Commit graph

437 commits

Author SHA1 Message Date
Dr. Stephen Henson
2f0550c4c1 Lookup public key ASN1 methods by string by iterating through all
implementations instead of all added ENGINEs to cover case where an
ENGINE is not added.
2007-11-21 17:25:58 +00:00
Dr. Stephen Henson
a6fbcb4220 Change safestack reimplementation to match 0.9.8.
Fix additional gcc 4.2 value not used warnings.
2007-09-07 13:25:15 +00:00
Andy Polyakov
bb11c28246 Minor clean-up in crypto/engine. 2006-12-29 10:55:43 +00:00
Andy Polyakov
00b4e083fd Move eng_padlock.c to ./engines.
Submitted by: Michal Ludvig <michal@logix.cz>
2006-12-29 10:42:24 +00:00
Nils Larsch
69d4646f4e register the engine as default engine in ENGINE_set_default()
PR: 1431
2006-11-24 18:37:43 +00:00
Dr. Stephen Henson
47a9d527ab Update from 0.9.8 stable. Eliminate duplicate error codes. 2006-11-21 21:29:44 +00:00
Andy Polyakov
a6efc2d1b8 Fix mingw warnings. 2006-10-23 07:41:05 +00:00
Andy Polyakov
08a638237d Allow for mingw cross-compile configuration. 2006-10-23 07:30:19 +00:00
Andy Polyakov
3634d7e97a Gcc over-optimizes PadLock AES CFB codepath, tell it not to. 2006-10-19 20:55:05 +00:00
Dr. Stephen Henson
44181ea836 Add missing prototype. Fix various warnings (C++ comments, ; outside function). 2006-09-21 13:24:46 +00:00
Dr. Stephen Henson
ffa5ebf3f4 Compile in gost engine. 2006-09-21 13:07:57 +00:00
Ben Laurie
777c47acbe Make things static that should be. Declare stuff in headers that should be.
Fix warnings.
2006-08-28 17:01:04 +00:00
Bodo Möller
f3dea9a595 Camellia cipher, contributed by NTT
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:44:59 +00:00
Dr. Stephen Henson
41eacc84a0 Clarify comment and add #ifdef. 2006-06-05 12:38:22 +00:00
Dr. Stephen Henson
01b8b3c7d2 Complete EVP_PKEY_ASN1_METHOD ENGINE support. 2006-06-05 11:52:46 +00:00
Dr. Stephen Henson
e18e3eba76 Make update. 2006-06-02 17:54:47 +00:00
Dr. Stephen Henson
de9fcfe348 Initial public key ASN1 method engine support. Not integrated yet. 2006-06-02 17:52:27 +00:00
Dr. Stephen Henson
7e5b06813d Automatically free up dynamically allocated public key methods when
and ENGINE is destroyed.
2006-06-02 17:09:17 +00:00
Dr. Stephen Henson
1892c8bf97 Extend default method string to include public key methods.
Add missing prototypes.

Fix engine method lookup.
2006-06-02 13:09:59 +00:00
Dr. Stephen Henson
c9777d2659 Add ENGINE support for EVP_PKEY_METHOD including lookups of ENGINE
implementations and functional reference counting when a context
is allocated, free or copied.
2006-06-02 12:33:39 +00:00
Dr. Stephen Henson
e0c1ea9038 Fix error code. make update 2006-06-01 12:43:39 +00:00
Dr. Stephen Henson
6f88c6a634 Add missing prototype. Extend engine utility to print public key algorithms. 2006-06-01 12:38:22 +00:00
Dr. Stephen Henson
58aa573ac2 Add engine table for EVP_PKEY_METHOD. Doesn't do much yet. 2006-06-01 11:38:50 +00:00
Dr. Stephen Henson
1a5a1a93f6 Stop compiler warnings. 2006-03-20 11:44:34 +00:00
Andy Polyakov
34b537ee66 Fix CFB and OFB modes in eng_padlock.c. Engine was consistent with itself,
but not interoperable with the rest of the world. test_padlock script is
added mostly for reference.
2005-12-28 16:16:56 +00:00
Andy Polyakov
6c06918ede Lower PADLOCK_CHUNK till value, which doesn't affect the benchmark results.
Well, it's even contrary, 512 was observed to *improve* performance by 5%.
Excuse ourselves from treating C7 specially.
2005-12-27 21:21:56 +00:00
Dr. Stephen Henson
fbf002bb88 Update from stable branch. 2005-11-06 17:58:26 +00:00
Nils Larsch
4b08da5538 bugfix: register engine as default engine in ENGINE_set_default_DSA
Submitted by: Jonathon Green
2005-09-09 07:50:09 +00:00
Nils Larsch
8215e7a938 fix warnings when building openssl with the following compiler options:
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
        -Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
        -Wstrict-prototypes -Wreturn-type -Wpointer-arith  -W -Wunused
        -Wno-unused-parameter -Wuninitialized
2005-08-28 22:49:57 +00:00
Nils Larsch
9a1a5b8785 avoid infinite recursion if dynamic engine isn't loaded
Submitted by: Jonathon Green <jonathon_au@yahoo.com>
2005-08-06 10:46:19 +00:00
Nils Larsch
3eeaab4bed make
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
    	make depend all test
work again

PR: 1159
2005-07-16 12:37:36 +00:00
Nils Larsch
63d740752f changes from 0.9.8 2005-05-31 18:22:53 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
2005-05-16 16:55:47 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
c596c795bf Typo. 2005-05-12 17:28:53 +00:00
Bodo Möller
8afca8d9c6 Fix more error codes.
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
2005-05-11 03:45:39 +00:00
Dr. Stephen Henson
987bebaf8c New "algorithm define" OPENSSL_NO_GMP. Update mkdef.pl and Configure script
to use it.
2005-04-19 13:24:44 +00:00
Andy Polyakov
2b85e23d2e Prototype mnemonics in padlock_verify_context for better portability
[read support for Solaris assembler].
2005-04-14 07:47:10 +00:00
Andy Polyakov
026bb0b96a Fix for bug emerged in openvpn conext. 2005-04-14 07:41:29 +00:00
Dr. Stephen Henson
29dc350813 Rebuild error codes. 2005-04-12 16:15:22 +00:00
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Andy Polyakov
f8fa22d826 Some non-GNU compilers (such as Sun C) define __i386. 2005-04-04 17:05:06 +00:00
Ben Laurie
41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Andy Polyakov
e532a6c449 FreeBSD 5 refuses to #include <malloc.h>. Fix compiler warning after
http://cvs.openssl.org/chngview?cn=12843.
2005-01-25 22:07:22 +00:00
Andy Polyakov
e7e1150706 "Monolithic" x86 assembler replacement for aes_core.c. Up to +15% better
performance on recent microarchitectures.
2005-01-13 15:35:44 +00:00
Richard Levitte
3c97bd833b Change libeay.num so it's synchronised with additions in 0.9.7-stable.
make update
2004-12-13 22:57:08 +00:00
Richard Levitte
a2ac429da2 Don't use $(EXHEADER) directly in for loops, as most shells will break
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Richard Levitte
c38ff58b6b Move the declaration of alloca() so it's ony declared when really
necessary.
2004-09-27 21:59:44 +00:00
Geoff Thorpe
c743966156 Nils Larsch reported that this include is required. Strange that this had
gone unnoticed ...
2004-09-24 23:37:52 +00:00
Richard Levitte
6f9bafafa3 - There's no more need for the snprintf macro.
- Move the inclusion of malloc.h until after all other includes, so we
  can do proper tests of system macros.
- Make sure the correct header file is included to get the builtin
  "alloca" under VMS, and define a macro to map the symbol 'alloca' to
  it.
2004-09-13 09:15:06 +00:00
Richard Levitte
d813ff2ac1 make update 2004-09-10 10:30:33 +00:00
Andy Polyakov
36734b2bab Make VIA Padlock engine more platform friendly and eliminate compiler
warning.

Submitted by: Doug Kaufman <dkaufman@rahul.net>
2004-09-09 14:54:12 +00:00
Dr. Stephen Henson
d993addbed Stop compiler warnings. 2004-09-06 18:37:46 +00:00
Andy Polyakov
526975906b Minor VIA Padlock engine update: eliminate -Wunused warning when *not*
compiling the engine and inline memcpy in performance critical pathes.
2004-08-24 09:01:09 +00:00
Andy Polyakov
b88606c28e Padlock engine update to fix a typo in MSC assembler and to address
potential corruption problem if user manages to inter-leave aligined
and misaligned requests [as well as some MSC-specific tweaks].
2004-08-04 12:58:26 +00:00
Andy Polyakov
7d15a556f8 Minor clean-up to make Microsoft compiler shut up. 2004-08-02 21:54:40 +00:00
Andy Polyakov
5b17246324 VIA C3 processor extends IA-32 instruction set with instuctions
performing AES encryption in hardware, as well as one accessing
hardware RNG. As you surely imagine this engine access this
extended instruction set. Well, only AES for the moment, support
for RNG is to be added later on...
PR: 889
Submitted by: Michal Ludvig <michal@logix.cz>

Obtained from: http://www.logix.cz/michal/devel/padlock/
2004-08-02 21:48:11 +00:00
Geoff Thorpe
340f5856ec Incomplete initial sweep over the engine code. Mainly reducing some
comment-noise to managable levels and inverting the sense of the "uptodate"
boolean (which was counter-intuitive the way I'd left it).
2004-06-19 03:58:42 +00:00
Geoff Thorpe
1275c4569e Minor change to group like functions together. 2004-06-17 23:35:45 +00:00
Richard Levitte
132fc53223 Typo, setting the first element of nids[] to NULL instead of setting
*cnids.
2004-06-15 11:45:42 +00:00
Geoff Thorpe
9081980565 This fixes the installation target for dynamic engines, which was trying to
install to a different location than it had created. (BTW, VMS will need a
matching fix in eng_list.c.) Note, these aren't ssl-specific, so I'm
putting "engines/" into the libs directory rather than at the "--prefix"
level or inside "ssl/".
2004-06-01 03:18:58 +00:00
Geoff Thorpe
9c52d2cc75 After the latest round of header-hacking, regenerate the dependencies in
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
2004-05-17 19:26:06 +00:00
Geoff Thorpe
ac0d0a5ecd I can't verify this directly, but recent changes will probably require that
the cryptodev implementation include bn.h directly (when building with
OPENSSL_NO_DEPRECATED that is).
2004-05-17 18:58:47 +00:00
Andy Polyakov
9e0aad9fd6 size_t-fication of message digest APIs. We should size_t-fy more APIs... 2004-05-15 11:29:55 +00:00
Geoff Thorpe
c57bc2dc51 make update 2004-04-19 18:33:41 +00:00
Geoff Thorpe
28ded31b97 More updates for the header cleanups (and apologies, again, for not having
consolidated these prior to committing).
2004-04-19 18:30:41 +00:00
Geoff Thorpe
60a938c6bc (oops) Apologies all, that last header-cleanup commit was from the wrong
tree. This further reduces header interdependencies, and makes some
associated cleanups.
2004-04-19 18:09:28 +00:00
Geoff Thorpe
3a87a9b9db Reduce header interdependencies, initially in engine.h (the rest of the
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
2004-04-19 17:46:04 +00:00
Geoff Thorpe
ea77fc3380 ... and this should likewise fix up those RSA implementations that weren't
already built and tested.
2004-03-25 02:55:17 +00:00
Richard Levitte
7cf803230b OpenBSD-internal changes.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:02:56 +00:00
Richard Levitte
79b42e7654 Use sh explicitely to run point.sh
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:59:07 +00:00
Richard Levitte
d420ac2c7d Use BUF_strlcpy() instead of strcpy().
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:40:17 +00:00
Richard Levitte
3822740ce3 We're getting a clash with C++ because it has a type called 'list'.
Therefore, change all instances of the symbol 'list' to something else.

PR: 758
Submitted by: Frédéric Giudicelli <groups@newpki.org>
2003-11-29 10:25:37 +00:00
Lutz Jänicke
d7559f16cd Free "engine" resource in case of failure to prevent memory leak
PR: #778
Submitted by: George Mitchell <george@m5p.com>
2003-11-24 16:48:52 +00:00
Geoff Thorpe
6145b0b183 The "cryptodev" engine preprocessor logic used undefined symbols in
comparisons. It's better not to allow this, because it gives false
positives when using compiler warnings that detect mistyped symbols.
2003-10-29 04:00:14 +00:00
Richard Levitte
dfc3151925 The definition of dynamic_ctrl() should change along with the
declaration :-).
2003-06-26 07:03:49 +00:00
Richard Levitte
834ac33a37 dynamic_ctrl() didn't have exactly the same prototype as defined by
ENGINE_CTRL_FUNC_PTR.
2003-06-19 16:57:38 +00:00
Richard Levitte
e31047744a Make sure the function definitions match their declaration. 2003-06-04 09:11:15 +00:00
Richard Levitte
0239876511 Remove certain functions 2003-05-19 23:03:43 +00:00
Richard Levitte
9ee789e6c3 Yeah, right, an object file ending with .c, that'll work! 2003-05-03 06:58:08 +00:00
Richard Levitte
7f6af7d9db Get the year right... 2003-05-01 20:15:35 +00:00
Richard Levitte
3bbb0212f3 Add STORE support in ENGINE. 2003-05-01 03:57:46 +00:00
Geoff Thorpe
bba2cb3ada Fix a bone-head bug. This warrants a CHANGES entry because it could affect
applications if they were passing a bogus 'flags' parameter yet having
things work as they wanted anyway.
2003-03-13 20:28:42 +00:00
Geoff Thorpe
b653327d47 Declare prototypes for function pointer types, even if they are likely to
be cast later on.
2003-02-15 20:32:13 +00:00
Ben Laurie
33cc07f79a Fix warning. 2003-02-01 20:55:29 +00:00
Richard Levitte
0b13e9f055 Add the possibility to build without the ENGINE framework.
PR: 287
2003-01-30 17:39:26 +00:00
Geoff Thorpe
f3c22ef10d This glues the GMP wrapper ENGINE into OpenSSL if it is being built (ie. if
the OPENSSL_USE_GMP symbol is defined). Also, I've re-ordered the listing
of other builtin ENGINEs to be alphabetical (though "dynamic" will still
come first).
2003-01-30 15:49:03 +00:00
Richard Levitte
0c3426da86 Missing 0 broke FreeBSD build.
PR: 470
2003-01-23 08:10:04 +00:00
Richard Levitte
c00cee00fd FreeBSD has /dev/crypto as well.
PR: 462
2003-01-16 18:29:30 +00:00
Lutz Jänicke
018c56fdca Armor against systems without ranlib...
Submitted by: Thierry Lelegard <thierry.lelegard@canal-plus.fr>

PR: 461
2003-01-16 17:22:30 +00:00
Richard Levitte
5e42f9ab46 make update 2002-12-29 01:38:15 +00:00
Geoff Thorpe
4329db3726 The ampersand is not required in these constructs, and was giving AIX
warnings.

Reported by: Bernhard Simon.
2002-12-13 22:01:46 +00:00
Richard Levitte
b84d5b72f1 Make sure to implement the cryptodev engine only when /dev/crypto exists. 2002-12-05 10:16:28 +00:00
Richard Levitte
439ae4d398 Do not implement RC4 stuff if RC4 is disabled. Concequently, apply the same
rule for SHA stuff.
PR: 381
2002-12-04 22:54:02 +00:00
Richard Levitte
7a1f92fdc3 Windows CE updates, contributed by Steven Reddie <smr@essemer.com.au> 2002-12-03 14:20:44 +00:00
Richard Levitte
0bf23d9b20 WinCE patches 2002-11-15 22:37:18 +00:00
Richard Levitte
db199abd9e Depend on OPENSSL_NO_STATIC_ENGINE rather than OPENSSL_NO_DYNAMIC_ENGINE.
Make sure to include openssl/opensslconf.h to make sure we get the
definition of those macros.
2002-11-01 12:37:22 +00:00
Bodo Möller
259cdf2af9 Sun has agreed to removing the covenant language from most files.
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
2002-10-29 10:59:32 +00:00
Richard Levitte
6cb686208e For the mkdef.pl to recognise if the "external" engines are inserted
into libcrypto, we need the "algorithm" STATIC_ENGINE.
2002-10-24 19:09:03 +00:00
Geoff Thorpe
0587ec2645 If dynamically-loadable ENGINEs are linked against a shared-library version
of libcrypto, then it is possible that when they are loaded they will share
the same static data as the loading application/library. This means it will
be too late to set memory/ERR/ex_data/[etc] callbacks, but entirely
unnecessary to try. This change puts a static variable in the core ENGINE
code (contained in libcrypto) and a function returning a pointer to it. If
the loaded ENGINE's return value from this function matches the loading
application/library's return value - they share static data. If they don't
match, the loaded ENGINE has its own copy of libcrypto's static data and so
the callbacks need to be set.

Also, although 0.9.7 hasn't been released yet, it's clear this will
introduce a binary incompatibility between dynamic ENGINEs built for 0.9.7
and 0.9.8 (though others probably exist already from EC_*** hooks and
what-not) - so the version control values are correspondingly bumped.
2002-10-18 20:45:38 +00:00
Geoff Thorpe
314c667050 - Remo Inverardi noticed that ENGINEs don't have an "up_ref" function in the
normal 'structural' case (ENGINE_init() satisfies this in the less normal
'functional' case). This change provides such a function.

- Correct some "read" locks that should actually be "write" locks.

- make update.
2002-10-16 01:29:37 +00:00
Richard Levitte
677532629d makedepend complains when a header file is included more than once in
the same source file.
2002-10-14 10:02:36 +00:00
Richard Levitte
75871dda4b Step 13 of move of engines: Remove old files. 2002-10-11 18:52:42 +00:00
Richard Levitte
aae329c447 Step 11c of move of engines: Time to make the changes to support
automatic load of dynamic engines.  Change the iterator to try to load
the requested engine dynamically.  The environment variable
OPENSSL_ENGINES can be used to override the internal default directory
where one can expect to find dynamically loadable engines.

Note: The changes in step 11 have all been made by Geoff Thorpe.
Credit where credit is due.
2002-10-11 18:49:55 +00:00
Richard Levitte
02acf1409e Step 11b of move of engines: Time to make the changes to support
automatic load of dynamic engines.  Add functionality to the dynamic
engine to handle engine directories and loading from those.  This
is currently NOT compatible with the use of LD_LIBRARY_PATH and
similar environment variables.

Note: The changes in step 11 have all been made by Geoff Thorpe.
Credit where credit is due.
2002-10-11 18:47:51 +00:00
Richard Levitte
6ac3309c74 Step 11a of move of engines: Time to make the changes to support
automatic load of dynamic engines.  Unless we don't have shared
library support, do not try to load any "built-in" engines except for
cryptodev.
2002-10-11 18:42:54 +00:00
Richard Levitte
1b15cfa11d Step 10 of move of engines: Change crypto/engine/Makefile.ssl so we
don't build any "built-in" engines in that directory any more, except
fo the cryptodev one.
2002-10-11 18:40:47 +00:00
Richard Levitte
76dfca879f Step 9 of move of engines: rename crypto/engine/hw_cryptodev.c to
eng_cryptodev.c.  This is an engine that (at least currently) has
to be built in.
2002-10-11 18:38:26 +00:00
Richard Levitte
001ab3abad Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:25:12 +00:00
Dr. Stephen Henson
74e3931f84 Various Win32 fixes.
Resolve signed/unsigned conflicts

Make dso_win32.c compile.
2002-10-06 12:14:55 +00:00
Richard Levitte
6fed88113b For some reason, the random number support removed the destructor 2002-10-05 20:54:09 +00:00
Dr. Stephen Henson
3d840c827f make update 2002-10-04 21:16:58 +00:00
Richard Levitte
0638ced5cc Add random number generation capability to the cswift engine.
Should this be added to 0.9.6-stable as well?
PR: 275
2002-10-04 13:30:57 +00:00
Richard Levitte
20b33a015f Removal missing 2002-10-02 00:22:44 +00:00
Richard Levitte
293d5082c7 The OpenBSD project has replaced the first implementation of the /dev/crypto
engine with something they claim is better.  I have nothing to compare to,
and I assume they know what they're talking about.  The interesting part with
this one is that it's loaded by default on OpenBSD systems.
This change was originally introduced in OpenBSD's tracking of OpenSSL.
2002-10-02 00:19:33 +00:00
Richard Levitte
cd98ab6491 Incorrect argument order to memset() 2002-09-25 12:52:13 +00:00
Richard Levitte
b3823ac64b Missing ; 2002-09-25 12:49:40 +00:00
Geoff Thorpe
41cc7096b8 Fix a bug to allow the 4758 ENGINE to build as a DSO. 2002-08-28 19:11:08 +00:00
Dr. Stephen Henson
e88479243c Change C++ style comments 2002-08-22 23:03:04 +00:00
Bodo Möller
74cc4903ef make update 2002-08-09 12:16:15 +00:00
Bodo Möller
56939728b7 ECDH engine support
Submitted by: Douglas Stebila
2002-08-09 09:39:11 +00:00
Bodo Möller
e172d60ddb Add ECDH support.
Additional changes:
 - use EC_GROUP_get_degree() in apps/req.c
 - add ECDSA and ECDH to apps/speed.c
 - adds support for EC curves over binary fields to ECDSA
 - new function EC_KEY_up_ref() in crypto/ec/ec_key.c
 - reorganize crypto/ecdsa/ecdsatest.c
 - add engine support for ECDH
 - fix a few bugs in ECDSA engine support

Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-09 08:43:04 +00:00
Richard Levitte
ba8fb52183 Certain flag macros were tested with #if instead if #ifdef... 2002-08-02 11:13:37 +00:00
Lutz Jänicke
c046fffa16 OpenSSL Security Advisory [30 July 2002]
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
2002-07-30 13:04:04 +00:00
Lutz Jänicke
3aecef7697 "make update" 2002-07-30 12:44:33 +00:00
Richard Levitte
6d9116f83d If DH is disabled, don't define the DH functions.
Notified by Kim Hellan <KHE@kmd.dk>
2002-07-22 14:18:11 +00:00
Bodo Möller
5dbd3efce7 Replace 'ecdsaparam' commandline utility by 'ecparam'
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.

Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.

Fix ec_asn1.c (take into account the desired conversion form).

'make update'.

Submitted by: Nils Larsch
2002-07-14 16:54:31 +00:00
Lutz Jänicke
7b63c0fa8c Reorder inclusion of header files:
des_old.h redefines crypt:
#define crypt(b,s)\
        DES_crypt((b),(s))

This scheme leads to failure, if header files with the OS's true definition
of crypt() are processed _after_ des_old.h was processed. This is e.g. the
case on HP-UX with unistd.h.
As evp.h now again includes des.h (which includes des_old.h), this problem
only came up after this modification.
Solution: move header files (indirectly) including e_os.h before the header
files (indirectly) including evp.h.
Submitted by:
Reviewed by:
PR:
2002-07-10 07:01:54 +00:00
Richard Levitte
17085b022c Pass CFLAG to dependency makers, so non-standard system include paths are
handled properly.
Part of PR 75
2002-06-27 16:39:25 +00:00
Richard Levitte
4367eb8706 DJGPP has some needed header files that other MSDOS/Windows compilers don't have.
Part of PR 75
2002-06-27 16:32:04 +00:00
Geoff Thorpe
a6c6874a1a Make sure any ENGINE control commands make local copies of string
pointers passed to them whenever necessary. Otherwise it is possible the
caller may have overwritten (or deallocated) the original string data
when a later ENGINE operation tries to use the stored values.

Submitted by: Götz Babin-Ebell <babinebell@trustcenter.de>
Reviewed by: Geoff Thorpe
PR: 98
2002-06-21 02:38:08 +00:00
Lutz Jänicke
40889b9cd3 Add missing prototypes.
Submitted by: Goetz Babin-Ebell <babinebell@trustcenter.de>
PR: 89
2002-06-13 17:40:27 +00:00
Richard Levitte
c8062c3a5e Since there's no continuation, the ; can go as well :-) 2002-06-05 09:08:41 +00:00
Lutz Jänicke
05c08fc708 There is no continuation at this point. 2002-06-05 08:00:36 +00:00
Richard Levitte
d4294c8984 Synchronise with 0.9.7-stable. 2002-04-29 10:19:19 +00:00
Richard Levitte
45932ad508 The callback must have (void) as argument list.
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
2002-04-20 10:22:42 +00:00
Richard Levitte
a18894d159 make update (libeay.num has been edited to match 0.9.7-stable) 2002-04-06 19:16:12 +00:00
Richard Levitte
bbd79bdf03 Forgot one of the casts 2002-04-03 15:01:28 +00:00
Richard Levitte
a096e9b719 Cast the pointers to the BIGNUM data to unsigned long *. This would be
harmful if we didn't also pass the exact number of bytes of that data
2002-04-03 14:47:38 +00:00
Bodo Möller
e8e7fbdb16 fix memory leak
Submitted by: Nils Larsch
2002-03-25 23:18:11 +00:00
Bodo Möller
85b7b80434 fix conditational compilation for OPENSSL_NO_... 2002-03-22 11:02:13 +00:00
Bodo Möller
690ecff795 Fixes for 'no-hw' combined with 'no-SOME_CIPHER'.
Fix dsaparam usage output.

Submitted by: Nils Larsch
2002-03-14 09:52:03 +00:00
Richard Levitte
931627e6a0 Synchronise the AEP engine in all branches. For 0.9.6-stable [engine], implement software fallback 2002-03-07 19:38:59 +00:00
Richard Levitte
274a2c9970 When closing, do not use close(). Also, if the closing call fails, do
not return immediately since that leaves a locked lock.
2002-03-07 17:13:30 +00:00
Dr. Stephen Henson
0dc092334b ENGINE module additions.
Add "init" command to control ENGINE
initialization.

Call ENGINE_finish on initialized ENGINEs on exit.

Reorder shutdown in apps.c: modules should be shut
down first.

Add test private key loader to openssl ENGINE: this
just loads a private key in PEM format.

Fix print format for dh length parameter.
2002-03-06 14:15:13 +00:00
Dr. Stephen Henson
c8cd7d9e0f Fix warnings about signed/unsigned mismatch and global
shadowing (random, index) in hw_4758_cca.c
2002-03-03 17:08:20 +00:00
Richard Levitte
4bf4bc784f make update 2002-02-28 20:29:20 +00:00
Richard Levitte
7d68189d8a Make sure aep_close_connection() is declared and has a prototype that's
consistent with the rest of the AEP functions
2002-02-28 12:58:43 +00:00
Richard Levitte
5c62f68e14 Updated AEP engine, submitted by Diarmuid O'Neill <Diarmuid.ONeill@aep.ie> 2002-02-28 11:36:38 +00:00
Geoff Thorpe
92d1bc09cb This adds a new ENGINE to support IBM 4758 cards, contributed by Maurice
Gittens.
2002-02-27 22:55:28 +00:00
Dr. Stephen Henson
4a3e6bce79 Make the engine config module always add dynamic ENGINEs
to the list using dynamic_path. This stops ENGINEs which
don't supply any default algorithms being automatically
freed (because they have no references) and allows them
to be accessed by id.

Alternative dynamic loading behaviour can be achieved by
issuing the dynamic ENGINE ctrls separately in the config file.
2002-02-24 16:20:50 +00:00
Ben Laurie
f43acc8a50 Fix warnings. 2002-02-14 09:59:35 +00:00
Bodo Möller
4d94ae00d5 ECDSA support
Submitted by: Nils Larsch <nla@trustcenter.de>
2002-02-13 18:21:51 +00:00
Richard Levitte
81269a81ee Remove an unused variable. 2002-02-07 21:55:22 +00:00
Richard Levitte
3537525e00 Oops, do not unlock CRYPTO_LOCK_DYNLOCK when we locked
CRYPTO_LOCK_RAND...
2002-02-07 21:49:21 +00:00
Richard Levitte
d38f3ad1ee I forgot to include the aep and sureware vendor header files. 2002-02-07 21:43:05 +00:00
Richard Levitte
e083f91497 Because AEP and we used the same AEP_R_ prefix for error reasons,
lets change our prefix to AEPHK_R_.  Otherwise, we get very mysterious
errors because we happen to redefine AEP_R_OK and AEP_R_GENERAL_ERROR.
2002-02-07 21:12:08 +00:00
Richard Levitte
ba2cad19cf Add aep and sureware implementations and clean up some error reasons
that were never part of the engine framework.

The aep and sureware implementations are taken directly from 0.9.6c
[engine] and have been modified to fit the newer engine framework and
to be possible to build shared libraries of.

The aep implementation has gone through quite a bunch of tests and is
cleaned up (there were some misunderstandings in it about how to use
locks).

The sureware hasn't been tested at all in this incarnation and is
basically a quick hack to get it to compile properly.
2002-02-07 20:44:14 +00:00
Richard Levitte
db0a1efcc9 Certain reasons aren't really part of the engine framework, so let's
make them ubsec-specific in the ubsec implementation.
2002-02-07 20:37:55 +00:00
Richard Levitte
9074521458 Generate the individual engines' error strings and macros
automatically.
2002-02-07 20:02:49 +00:00
Lutz Jänicke
866eedb936 Shut up compiler warnings for inconsistent declarations. 2002-01-29 17:14:50 +00:00
Richard Levitte
1199e2d8cf Apply patch from Toomas Kiisk <vix@cyber.ee> and complete it. 2002-01-29 12:36:01 +00:00
Richard Levitte
a297985f42 Apply a change by Toomas Kiisk <vix@cyber.ee>:
* Fix a crashbug and a logic bug in hwcrhk_load_pubkey()
2002-01-25 17:45:30 +00:00
Bodo Möller
957b6db3b1 fix formatting of automatically generated error section 2002-01-24 16:20:42 +00:00
Richard Levitte
fe19c448f0 make update
libeay.num got tweaked so the old des symbols would retain their
positions.
2002-01-24 12:31:54 +00:00
Ben Laurie
0fc5cf0870 Make no config file not an error. Move /dev/crypto config to ctrl. 2002-01-22 22:29:58 +00:00
Dr. Stephen Henson
f78d4a35f8 Constification. 2002-01-22 02:06:33 +00:00
Dr. Stephen Henson
df5eaa8a52 default_algorithms option in ENGINE config. 2002-01-22 01:40:18 +00:00
Dr. Stephen Henson
c9501c223f Initial ENGINE config module, docs to follow.
Fix buffer overrun errors in OPENSSL_conf().
2002-01-21 03:02:36 +00:00
Ben Laurie
9dd5ae6553 Constification, add config to /dev/crypto. 2002-01-18 16:51:05 +00:00
Richard Levitte
f11fd3f4e1 Implement failover for ubsec. Submitted by Subramanian Ramamoorthy
<sram@broadcom.com> with the following comment:

[...] We have implemented failover (ie, if for some reason that the
hardware fails, the implementation detects this failure and performs
this operation as if no hardware is present, ie, in software) for
sometime now and have tested it here with our hardware. [...]

This change was cc:ed to exports@crypto.com
2001-12-12 12:53:13 +00:00
Bodo Möller
883b0c2274 fix submitted by Andy Schneider <andy.schneider@bjss.co.uk>
(in main branch, hn_ncipher.c is already correct)
2001-11-23 20:58:40 +00:00
Geoff Thorpe
c507a16e49 Cut "ENGINE_ID" to the more concise "ID". 2001-11-22 10:08:49 +00:00
Geoff Thorpe
e4a6cf421a When the "dynamic" ENGINE loads another ENGINE from a shared-library, it
essentially overwrites itself with the new ENGINE, with the exception of
reference counts, ex_data structures, and other 'admin' elements. However
if the new ENGINE doesn't populate certain elements, there's the risk of
the "dynamic" ENGINE's elements showing through - the "cmd_defns" were just
one of the possibilities. This implements a more comprehensive cleanup.
2001-11-22 09:13:18 +00:00
Geoff Thorpe
329636d6e3 The "openssl" ENGINE is no longer used except as a testing/debugging
device. This change enables it for building as a self-contained "dynamic"
ENGINE, to help testing such mechanisms.
2001-11-22 09:01:11 +00:00
Richard Levitte
0d197a833c On systems that don't do too well including headers from a different
directory, trust the building scripts to handle it properly.
2001-11-16 08:54:34 +00:00
Richard Levitte
5b8a57ecae After loading a dynamic engine, reset the command definitions to the
empty set.  This prevents engines that do not set the command
definitions themselves to inherit the ones from "dynamic", which would
otherwise be very confusing.
2001-11-14 22:32:19 +00:00
Bodo Möller
3a8a0a3945 2001, not 2000 2001-11-09 13:15:05 +00:00
Richard Levitte
6acc3b9689 Place the OpenSSL-specific headers back so they always get included,
or we get a dependency war in Makefile.ssl
2001-11-05 18:18:12 +00:00
Richard Levitte
66aa856698 No need to include anything on systems that do not have /dev/crypt 2001-11-05 12:44:14 +00:00
Richard Levitte
b30245dae0 'make update' 2001-10-10 07:56:20 +00:00
Richard Levitte
116daf4c2f To avoid commit wars over dependencies, let's make it so things that
depend on the environment, like the presence of the OpenBSD crypto
device or of Kerberos, do not change the dependencies within OpenSSL.
2001-10-10 07:55:02 +00:00
Geoff Thorpe
7526e2c043 As ENGINE_load_openbsd_dev_crypto() is an API function, it makes sense for
it to be defined on all platforms whether or not it is of any practical
use on them. This also resolves linker problems on "special" platforms,
such as win32.
2001-10-08 17:08:17 +00:00
Geoff Thorpe
6d52f260bf Make sure the "ENGINE_TABLE" cleanup callbacks have correct prototypes. 2001-10-08 17:06:52 +00:00
Geoff Thorpe
752f2b6785 Missing pointer in the eng_table_register function. Reported by
Martin Szotkowski.
2001-10-08 14:44:38 +00:00
Richard Levitte
f8000b9345 'make update' 2001-10-04 07:49:09 +00:00
Richard Levitte
2aa9043ad3 Because there's chances we clash with the system's types.h, rename our
types.h to ossl_typ.h.
2001-10-04 07:32:46 +00:00
Richard Levitte
b485e5b7e3 Woopsie... 2001-10-01 17:20:28 +00:00
Richard Levitte
1cf9d58cb4 sk_ENGINE_CLEANUP_ITEM_pop_free() is duplicated in ENGINE_cleanup().
Let's use sk_ENGINE_CLEANUP_ITEM_pop_free() instead.
2001-10-01 17:15:28 +00:00
Geoff Thorpe
5c32657c80 The STACK macros take care of casting to and from the designated item type
of the stack, and the (void *) type used in the underlying sk_***
functions.  However, declaring a STACK_OF(type) where type is a *function*
type implicitly involves casts between function pointers and data pointers.
That's a no-no. This changes the ENGINE_CLEANUP handling to use a regular
data type in the stack.
2001-10-01 16:26:00 +00:00
Ben Laurie
dbeac560aa Fixes. 2001-09-26 15:14:10 +00:00
Ben Laurie
c9fc143972 Fix warning. 2001-09-26 11:38:57 +00:00
Geoff Thorpe
004aa803a9 "FALLBACK" handling was a hack that was thrown out long ago in the
ENGINE redevelopment. The idea had been that "-1" could be used as a
special "ask me later" 'nid' rather than specifying supported cipher and
digest 'nid's up front. However the idea turned out to be pretty broken.
2001-09-25 21:52:39 +00:00
Geoff Thorpe
9dfdf0ad1d This change puts the original OpenBSD /dev/crypto support that was in
crypto/evp/ into the corresponding ENGINE. This code is currently untested.
2001-09-25 21:43:08 +00:00
Geoff Thorpe
3b04cdd706 This change adds dummy RC4 and SHA1 support to the "openssl" ENGINE for
testing. Because of the recent changes (see crypto/engine/README), the
"openssl" ENGINE is no longer needed nor is it loaded automatically or by
ENGINE_load_builtin_engines(). So a explicit ENGINE_load_openssl() call is
required by applications or a modification to eng_all.c before this ENGINE
will be used. This change will send output to stderr as/when its
implementations are used.
2001-09-25 21:41:20 +00:00
Geoff Thorpe
b370230b78 This change adds cipher and digest support into ENGINE using the
ENGING_TABLE mechanism. The necessary hooks from crypto/evp/ to use this
will be committed shortly.
2001-09-25 21:28:40 +00:00
Geoff Thorpe
b6d1e52d45 This change replaces the ENGINE's underlying mechanics with the new
ENGINE_TABLE-based stuff - as described in crypto/engine/README.

Associated miscellaneous changes;
 - the previous cipher/digest hooks that hardwired directly to EVP's
   OBJ_NAME-based storage have been backed out. New cipher/digest support
   has been constructed and will be committed shortly.
 - each implementation defines its own ENGINE_load_<name> function now.
 - the "openssl" ENGINE isn't needed or loaded any more.
 - core (not algorithm or class specific) ENGINE code has been split into
   multiple files to increase readability and decrease linker bloat.
 - ENGINE_cpy() has been removed as it wasn't really a good idea in the
   first place and now, because of registration issues, can't be
   meaningfully defined any more.
 - BN_MOD_EXP[_CRT] support is removed as per the README.
 - a bug in enginetest.c has been fixed.

NB: This commit almost certainly breaks compilation until subsequent
changes are committed.
2001-09-25 20:00:51 +00:00
Geoff Thorpe
f185e725a0 Some major restructuring changes to ENGINE, including integrated cipher and
digest support, are on their way. Rather than having gigantic commit log
messages and/or CHANGES entries, this change to the README will serve as an
outline of what it all is and how it all works.
2001-09-25 19:31:30 +00:00
Geoff Thorpe
2b67158673 Some of the ENGINE file names were changed for 8.3 filename uniqueness
recently. So comments including file names have been fixed, and copyright
notices brought up to "2001" at the same time.
2001-09-14 18:31:57 +00:00