-30 16:47:45 +00:00
Bodo Möller
46ffee4792
fix EVP_dsa_sha macro
...
Submitted by: Nils Larsch
2002-05-16 12:51:18 +00:00
Dr. Stephen Henson
544a2aea4b
Zero cipher_data in EVP_CIPHER_CTX_cleanup
...
Add cleanup calls to evp_test.c
Allow reuse of cipher contexts by removing
automatic cleanup in EVP_*Final().
2002-05-15 18:49:25 +00:00
Dr. Stephen Henson
e9ba69631b
EVP_SealFinal should return a value.
2002-05-11 17:37:08 +00:00
Lutz Jänicke
2940a1298e
Fix CRLF problem in BASE64 decode.
2002-04-15 09:55:40 +00:00
Bodo Möller
d0561b5c2d
fix ECDSA handling
...
Submitted by: Nils Larsch
2002-04-09 12:01:21 +00:00
Dr. Stephen Henson
3e268d2717
Ensure EVP_CipherInit() uses the correct encode/decode parameter if
...
enc == -1
[Reported by Markus Friedl <markus@openbsd.org>]
Fix typo in dh_lib.c (use of DSAerr instead of DHerr).
2002-03-16 23:20:05 +00:00
Dr. Stephen Henson
de941e289e
Initialize cipher context in KRB5
...
("D. Russell" <russelld@aol.net>)
Allow HMAC functions to use an alternative ENGINE.
2002-03-14 18:22:23 +00:00
Bodo Möller
690ecff795
Fixes for 'no-hw' combined with 'no-SOME_CIPHER'.
...
Fix dsaparam usage output.
Submitted by: Nils Larsch
2002-03-14 09:52:03 +00:00
Dr. Stephen Henson
bf6a9e66d6
Make ciphers and digests obtain an ENGINE functional reference
...
if impl is explicitly supplied.
2002-03-09 18:58:05 +00:00
Richard Levitte
87ebdd8a71
VMS addaptation, including a few more long names that needed hacking.
2002-02-28 13:17:40 +00:00
Richard Levitte
26414ee013
Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated
2002-02-28 12:42:19 +00:00
Richard Levitte
0d7b9b8b7e
make update, after moving around symbols in libeay.num to match
...
0.9.7-stable.
2002-02-26 14:41:29 +00:00
Dr. Stephen Henson
a3829cb720
Updates from stable branch.
2002-02-23 13:50:29 +00:00
Dr. Stephen Henson
e84be9b495
New OPENSSL_LOAD_CONF define to load openssl.cnf
...
when OpenSSL_add_all_algorithms() is called.
2002-02-23 01:00:44 +00:00
Richard Levitte
5b7848a345
Add comfy aliases for AES in CBC mode.
2002-02-20 17:59:49 +00:00
Richard Levitte
236be53269
gcc figures that the format specifier %2x means unsigned int, so let's
...
make n unsigned.
2002-02-20 13:50:36 +00:00
Richard Levitte
a6cd870784
The AES modes OFB and CFB are defined with 128 feedback bits. This
...
deviates from the "standard" 64 bits of feedback that all other
algorithms are using. Therefore, let's redo certain EVP macros to
accept different amounts of feedback bits for these modes.
Also, change e_aes.c to provide all usually available modes for AES.
CTR isn't included yet.
2002-02-16 12:39:07 +00:00
Bodo Möller
6cc3700314
don't call OPENSSL_config(), this does not make any sense during "make test"
2002-02-14 13:51:20 +00:00
Bodo Möller
4d94ae00d5
ECDSA support
...
Submitted by: Nils Larsch <nla@trustcenter.de>
2002-02-13 18:21:51 +00:00
Richard Levitte
de2f6e4dae
'make update'
2002-02-05 17:34:58 +00:00
Lutz Jänicke
2a81428489
Remove blanks at begin of empty lines irritating epv_test.c
2002-01-26 15:24:38 +00:00
Geoff Thorpe
f1c2a9de45
The 'type' parameter, an EVP_MD pointer, represents the type of digest
...
required as well as a default implementation (when no ENGINE provides a
replacement implementation). This change makes sure the correct
implementation's "init()" handler is used rather than assuming 'type'.
2002-01-25 03:13:50 +00:00
Richard Levitte
52b66a622d
Keep the NIST AES vectors that were there previously.
2002-01-24 18:09:50 +00:00
Richard Levitte
fe19c448f0
make update
...
libeay.num got tweaked so the old des symbols would retain their
positions.
2002-01-24 12:31:54 +00:00
Richard Levitte
7389c848d4
Use FIPS-197 vectors for AES. The NIST vectors were constructed by
...
reencrypting or redecrypting the ciphertext 10000 times, which of
course gives higly different results.
2002-01-21 17:55:38 +00:00
Richard Levitte
4d393410f3
Add more of the NIST test vectors for AES.
...
For some reason, they give incorrect results with the OpenSSL
implementation. I wonder why...
2002-01-21 16:09:45 +00:00
Ben Laurie
9dd5ae6553
Constification, add config to /dev/crypto.
2002-01-18 16:51:05 +00:00
Bodo Möller
e5d6528a12
fix EVP_CIPHER_mode macro
...
Submitted by: "Dan S. Camper" <dan@bti.net>
2002-01-04 13:04:45 +00:00
Richard Levitte
6f9079fd50
Because Rijndael is more known as AES, use crypto/aes instead of
...
crypto/rijndael. Additionally, I applied the AES integration patch
from Stephen Sprunk <stephen@sprunk.org> and fiddled it to work
properly with the normal EVP constructs (and incidently work the same
way as all other symmetric cipher implementations).
This results in an API that looks a lot like the rest of the OpenSSL
cipher suite.
2002-01-02 16:55:35 +00:00
Richard Levitte
c938563a81
The block size may be something other than 8!
2002-01-02 16:51:17 +00:00
Richard Levitte
40928698bb
When RSA or DSA are disabled, do not include the stuff that's specific
...
to them.
2002-01-02 12:45:51 +00:00
Bodo Möller
4d7072f4b5
remove redundant ERR_load_... declarations
2001-12-17 19:22:23 +00:00
Ben Laurie
ff3fa48fc7
Improve back compatibility.
2001-12-09 21:53:31 +00:00
Dr. Stephen Henson
6a0dec9584
Make EVP_SealInit() return the correct value.
2001-12-01 23:09:38 +00:00
Dr. Stephen Henson
b83eddc578
Win32 fixes.
2001-11-06 13:40:27 +00:00
Richard Levitte
c2e4f17c1a
Due to an increasing number of clashes between modern OpenSSL and
...
libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_. Compatibility routines are provided and declared by including
openssl/des_old.h. Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.
The compatibility functions will be removed in some future release, at
the latest in version 1.0.
2001-10-24 21:21:12 +00:00
Dr. Stephen Henson
581f1c8494
Modify EVP cipher behaviour in a similar way
...
to digests to retain compatibility.
2001-10-17 00:37:12 +00:00
Dr. Stephen Henson
20d2186c87
Retain compatibility of EVP_DigestInit() and EVP_DigestFinal()
...
with existing code.
Modify library to use digest *_ex() functions.
2001-10-16 01:24:29 +00:00
Richard Levitte
67d0738aba
In certain cases, no encoding has been set up for the b64 filter. In
...
such cases, a flush should *not* attempt to finalise the encoding, as
the EVP_ENCODE_CTX structure will only be filled with garbage. For
the same reason, do the same check when a wpending is performed.
2001-10-11 19:38:40 +00:00
Richard Levitte
dd5e774664
Add support for md4WithRSAEncryption.
2001-10-10 21:37:45 +00:00
Geoff Thorpe
cf98440178
evp_test.c and evptests.txt both need to be linked in the test/ directory
...
however for different reasons. This separation should prevent the win32
build from interpreting evptests.txt as source code.
2001-10-09 01:38:31 +00:00
Geoff Thorpe
c500d44735
Change some EVP prototypes to use "cipher" rather than "type" as a variable
...
name. The implementations already use this anyway.
2001-10-08 17:25:42 +00:00
Geoff Thorpe
18eda73234
EVP_EncryptInit_ex() and EVP_DecryptInit_ex() had been defined in evp.h but
...
not implemented. (Bug reported by Martin Szotkowski)
This also changes the non-"_ex" versions to defer directly to
EVP_CipherInit_ex() rather than EVP_CipherInit() to avoid an unecessary
level of indirection.
2001-10-08 17:24:10 +00:00
Richard Levitte
f8000b9345
'make update'
2001-10-04 07:49:09 +00:00
Richard Levitte
2aa9043ad3
Because there's chances we clash with the system's types.h, rename our
...
types.h to ossl_typ.h.
2001-10-04 07:32:46 +00:00
Dr. Stephen Henson
1a095560f7
Use the maximum block length for the extra size in the encrypt
...
BIO buffer instead of hard coding it as 8.
2001-10-03 12:47:03 +00:00
Dr. Stephen Henson
f329b8d73b
Make EVP_DecryptUpdate work again.
2001-10-02 16:19:49 +00:00
Dr. Stephen Henson
de822715b2
Constify EVP_SealInit, EVP_OpenInit
2001-09-28 01:47:36 +00:00
Ben Laurie
0fea7ed4a4
Don't clean up stuff twice.
2001-09-26 15:15:03 +00:00
Geoff Thorpe
11a57c7be5
This changes EVP's cipher and digest code to hook via the ENGINE support.
...
See crypto/engine/README for details.
- it also removes openbsd_hw.c from the build (that functionality is
going to be available in the openbsd ENGINE in a upcoming commit)
- evp_test has had the extra initialisation added so it will use (if
possible) any ENGINEs supporting the algorithms required.
2001-09-25 21:37:02 +00:00
Geoff Thorpe
cb78486d97
This commits changes to various parts of libcrypto required by the recent
...
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGINE. Previously their use of
"method" pointers was replaced by use of ENGINE references. See
crypto/engine/README for details.
Also, remove the ENGINE iterations from evp_test - even when the
cipher/digest code is committed in, this functionality would require a
different set of API calls.
2001-09-25 20:23:40 +00:00
Dr. Stephen Henson
591ccf586d
Fix AES CBC mode EVP_CIPHER structures: the IV length is always
...
16.
2001-09-25 13:49:58 +00:00
Geoff Thorpe
e059b19ddb
Add a SHA1 test to evptests.txt - only the MD5 hash algorithm was being
...
tested previously.
2001-09-14 18:21:36 +00:00
Geoff Thorpe
997a54c981
'evp_test' needs to initialise and cleanup EVP_CIPHER_CTX structures. Also,
...
fix a typo and add cleanup operations. This also switches on memory leak
checking (which is how the rest was found).
2001-09-14 18:20:44 +00:00
Bodo Möller
5a85385387
typo
2001-09-10 16:57:06 +00:00
Bodo Möller
5e54b4f364
Get rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case
...
distinction (which does not work well because if CRYPTO_MDEBUG is
defined at library compile time, it is not necessarily defined at
application compile time; and memory debugging now can be reconfigured
at run-time anyway). To get the intended semantics, we could just use
the EVP_DigestInit_dbg unconditionally (which uses the caller's
__FILE__ and __LINE__ for memory leak debugging), but this would make
memory debugging inconsistent. Instead, callers can use
CRYPTO_push_info() to track down memory leaks.
2001-09-10 15:00:30 +00:00
Bodo Möller
5ba372b17c
Get rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case
...
distinction (which does not work well because if CRYPTO_MDEBUG is
defined at library compile time, it is not necessarily defined at
application compile time; and memory debugging now can be reconfigured
at run-time anyway). To get the intended semantics, we could just use
the EVP_DigestInit_dbg unconditionally (which uses the caller's
__FILE__ and __LINE__ for memory leak debugging), but this would make
memory debugging inconsistent. Instead, callers can use
CRYPTO_push_info() to track down memory leaks.
Also fix indentation, and add OpenSSL copyright.
2001-09-10 14:59:17 +00:00
Ben Laurie
e8330cf5ac
Add a cleanup function for MDs.
2001-09-07 12:03:24 +00:00
Geoff Thorpe
e815d3015e
Change DH_up() -> DH_up_ref()
2001-09-05 17:02:35 +00:00
Ulf Möller
5b46eee0f5
strsep implementation to allow the file to compile on non-BSD systems
...
Submitted by: "Brian Havard" <brianh@kheldar.apana.org.au>
2001-09-04 22:19:06 +00:00
Bodo Möller
6ac4e8bd6e
Rename recently introduced functions for improved code clarity:
...
[DR]SA_up => [DR]SA_up_ref
2001-09-03 13:40:07 +00:00
Bodo Möller
931a23a5a5
rearrange #includes because trying to include <crypto/cryptodev.h>
...
is a bad idea if OPENSSL_OPENBSD_DEV_CRYPTO is not defined
2001-09-03 12:37:13 +00:00
Ben Laurie
2618893114
Make MD functions take EVP_MD_CTX * instead of void *, add copy() function.
2001-09-02 20:05:27 +00:00
Geoff Thorpe
e19ea55783
Only OPENSSL_free() non-NULL pointers.
2001-09-01 18:37:17 +00:00
Ulf Möller
8716dbea40
undo, didn't work
2001-09-01 05:59:27 +00:00
Ulf Möller
e9bc66c84f
*** empty log message ***
2001-09-01 05:30:45 +00:00
Ulf Möller
c078798c60
strsep implementation to allow the file to compile on non-BSD systems
...
Submitted by: "Brian Havard" <brianh@kheldar.apana.org.au>
2001-09-01 05:05:32 +00:00
Ben Laurie
1f3b65801b
Fix SSL memory leak.
2001-08-28 13:45:41 +00:00
Ben Laurie
4897dc4056
Test digests.
2001-08-26 17:09:31 +00:00
Ben Laurie
35e33f0e52
Add digests.
2001-08-26 17:09:00 +00:00
Geoff Thorpe
78435364ec
Changes crypto/evp/ and ssl/ code from directly incrementing reference
...
counts in DH, DSA, and RSA structures. Instead they use the new "***_up()"
functions that handle this.
2001-08-25 17:28:23 +00:00
Ben Laurie
c41ab9ade5
More tests.
2001-08-22 16:09:57 +00:00
Ben Laurie
82b2230527
Add RC4 support to OpenBSD.
2001-08-18 16:04:36 +00:00
Ben Laurie
a8a004987c
Add AES tests.
2001-08-18 16:02:52 +00:00
Ben Laurie
0e36019977
Add EVP test program.
2001-08-18 13:53:01 +00:00
Ben Laurie
354c3ace73
Add first cut symmetric crypto support.
2001-08-18 10:22:54 +00:00
Ben Laurie
f0446ca8d7
Move CIPHER_CTX cleanups to _Final routines instead of _Init, which avoids
...
problems with leaks and uninitialised structures.
2001-08-11 11:32:54 +00:00
Bodo Möller
e51d1321fc
More typedef'd struct names as search targets
2001-08-06 11:57:08 +00:00
Bodo Möller
b9fdb3eb99
Reinsert typedef'ed names for structs to help those trying to read the
...
sourcecode (including fgrep)
2001-08-06 11:49:31 +00:00
Ben Laurie
d66ace9da5
Start to reduce some of the header bloat.
2001-08-05 18:02:16 +00:00
Ben Laurie
db75357110
Fix memory leak.
2001-08-05 16:13:49 +00:00
Ben Laurie
0713f8abe6
Parameter correction for CIOFSESSION.
2001-08-04 12:16:56 +00:00
Ben Laurie
93d9121a77
Remove extra whitespace. Sorry.
2001-08-03 21:09:21 +00:00
Ben Laurie
92dad6cc84
Reinstate accidentally deleted code.
2001-08-03 19:00:43 +00:00
Ben Laurie
61454a9f8c
Get rid of the stuff we, err, got rid of.
2001-08-03 18:52:50 +00:00
Ben Laurie
bb2297a41d
Header bloat reduction for EVP_PKEY.
2001-08-03 18:48:35 +00:00
Ben Laurie
1ba01caaa3
Make /dev/crypto work with new EVP structures.
2001-08-03 11:54:37 +00:00
Richard Levitte
710e5d5639
make update
2001-07-31 17:07:24 +00:00
Richard Levitte
dbfc0f8c2b
Vade retro C++ comments!
...
(Latin for "comments", anyone?)
2001-07-31 09:15:52 +00:00
Ben Laurie
05bbf78afd
Remove //.
2001-07-31 06:47:23 +00:00
Ben Laurie
dbad169019
Really add the EVP and all of the DES changes.
2001-07-30 23:57:25 +00:00
Ben Laurie
0e06354402
ANSIfication.
2001-07-30 15:33:46 +00:00
Dr. Stephen Henson
dc706cd35f
Make sure *outl is always initialized in EVP_EncryptUpdate().
2001-07-27 02:24:47 +00:00
Richard Levitte
47c3448a97
Not all platforms have the OpenBSD crypto device.
2001-07-21 11:54:24 +00:00
Ben Laurie
c518ade1fd
Clean up EVP macros, rename DES EDE3 modes correctly, temporary support for
...
OpenBSD /dev/crypto (this will be revamped later when the appropriate machinery
is available).
2001-07-21 10:24:07 +00:00
Ben Laurie
c148d70978
A better compromise between encrypt and decrypt (but why isn't it as fast
...
for encrypt?).
2001-07-09 21:00:36 +00:00
Ben Laurie
7b6055d1af
Handle the common case first (where input size is a multiple of block size).
...
Worth around 5% for encrypt. Slows down decrypt slightly, but I expect to
regain that later.
2001-07-08 19:42:10 +00:00
Ben Laurie
f31b12503e
Use & instead of % - worth about 4% for 8 byte blocks.
2001-07-08 17:27:32 +00:00
Dr. Stephen Henson
323f289c48
Change all calls to low level digest routines in the library and
...
applications to use EVP. Add missing calls to HMAC_cleanup() and
don't assume HMAC_CTX can be copied using memcpy().
Note: this is almost identical to the patch submitted to openssl-dev
by Verdon Walker <VWalker@novell.com> except some redundant
EVP_add_digest_()/EVP_cleanup() calls were removed and some changes
made to avoid compiler warnings.
2001-06-19 22:30:40 +00:00
Ben Laurie
09a2615fb2
Delete a redundant line.
2001-06-16 21:51:26 +00:00
Dr. Stephen Henson
76c919c1a3
Add missing variable length cipher flag for Blowfish.
...
Only use trust settings if either trust or reject settings
are present, otherwise use compatibility mode. This stops
root CAs being rejected if they have alias of keyid set.
2001-05-24 22:58:35 +00:00
Richard Levitte
9a310a5d4e
make update
2001-05-06 23:51:37 +00:00
Richard Levitte
a63d5eaab2
Add a general user interface API. This is designed to replace things
...
like des_read_password and friends (backward compatibility functions
using this new API are provided). The purpose is to remove prompting
functions from the DES code section as well as provide for prompting
through dialog boxes in a window system and the like.
2001-05-06 23:19:37 +00:00
Lutz Jänicke
854e076df8
Constify (Jason Molenda <jason@molenda.com>)
2001-04-14 14:50:02 +00:00
Richard Levitte
77dd9c1850
Add the possibility to have AES removed in Windows as well.
...
Spotted by Harald Koch <chk@pobox.com>
2001-04-08 04:35:58 +00:00
Bodo Möller
4e20b1a656
Instead of telling both 'make' and the user that ranlib
...
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
2001-03-09 14:01:42 +00:00
Dr. Stephen Henson
1358835050
Change the EVP_somecipher() and EVP_somedigest()
...
functions to return constant EVP_MD and EVP_CIPHER
pointers.
Update docs.
2001-03-09 02:51:02 +00:00
Dr. Stephen Henson
2dc769a1c1
Make EVP_Digest*() routines return a value.
...
TODO: update docs, and make soe other routines
which use EVP_Digest*() check return codes.
2001-03-08 14:04:22 +00:00