wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5822 commits 20 branches 302 tags 153 MiB
Commit graph

2784 commits

Author SHA1 Message Date
Richard Levitte
0984fcf118 Use 0 instead of NULL when casting to function pointers, to avoid 
warnings from compilers when NULL is defined as '((void *)0)'.
This has already been applied in the main branch.
 2002-05-22 07:56:38 +00:00
Richard Levitte
18cc99ac17 Remove warnings about uninitialised variables. 
This has already been applied in the main branch.
 2002-05-22 07:55:03 +00:00
Richard Levitte
2341e303da This file was removed long ago. Why it's still in this branch is a 
mystery to me.
 2002-05-22 07:49:37 +00:00
Bodo Möller
dca142029c accept NULL in 'free' functions 2002-05-21 09:00:54 +00:00
Bodo Möller
7711de24f9 accept NULL in 'free' functions 2002-05-21 08:59:57 +00:00
Dr. Stephen Henson
0fccb00b5b Add missing EVP_CIPHER_CTX_init call. 2002-05-18 23:43:10 +00:00
Dr. Stephen Henson
ace2ca484b Add missing EVP_CIPHER_CTX_init call. 2002-05-18 23:42:20 +00:00
Bodo Möller
855f0b4f2f fix EVP_dsa_sha macro 
Submitted by: Nils Larsch
 2002-05-16 12:53:34 +00:00
Bodo Möller
46ffee4792 fix EVP_dsa_sha macro 
Submitted by: Nils Larsch
 2002-05-16 12:51:18 +00:00
Dr. Stephen Henson
544a2aea4b Zero cipher_data in EVP_CIPHER_CTX_cleanup 
Add cleanup calls to evp_test.c

Allow reuse of cipher contexts by removing
automatic cleanup in EVP_*Final().
 2002-05-15 18:49:25 +00:00
Dr. Stephen Henson
bb3a69f801 Zero cipher_data in EVP_CIPHER_CTX_cleanup 
Add cleanup calls to evp_test.c
 2002-05-15 17:52:19 +00:00
Bodo Möller
60e5f36d27 make b_print.c consistent with the rest of OpenSSL: 
disable assert() except for debug builds
 2002-05-14 19:40:58 +00:00
Bodo Möller
55db40d3e0 make b_print.c consistent with the rest of OpenSSL: 
disable assert() except for debug builds
 2002-05-14 19:03:12 +00:00
Dr. Stephen Henson
e9ba69631b EVP_SealFinal should return a value. 2002-05-11 17:37:08 +00:00
Dr. Stephen Henson
d0e3726ca4 EVP_SealFinal should return a value. 2002-05-11 17:33:01 +00:00
Dr. Stephen Henson
1c511bdb7c Fallback to normal multiply if n2 == 8 and dna or dnb is not zero 
in bn_mul_recursive.

This is (hopefully) what was triggering bignum errors on 64 bit
platforms and causing the BN_mod_mul test to fail.
 2002-05-10 22:22:55 +00:00
Dr. Stephen Henson
dc014d43af Fallback to normal multiply if n2 == 8 and dna or dnb is not zero 
in bn_mul_recursive.

This is (hopefully) what was triggering bignum errors on 64 bit
platforms and causing the BN_mod_mul test to fail.
 2002-05-10 22:18:13 +00:00
Dr. Stephen Henson
f9bd76e4f7 Avoid gcc warning: BN_DEC_CONV when SIXTY_FOUR_BIT is defined is unsigned. 2002-05-10 22:08:22 +00:00
Dr. Stephen Henson
2f9cf160e4 Avoid gcc warning: BN_DEC_CONV when SIXTY_FOUR_BIT is defined is unsigned. 2002-05-10 22:07:37 +00:00
Richard Levitte
7d2980f09e Make the huge buffer smaller, so the size becomes reasonable for small-stack environments. 
Notified by Verdon Walker <VWalker@novell.com>
 2002-05-09 20:14:50 +00:00
Richard Levitte
06bed64317 Make the huge buffer smaller, so the size becomes reasonable for small-stack environments. 
Notified by Verdon Walker <VWalker@novell.com>
 2002-05-09 20:14:00 +00:00
Richard Levitte
f1fe6fa6e4 One place where VMS wasn't changed to OPENSSL_SYS_VMS... 2002-05-09 18:27:56 +00:00
Richard Levitte
c559759265 One place where VMS wasn't changed to OPENSSL_SYS_VMS... 2002-05-09 18:27:06 +00:00
Richard Levitte
ecb7a9c73a Move an assert() to avoid core dumps when a static buffer hasn't been given. 
Notified by Verdon Walker <VWalker@novell.com>
 2002-05-09 18:19:45 +00:00
Richard Levitte
b4000e8ad8 Move an assert() to avoid core dumps when a static buffer hasn't been given. 
Notified by Verdon Walker <VWalker@novell.com>
 2002-05-09 18:19:21 +00:00
Ben Laurie
4e9a77cf26 Fix warning. 2002-05-08 15:13:24 +00:00
Bodo Möller
b6db386ffd Change internals of the EC library so that the functions 
EC_GROUP_{set_generator,get_generator,get_order,get_cofactor} are
implemented directly in crypto/ec/ec_lib.c and not dispatched to
methods.

Also fix EC_GROUP_copy to copy the NID.
 2002-05-08 11:54:24 +00:00
Bodo Möller
279fe3b1c5 in SignerInfo, use ecdsa-with-SHA1 OID for ECDSA (not ecPublicKey) 
Submitted by: Nils Larsch
 2002-05-07 15:14:12 +00:00
Bodo Möller
2c8d0dccfc improve wNAF generation 2002-05-05 23:45:09 +00:00
Richard Levitte
08130eb158 Make sure that date is run under the C locale, so dates are given in the 
default format.
PR: 16
 2002-05-02 08:05:52 +00:00
Richard Levitte
294bd1e2f3 Make sure that date is run under the C locale, so dates are given in the 
default format.
PR: 16
 2002-05-02 08:05:46 +00:00
Richard Levitte
d4294c8984 Synchronise with 0.9.7-stable. 2002-04-29 10:19:19 +00:00
Bodo Möller
dfc5336975 Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not 
encoded as NULL) with id-dsa-with-sha1.

Submitted by: Nils Larsch
 2002-04-26 08:29:18 +00:00
Bodo Möller
8df61b5011 Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not 
encoded as NULL) with id-dsa-with-sha1.

Submitted by: Nils Larsch
 2002-04-26 08:28:34 +00:00
Lutz Jänicke
f1e6643751 Add generationQualifier OID (proposed by Fiel Cabral). 2002-04-25 18:03:13 +00:00
Lutz Jänicke
4cea95a547 Added generationQualifier OID (proposed by Fiel Cabral). 
Submitted by:
Reviewed by:
PR:
 2002-04-25 18:00:13 +00:00
Richard Levitte
69a305d434 Uhmmm, if we use && after having tested for the presence of the certificate, 
we just *might* stand a certain chance of actually getting it written
to file...
 2002-04-23 13:15:27 +00:00
Richard Levitte
35c2b3a9ac Uhmmm, if we use && after having tested for the presence of the certificate, 
we just *might* stand a certain chance of actually getting it written
to file...
 2002-04-23 13:15:08 +00:00
Lutz Jänicke
ab5b1cf86b ERR_file_name is no longer being used. 
Submitted by:
Reviewed by:
PR:
 2002-04-22 13:55:37 +00:00
Lutz Jänicke
af9675e75a ERR_file_name is no longer being used. 2002-04-22 13:54:50 +00:00
Richard Levitte
45932ad508 The callback must have (void) as argument list. 
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
 2002-04-20 10:22:42 +00:00
Richard Levitte
ce94682ce1 No point constifying an int. 
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
 2002-04-20 10:22:01 +00:00
Richard Levitte
2d7ab7e9ea Do not free p if it hasn't been used yet. 
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
 2002-04-20 10:19:20 +00:00
Lutz Jänicke
d5d007abe3 Optimize: better shortcut evaluation ("Howard Chu" <hyc@highlandsun.com>). 2002-04-18 11:54:06 +00:00
Lutz Jänicke
365c6e4661 Optimize: better shortcut evaluation ("Howard Chu" <hyc@highlandsun.com>). 
Submitted by:
Reviewed by:
PR:
 2002-04-18 11:53:35 +00:00
Bodo Möller
dde3e83129 'version' is not optional in the encoding 
Submitted by: Nils Larsch
 2002-04-17 11:35:52 +00:00
Bodo Möller
8f182fdc69 'version' is not optional in the encoding 
Submitted by: Nils Larsch
 2002-04-17 11:31:20 +00:00
Lutz Jänicke
ea7fc0311c Use the "mail" short name according to RFC2798 (Michael Bell 
<michael.bell@rz.hu-berlin.de>).
 2002-04-15 13:30:41 +00:00
Lutz Jänicke
e9caaa4ad9 Use the "mail" short name according to RFC2798 (Michael Bell 
<michael.bell@rz.hu-berlin.de>).
Submitted by:
Reviewed by:
PR:
 2002-04-15 13:28:53 +00:00
Lutz Jänicke
30911232c1 Some more OID enhancements. 2002-04-15 10:41:38 +00:00
Lutz Jänicke
a6198b9ed1 Some more OID enhancements. 
Submitted by:
Reviewed by:
PR:
 2002-04-15 10:38:37 +00:00
Lutz Jänicke
2940a1298e Fix CRLF problem in BASE64 decode. 2002-04-15 09:55:40 +00:00
Lutz Jänicke
a7be294ed7 Fix CRLF problem in BASE64 decode. 
Submitted by:
Reviewed by:
PR:
 2002-04-15 09:53:47 +00:00
Bodo Möller
617f461c9d remove disabled code 2002-04-14 13:28:41 +00:00
Bodo Möller
f916052eab remove disabled code 2002-04-14 13:28:17 +00:00
Bodo Möller
b975183c41 ECDSA representation bugfixes 
Submitted by: Nils Larsch
 2002-04-12 08:57:01 +00:00
Richard Levitte
7b907f0bb5 Check error code from a2d_ASN1_OBJECT(). 2002-04-11 22:14:10 +00:00
Richard Levitte
083100e2ab Check error code from a2d_ASN1_OBJECT(). 2002-04-11 22:13:58 +00:00
Richard Levitte
9dfcad117c Change the date to XX xxx XXXX in development versions. 2002-04-11 21:53:57 +00:00
Richard Levitte
241d2ba1da Change the date to XX xxx XXXX in development versions. 2002-04-11 21:51:40 +00:00
Bodo Möller
d0561b5c2d fix ECDSA handling 
Submitted by: Nils Larsch
 2002-04-09 12:01:21 +00:00
Lutz Jänicke
0ae1661ba2 Apply OID fixes for elliptic curves as supplied by 
Nils Larsch <nlarsch@compuserve.de>.
 2002-04-08 15:49:53 +00:00
Richard Levitte
a18894d159 make update (libeay.num has been edited to match 0.9.7-stable) 2002-04-06 19:16:12 +00:00
Richard Levitte
248252682c make update 2002-04-06 19:15:27 +00:00
Lutz Jänicke
ce34d0ac09 Fix buggy object definitions (Svenning Sorensen <sss@sss.dnsalias.net>). 
Submitted by:
Reviewed by:
PR:
 2002-04-04 17:49:39 +00:00
Lutz Jänicke
4825092bbe Fix buggy object definitions (Svenning Sorensen <sss@sss.dnsalias.net>). 2002-04-04 17:48:37 +00:00
Richard Levitte
4e9dd6b0f5 Forgot one of the casts 2002-04-03 15:02:00 +00:00
Richard Levitte
bbd79bdf03 Forgot one of the casts 2002-04-03 15:01:28 +00:00
Richard Levitte
b6ccbffe2b Cast the pointers to the BIGNUM data to unsigned long *. This would be 
harmful if we didn't also pass the exact number of bytes of that data
 2002-04-03 14:47:50 +00:00
Richard Levitte
a096e9b719 Cast the pointers to the BIGNUM data to unsigned long *. This would be 
harmful if we didn't also pass the exact number of bytes of that data
 2002-04-03 14:47:38 +00:00
Richard Levitte
ddab25a90d Fix of mixup bwtween SOMAXCONN and SO_MAXCONN. 
Furthermore, make SO_MAXCONN the first choice, since that's the standard
(as far as I know).
 2002-03-29 23:48:55 +00:00
Richard Levitte
1aecc34e9e Fix of mixup bwtween SOMAXCONN and SO_MAXCONN. 
Furthermore, make SO_MAXCONN the first choice, since that's the standard
(as far as I know).
 2002-03-29 23:48:43 +00:00
Lutz Jänicke
ffbe98b763 Make short names of objects RFC2256-compliant. 2002-03-26 17:18:48 +00:00
Lutz Jänicke
75b9c0044c Make short names of objects RFC2256-compliant. 
Submitted by:
Reviewed by:
PR:
 2002-03-26 17:15:32 +00:00
Richard Levitte
d7a9bb0a2a A forgotten file 2002-03-26 16:42:38 +00:00
Richard Levitte
0d81c69b8e Add the possibility to enable olde des support, not just disable it, for future support. Redocument 2002-03-26 14:28:04 +00:00
Richard Levitte
600b77a93f Add the possibility to enable olde des support, not just disable it, for future support. Redocument 2002-03-26 14:26:08 +00:00
Richard Levitte
401cd0af0f Add the mapping of des_random_seed() for 0.9.6 compatibility. 
Make sure DES_cblock is defined at all times (meaning one shouldn't include
openssl/des_old.h directly any more).
 2002-03-26 13:59:22 +00:00
Richard Levitte
39335c356b Add the mapping of des_random_seed() for 0.9.6 compatibility. 
Make sure DES_cblock is defined at all times (meaning one shouldn't include
openssl/des_old.h directly any more).
 2002-03-26 13:58:30 +00:00
Richard Levitte
c7b41e67f0 Correct the mapping for des_read_pw() 2002-03-26 13:54:15 +00:00
Richard Levitte
a3c62bb737 Correct the mapping for des_read_pw() 2002-03-26 13:54:04 +00:00
Richard Levitte
003144a8e8 Make the change to strong keys in the string to key(s) functions experimental in the main trunk as well 2002-03-26 12:44:35 +00:00
Bodo Möller
af1cb47e65 fix warnings 
Submitted by: Nils Larsch
 2002-03-25 23:41:32 +00:00
Bodo Möller
e8e7fbdb16 fix memory leak 
Submitted by: Nils Larsch
 2002-03-25 23:18:11 +00:00
Bodo Möller
2f6263a696 fix memory leak 
Submitted by: Nils Larsch
 2002-03-25 23:17:35 +00:00
Bodo Möller
d5c21afd4b add missing declaration 
Submitted by: Nils Larsch
 2002-03-25 23:15:21 +00:00
Bodo Möller
35748f40d6 add missing declaration 
Submitted by: Nils Larsch
 2002-03-25 23:14:50 +00:00
Bodo Möller
9e7733a743 fix conditational compilation for OPENSSL_NO_... 2002-03-22 11:02:45 +00:00
Bodo Möller
85b7b80434 fix conditational compilation for OPENSSL_NO_... 2002-03-22 11:02:13 +00:00
Richard Levitte
fe0f662310 Merge changes from 0.9.7-stable 2002-03-22 10:51:41 +00:00
Richard Levitte
fc0bdd1aa8 Key schedules are given as arguments a bit differently in 0.9.6 and 
earlier.  Also, it was an error to define crypt() at all times.
 2002-03-22 10:46:13 +00:00
Richard Levitte
90453438ff Merge changes from 0.9.7-stable 2002-03-22 10:32:23 +00:00
Richard Levitte
e9dad4048f Key schedules are given as arguments a bit differently in 0.9.6 and 
earlier.  Also, a few 0.9.6 functions were missing their mappings.
 2002-03-22 10:29:56 +00:00
Richard Levitte
2e63f3b733 Merge in DES changed from 0.9.7-stable. 2002-03-22 02:49:46 +00:00
Richard Levitte
e9f970891d Change des_old.h so OpenSSL 0.9.6 compatibility is default. One must 
define OPENSSL_DES_LIBDES_COMPATIBILITY to get libdes compatibility.
At the same time, correct a couple of argument errors for the cfb
encryption routines.

Make destest use as much of the old API as possible, to make sure it
works properly.  Other tests will use the new API...
 2002-03-22 02:33:24 +00:00
Lutz Jänicke
f90c544039 Remove superflous statement <justin.fletcher@ntlworld.com>. 
Submitted by:
Reviewed by:
PR:
 2002-03-21 19:10:07 +00:00
Lutz Jänicke
be3d90de02 Remove superflous (and buggy) statement <justin.fletcher@ntlworld.com>. 2002-03-21 19:08:35 +00:00
Bodo Möller
82652aaf17 fix DH_generate_parameters for general 'generator' 2002-03-20 16:04:04 +00:00
Bodo Möller
afcf54a5c9 fix DH_generate_parameters for general 'generator' 2002-03-20 16:02:46 +00:00
Bodo Möller
17d6bb8158 New function EC_GROUP_check_discriminant(). 
Restructure implementation of EC_GROUP_check().

Submitted by: Nils Larsch
 2002-03-20 10:18:07 +00:00
Bodo Möller
99d5b23023 Fix typo. 
Submitted by: Nils Larsch
 2002-03-19 09:51:31 +00:00
Bodo Möller
af28dd6c75 Fix bugs and typos. 
Add some WTLS curves.
New function EC_GROUP_check() (this will probably
be implemented differently soon).

Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
 2002-03-18 13:10:45 +00:00
Bodo Möller
e79ec456be fix #include position 
Submitted by: Nils Larsch
 2002-03-18 13:05:20 +00:00
Dr. Stephen Henson
3e268d2717 Ensure EVP_CipherInit() uses the correct encode/decode parameter if 
enc == -1

[Reported by Markus Friedl <markus@openbsd.org>]

Fix typo in dh_lib.c (use of DSAerr instead of DHerr).
 2002-03-16 23:20:05 +00:00
Dr. Stephen Henson
59a941e4a4 Ensure EVP_CipherInit() uses the correct encode/decode parameter if 
enc == -1

[Reported by Markus Friedl <markus@openbsd.org>]

Fix typo in dh_lib.c (use of DSAerr instead of DHerr).
 2002-03-16 23:19:25 +00:00
Dr. Stephen Henson
de941e289e Initialize cipher context in KRB5 
("D. Russell" <russelld@aol.net>)

Allow HMAC functions to use an alternative ENGINE.
 2002-03-14 18:22:23 +00:00
Dr. Stephen Henson
b74dfe6e8e Initialize cipher context in KRB5 
("D. Russell" <russelld@aol.net>)

Allow HMAC functions to use an alternative ENGINE.
 2002-03-14 18:16:49 +00:00
Bodo Möller
1d28453529 add OIDs for WAP/TLS curves 2002-03-14 13:18:57 +00:00
Bodo Möller
d80f6e0f8c Fixes for 'no-hw' combined with 'no-SOME_CIPHER'. 
Fix dsaparam usage output.

Submitted by: Nils Larsch (for 0.9.8-dev; backported to 0.9.7-dev)
 2002-03-14 09:53:30 +00:00
Bodo Möller
690ecff795 Fixes for 'no-hw' combined with 'no-SOME_CIPHER'. 
Fix dsaparam usage output.

Submitted by: Nils Larsch
 2002-03-14 09:52:03 +00:00
Bodo Möller
2fc1f3dd48 disable '#ifdef DEBUG' code 2002-03-14 09:35:15 +00:00
Dr. Stephen Henson
e50baf58ab Fix various warnings when compiling with KRB5 code. 2002-03-12 03:00:59 +00:00
Dr. Stephen Henson
0b4c91c0fc Fix various warnings when compiling with KRB5 code. 2002-03-12 02:59:37 +00:00
Dr. Stephen Henson
bf6a9e66d6 Make ciphers and digests obtain an ENGINE functional reference 
if impl is explicitly supplied.
 2002-03-09 18:58:05 +00:00
Dr. Stephen Henson
c77bd28775 Make ciphers and digests obtain an ENGINE functional reference 
if impl is explicitly supplied.
 2002-03-09 18:56:38 +00:00
Dr. Stephen Henson
0c372b94f7 Make {RSA,DSA,DH}_new_method obtain and release an ENGINE 
functional reference in all cases.
 2002-03-09 18:25:03 +00:00
Dr. Stephen Henson
1619add90c Make {RSA,DSA,DH}_new_method obtain and release an ENGINE 
functional reference.
 2002-03-09 18:24:14 +00:00
Bodo Möller
4882171df5 EC curve stuff 
Submitted by: Nils Larsch
 2002-03-08 11:10:40 +00:00
Richard Levitte
121cb9ee38 Synchronise the AEP engine in all branches. For 0.9.6-stable [engine], implement software fallback 2002-03-07 19:39:19 +00:00
Richard Levitte
931627e6a0 Synchronise the AEP engine in all branches. For 0.9.6-stable [engine], implement software fallback 2002-03-07 19:38:59 +00:00
Richard Levitte
bc173b9fb0 When closing, do not use close(). Also, if the closing call fails, do 
not return immediately since that leaves a locked lock.
 2002-03-07 17:13:49 +00:00
Richard Levitte
274a2c9970 When closing, do not use close(). Also, if the closing call fails, do 
not return immediately since that leaves a locked lock.
 2002-03-07 17:13:30 +00:00
Richard Levitte
006fcc22a8 Change des_old.c to use types prefixed with _ossl_old_des_. 2002-03-07 15:41:36 +00:00
Richard Levitte
4fd9c70f06 Change des_old.c to use types prefixed with _ossl_old_des_. 2002-03-07 15:38:40 +00:00
Bodo Möller
709c51c424 fix spacing 2002-03-07 12:21:31 +00:00
Bodo Möller
9bc448546e Add more curves. 
Submitted by: Nils Larsch

Remove unnecessary 'const'.
 2002-03-07 12:14:03 +00:00
Dr. Stephen Henson
0dc092334b ENGINE module additions. 
Add "init" command to control ENGINE
initialization.

Call ENGINE_finish on initialized ENGINEs on exit.

Reorder shutdown in apps.c: modules should be shut
down first.

Add test private key loader to openssl ENGINE: this
just loads a private key in PEM format.

Fix print format for dh length parameter.
 2002-03-06 14:15:13 +00:00
Dr. Stephen Henson
c913cf446f ENGINE module additions. 
Add "init" command to control ENGINE
initialization.

Call ENGINE_finish on initialized ENGINEs on exit.

Reorder shutdown in apps.c: modules should be shut
down first.

Add test private key loader to openssl ENGINE: this
just loads a private key in PEM format.

Fix print format for dh length parameter.
 2002-03-06 14:09:46 +00:00
Bodo Möller
36c194638e add SECG OIDs 
Submitted by: Nils Larsch
 2002-03-06 13:47:32 +00:00
Bodo Möller
45fb737950 reference counting for EC_GROUP structures is not needed (at the 
moment at least), so remove it
 2002-03-06 09:46:17 +00:00
Bodo Möller
022b31a8c8 typo 2002-03-05 15:03:16 +00:00
Bodo Möller
8ecf5104b3 typo 2002-03-05 14:58:53 +00:00
Dr. Stephen Henson
dd6b494eb3 Make sure the type accessed by the LONG and ZLONG ASN1 type 
is really a long, to avoid problems on platforms where
sizeof(int) != sizeof(long).
 2002-03-05 13:49:27 +00:00
Dr. Stephen Henson
2c2f9e2cc3 Make sure the type accessed by the LONG and ZLONG ASN1 type 
is really a long, to avoid problems on platforms where
sizeof(int) != sizeof(long).
 2002-03-05 13:48:51 +00:00
Bodo Möller
2d9b1b3ffa more X9.62 OIDs 
Submitted by: Nils Larsch <nla@trustcenter.de>
 2002-03-05 12:39:19 +00:00
Bodo Möller
f070480275 disable '#ifdef DEBUG' code 2002-03-05 12:37:35 +00:00
Richard Levitte
49f1597de2 Provide a pre 0.9.7 compatibility mapping if 
OPENSSL_DES_PRE_0_9_7_COMPATIBILITY is defined.  NOT AT ALL TESTED YET!
Add a comment as to the libdes compatibility.
 2002-03-05 11:26:03 +00:00
Richard Levitte
c9bea5bad3 Provide a pre 0.9.7 compatibility mapping if 
OPENSSL_DES_PRE_0_9_7_COMPATIBILITY is defined.  NOT AT ALL TESTED YET!
Add a comment as to the libdes compatibility.
 2002-03-05 11:25:46 +00:00
Richard Levitte
9e77b7075a A dash was missing in this branch as well. 2002-03-04 18:09:10 +00:00
Richard Levitte
a08ee55e2d Typo. In DCL, the continuation character is a dash at the end of the 
line, which I forgot when spliting one.
 2002-03-04 18:07:59 +00:00
Richard Levitte
5c7f9a627f Rename des_SPtrans to DES_SPtrans to differentiate from libdes and avoid certain linkage clashes. 2002-03-04 16:08:53 +00:00
Richard Levitte
3bac6d9479 Rename des_SPtrans to DES_SPtrans to differentiate from libdes and avoid certain linkage clashes. 2002-03-04 16:08:13 +00:00
Dr. Stephen Henson
c8cd7d9e0f Fix warnings about signed/unsigned mismatch and global 
shadowing (random, index) in hw_4758_cca.c
 2002-03-03 17:08:20 +00:00
Dr. Stephen Henson
66bd86e2c2 Fix warnings about signed/unsigned mismatch and global 
shadowing (random, index) in hw_4758.c
 2002-03-03 17:07:27 +00:00
Richard Levitte
4bf4bc784f make update 2002-02-28 20:29:20 +00:00
Richard Levitte
69c48301e0 make update 2002-02-28 20:28:23 +00:00
Bodo Möller
16b0384bd2 use ERR_peek_last_error() instead of ERR_peek_error() to ignore 
any other errors that may be left in the error queue

Submitted by: Jeffrey Altman
 2002-02-28 14:05:13 +00:00
Bodo Möller
98fa4fce09 use ERR_peek_last_error() instead of ERR_peek_error() to ignore 
any other errors that may be left in the error queue

Submitted by: Jeffrey Altman
 2002-02-28 14:03:41 +00:00
Richard Levitte
1ec1d17e16 VMS addaptation, including a few more long names that needed hacking. 2002-02-28 13:18:47 +00:00
Richard Levitte
87ebdd8a71 VMS addaptation, including a few more long names that needed hacking. 2002-02-28 13:17:40 +00:00
Richard Levitte
1e11df0dc3 Make sure aep_close_connection() is declared and has a prototype that's 
consistent with the rest of the AEP functions
 2002-02-28 12:59:03 +00:00
Richard Levitte
7d68189d8a Make sure aep_close_connection() is declared and has a prototype that's 
consistent with the rest of the AEP functions
 2002-02-28 12:58:43 +00:00
Richard Levitte
421d474332 Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated 2002-02-28 12:44:05 +00:00
Richard Levitte
26414ee013 Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated 2002-02-28 12:42:19 +00:00
Richard Levitte
58060fa11b Updated AEP engine, submitted by Diarmuid O'Neill <Diarmuid.ONeill@aep.ie> 2002-02-28 11:37:35 +00:00
Richard Levitte
5c62f68e14 Updated AEP engine, submitted by Diarmuid O'Neill <Diarmuid.ONeill@aep.ie> 2002-02-28 11:36:38 +00:00
Bodo Möller
59dbdb51dc disable '#ifdef DEBUG' sections 2002-02-28 10:51:56 +00:00
Geoff Thorpe
92d1bc09cb This adds a new ENGINE to support IBM 4758 cards, contributed by Maurice 
Gittens.
 2002-02-27 22:55:28 +00:00
Geoff Thorpe
6d1a837df7 This adds a new ENGINE to support IBM 4758 cards, contributed by Maurice 
Gittens.
 2002-02-27 22:45:48 +00:00
Dr. Stephen Henson
b12540520d Always init ctx_tmp in PKCS7_dataFinal since it is always cleaned up. 2002-02-26 19:33:24 +00:00
Dr. Stephen Henson
bb9dcc99cf Always init ctx_tmp in PKCS7_dataFinal since it is always cleaned up. 2002-02-26 19:32:16 +00:00
Richard Levitte
0d7b9b8b7e make update, after moving around symbols in libeay.num to match 
0.9.7-stable.
 2002-02-26 14:41:29 +00:00
Richard Levitte
3d59821134 make update 2002-02-26 14:37:25 +00:00
Dr. Stephen Henson
e36e473859 Make the engine config module always add dynamic ENGINEs 
to the list using dynamic_path. This stops ENGINEs which
don't supply any default algorithms being automatically
freed (because they have no references) and allows them
to be accessed by id.

Alternative dynamic loading behaviour can be achieved by
issuing the dynamic ENGINE ctrls separately in the config file.
 2002-02-24 16:22:20 +00:00
Dr. Stephen Henson
4a3e6bce79 Make the engine config module always add dynamic ENGINEs 
to the list using dynamic_path. This stops ENGINEs which
don't supply any default algorithms being automatically
freed (because they have no references) and allows them
to be accessed by id.

Alternative dynamic loading behaviour can be achieved by
issuing the dynamic ENGINE ctrls separately in the config file.
 2002-02-24 16:20:50 +00:00
Dr. Stephen Henson
a3829cb720 Updates from stable branch. 2002-02-23 13:50:29 +00:00
Dr. Stephen Henson
d7fb66aa82 Remove old comment 2002-02-23 13:43:07 +00:00
Dr. Stephen Henson
344b3b5ce1 OPENSSL_LOAD_CONF define as in main trunk 2002-02-23 02:09:29 +00:00
Dr. Stephen Henson
3f7cf29124 Update from main branch. 2002-02-23 01:47:59 +00:00
cvs2svn
63dc69fef6 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_7-stable'.
 2002-02-23 01:00:45 +00:00
Dr. Stephen Henson
e84be9b495 New OPENSSL_LOAD_CONF define to load openssl.cnf 
when OpenSSL_add_all_algorithms() is called.
 2002-02-23 01:00:44 +00:00
Dr. Stephen Henson
3208ff58ca make errors 2002-02-22 21:17:31 +00:00
Dr. Stephen Henson
6707d22a40 Update from stable branch. 2002-02-22 14:07:35 +00:00
Dr. Stephen Henson
3647bee263 Config code updates. 
CONF_modules_unload() now calls CONF_modules_finish()
automatically.

Default use of section openssl_conf moved to
CONF_modules_load()

Load config file in several openssl utilities.

Most utilities now load modules from the config file,
though in a few (such as version) this isn't done
because it couldn't be used for anything.

In the case of ca and req the config file used is
the same as the utility itself: that is the -config
command line option can be used to specify an
alternative file.
 2002-02-22 14:01:21 +00:00
Dr. Stephen Henson
0cd8572b2d Config code updates. 
CONF_modules_unload() now calls CONF_modules_finish()
automatically.

Default use of section openssl_conf moved to
CONF_modules_load()

Load config file in several openssl utilities.

Most utilities now load modules from the config file,
though in a few (such as version) this isn't done
because it couldn't be used for anything.

In the case of ca and req the config file used is
the same as the utility itself: that is the -config
command line option can be used to specify an
alternative file.
 2002-02-22 13:58:15 +00:00
Bodo Möller
de603b75fc disable '#ifdef DEBUG' sections 2002-02-21 14:08:47 +00:00
Bodo Möller
3e563bcea7 disable '#ifdef DEBUG' sections 2002-02-21 13:07:44 +00:00
Bodo Möller
1244be2eda disable '#ifdef DEBUG' sections 2002-02-21 13:00:45 +00:00
Dr. Stephen Henson
92f91ff48b Config file updates from stable branch 2002-02-21 00:54:54 +00:00
Richard Levitte
b0701709c1 Add comfy aliases for AES in CBC mode. 2002-02-20 18:00:23 +00:00
Richard Levitte
5b7848a345 Add comfy aliases for AES in CBC mode. 2002-02-20 17:59:49 +00:00
Richard Levitte
34aa216a65 Stop assuming the IV is 8 bytes long, use the real size instead. 
This is especially important for AES that has a 16 bytes IV.
 2002-02-20 17:56:01 +00:00
Richard Levitte
915c6a21ba Stop assuming the IV is 8 bytes long, use the real size instead. 
This is especially important for AES that has a 16 bytes IV.
 2002-02-20 17:55:08 +00:00
Richard Levitte
a76a29f233 Merge in recent changes from the main trunk. 2002-02-20 17:53:17 +00:00
Richard Levitte
236be53269 gcc figures that the format specifier %2x means unsigned int, so let's 
make n unsigned.
 2002-02-20 13:50:36 +00:00
Richard Levitte
1fc1bd382b Instead of casting a lvalue, let's constify meth. 2002-02-20 13:49:17 +00:00
Bodo Möller
3613e6fc57 simplifications 
Submitted by: Nils Larsch
 2002-02-20 13:08:17 +00:00
Richard Levitte
bd53a054b1 Merg in recent changes from the main trunk. 2002-02-20 12:28:32 +00:00
Richard Levitte
f19759a182 Instead of just checking for OpenVMS, check if DEC C is used, since it's as 
picky on all platforms
 2002-02-20 12:01:24 +00:00
Bodo Möller
d009bcbfb6 bugfix: allocate sufficiently large buffer 
Submitted by: Nils Larsch
 2002-02-20 11:59:42 +00:00
Bodo Möller
211b8685d3 bugfix: allocate sufficiently large buffer 
Submitted by: Nils Larsch
 2002-02-20 11:58:17 +00:00
Richard Levitte
4b71f63ac0 Comparing a pointer (data) with 0 using > is incorrect. The changed 
comparison doesn't look right, but at least it compiles.  It would be nice
if the one who knows what this is supposed to do changed it to do it correctly
 2002-02-20 11:57:33 +00:00
Richard Levitte
3adb8c3854 With Compaq make, it seems like # inside an action becomes part of the command, not a comment at all 2002-02-20 11:43:40 +00:00
Geoff Thorpe
5b2d6ff07e make update 2002-02-20 08:33:55 +00:00
Dr. Stephen Henson
9c75b2d931 Use default openssl.cnf if config filename set to NULL and 
openssl_conf if appname NULL.
 2002-02-19 23:25:18 +00:00
Richard Levitte
3d7ba69a05 The AES modes OFB and CFB are defined with 128 feedback bits. This 
deviates from the "standard" 64 bits of feedback that all other
algorithms are using.  Therefore, let's redo certain EVP macros to
accept different amounts of feedback bits for these modes.

Also, change e_aes.c to provide all usually available modes for AES.
CTR isn't included yet.
 2002-02-16 12:39:58 +00:00
Richard Levitte
a6cd870784 The AES modes OFB and CFB are defined with 128 feedback bits. This 
deviates from the "standard" 64 bits of feedback that all other
algorithms are using.  Therefore, let's redo certain EVP macros to
accept different amounts of feedback bits for these modes.

Also, change e_aes.c to provide all usually available modes for AES.
CTR isn't included yet.
 2002-02-16 12:39:07 +00:00
Richard Levitte
58133d22a8 Add the modes OFB128, CFB128 and CTR128 to AES. 
Submitted by Stephen Sprunk <stephen@sprunk.org>
 2002-02-16 12:21:43 +00:00
cvs2svn
330e5c5460 This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_7-stable'.
 2002-02-16 12:20:35 +00:00
Richard Levitte
97879bcd57 Add the modes OFB128, CFB128 and CTR128 to AES. 
Submitted by Stephen Sprunk <stephen@sprunk.org>
 2002-02-16 12:20:34 +00:00
Richard Levitte
ab519c8262 Adjust the NID names for the AES modes OFB and CFB to contain the number 
of feedback bits
 2002-02-16 12:16:43 +00:00
Richard Levitte
ab1dee1efc Adjust the NID names for the AES modes OFB and CFB to contain the number 
of feedback bits
 2002-02-16 12:15:30 +00:00
Richard Levitte
e072aa535d The macro IMPLEMENT_ASN1_FUNCTIONS_const already contains an ending ;, 
so do not add one after the expansion, since ANSI C doesn't allow ;;
at this level (or at least, so tells me gcc).
 2002-02-16 12:03:25 +00:00
Richard Levitte
48f9859d2a Local time' shadows the global function time()'. Rename the local 
variable to `tim' (and, as a matter of consequence, `time_d' to `tim_d').
 2002-02-16 12:01:13 +00:00
Richard Levitte
48b5083ca0 Missing #endif 2002-02-16 11:58:16 +00:00
Bodo Möller
c363b5a62f constify 2002-02-15 10:19:22 +00:00
Dr. Stephen Henson
80bbb6578e Add flag to disable config module DSO loading. 2002-02-15 02:43:50 +00:00
Dr. Stephen Henson
19cc0f0ab4 Only initialize cipher ctx if cipher is not NULL. 2002-02-15 01:01:36 +00:00
Dr. Stephen Henson
14e14ea68c Allow a NULL store parameter to X509_STORE_CTX_init(). 2002-02-15 00:58:14 +00:00
Dr. Stephen Henson
834d37ed86 Don't call finish function if it isn't set. 
Fix OID module.
 2002-02-15 00:33:35 +00:00
Dr. Stephen Henson
86a0d0234d Add argument to OPENSSL_config() and add flag to 
tolerate missing config file.
 2002-02-14 23:39:36 +00:00
Dr. Stephen Henson
4598be561a typo (?) 2002-02-14 18:52:37 +00:00
Dr. Stephen Henson
af5db47e99 Fix warnings: 
#if out some unused function.

"index" is a global function on some platforms.
 2002-02-14 18:46:12 +00:00
Richard Levitte
fb67f40f04 Add the configuration target VxWorks. 2002-02-14 16:23:55 +00:00
Bodo Möller
e65991f977 fix indentation 2002-02-14 16:08:55 +00:00
Richard Levitte
3e83e686ba Add the configuration target VxWorks. 2002-02-14 15:37:38 +00:00
Bodo Möller
48033c3242 fix: make it possible to disable memory debugging even if it is 
enabled by default
 2002-02-14 14:47:15 +00:00
Bodo Möller
8f06b00373 make it possible to disable memory checking for timings 2002-02-14 14:41:13 +00:00
Bodo Möller
aa1f5b3581 don't call OPENSSL_config(), this does not make any sense during "make test" 2002-02-14 13:52:11 +00:00
Bodo Möller
6cc3700314 don't call OPENSSL_config(), this does not make any sense during "make test" 2002-02-14 13:51:20 +00:00
Richard Levitte
d9d3a69595 Make sure memset() is defined by including string.h 
Notified by Oscar Jacobsson <oscar@jacobsson.org>
 2002-02-14 13:51:13 +00:00
Richard Levitte
cc1489d2f2 Make sure memset() is defined by including string.h 
Notified by Oscar Jacobsson <oscar@jacobsson.org>
 2002-02-14 13:51:04 +00:00
Richard Levitte
016029c69f For some reason, getting the topmost error was done the same way as 
getting the bottommost one.  I hope I understood correctly how this
should be done.  It seems to work when running evp_test in an
environment where it can't find openssl.cnf.
 2002-02-14 13:45:26 +00:00
Richard Levitte
f9adfa6d4e For some reason, getting the topmost error was done the same way as 
getting the bottommost one.  I hope I understood correctly how this
should be done.  It seems to work when running evp_test in an
environment where it can't find openssl.cnf.
 2002-02-14 13:42:33 +00:00
Bodo Möller
d8309efc72 EC_GROUP_get_group_by_name() is now called EC_GROUP_new_by_name() 2002-02-14 10:23:20 +00:00
Ben Laurie
f43acc8a50 Fix warnings. 2002-02-14 09:59:35 +00:00
Richard Levitte
976b2c9c2f Because making the key strong by xoring the last byte with 0xF0 
generates different keys than previous versions of OpenSSL and libdes,
let's make Assar's change experimental for now.
 2002-02-14 02:43:57 +00:00
Bodo Möller
4d94ae00d5 ECDSA support 
Submitted by: Nils Larsch <nla@trustcenter.de>
 2002-02-13 18:21:51 +00:00
Bodo Möller
60d8bae30d some modifications to named curve support 2002-02-13 17:57:52 +00:00
Richard Levitte
0caec9e8f8 Modify the main trunk version to 0.9.8-dev. 
0.9.7 now lives in the branch OpenSSL_0_9_7-stable.
 2002-02-13 17:46:38 +00:00
Bodo Möller
4f85a2e21e new locks 2002-02-13 17:25:27 +00:00
Bodo Möller
945e15a253 add support for named curves 
Submitted by: Nils Larsch <nla@trustcenter.de>
 2002-02-13 17:22:59 +00:00
cvs2svn
fbfcdc4cef This commit was manufactured by cvs2svn to create branch 
'OpenSSL_0_9_7-stable'.
 2002-02-13 14:44:34 +00:00
Richard Levitte
81269a81ee Remove an unused variable. 2002-02-07 21:55:22 +00:00
Richard Levitte
3537525e00 Oops, do not unlock CRYPTO_LOCK_DYNLOCK when we locked 
CRYPTO_LOCK_RAND...
 2002-02-07 21:49:21 +00:00
Richard Levitte
d38f3ad1ee I forgot to include the aep and sureware vendor header files. 2002-02-07 21:43:05 +00:00
Richard Levitte
e083f91497 Because AEP and we used the same AEP_R_ prefix for error reasons, 
lets change our prefix to AEPHK_R_.  Otherwise, we get very mysterious
errors because we happen to redefine AEP_R_OK and AEP_R_GENERAL_ERROR.
 2002-02-07 21:12:08 +00:00
Richard Levitte
ba2cad19cf Add aep and sureware implementations and clean up some error reasons 
that were never part of the engine framework.

The aep and sureware implementations are taken directly from 0.9.6c
[engine] and have been modified to fit the newer engine framework and
to be possible to build shared libraries of.

The aep implementation has gone through quite a bunch of tests and is
cleaned up (there were some misunderstandings in it about how to use
locks).

The sureware hasn't been tested at all in this incarnation and is
basically a quick hack to get it to compile properly.
 2002-02-07 20:44:14 +00:00
Richard Levitte
db0a1efcc9 Certain reasons aren't really part of the engine framework, so let's 
make them ubsec-specific in the ubsec implementation.
 2002-02-07 20:37:55 +00:00
Richard Levitte
9074521458 Generate the individual engines' error strings and macros 
automatically.
 2002-02-07 20:02:49 +00:00
Richard Levitte
de2f6e4dae 'make update' 2002-02-05 17:34:58 +00:00
Richard Levitte
44bdb056d4 With the changed des_old API, let's complete the work by renaming the 
functions in ui_compat.  This gave reason to rework that part more
thoroughly, so here are the changes made:

1. Add DES_read_password() and DES_read_2passwords() with the same
   functionality as the corresponding old des_ functions, as a
   convenience to the users.
2. Add UI_UTIL_read_pw_string() and UI_UTIL_read_pw() with the
   functionality from des_read_pw_string() and des_read_pw(), again as
   a concenience to the users.
3. Rename des_read_password(), des_read_2passwords(),
   des_read_pw_string() and des_read_pw() by changing des_ to
   _ossl_old_des_, and add the usual mapping macros.
4. Move the implementation of des_read_password() and
   des_read_2passwords() to the des directory, since they are tightly
   tied to DES anyway.

This change was inspired by a patch from Assar Westerlund <assar@sics.se>:

There are some functions that didn't get the kick-away-old-des-and-
replace-des-with-DES action.  Here's a patch that adds DES_ and des_
(in des_old.h) versions of des_read_pw_string et al.  This patch
includes some of the first des_old.h semi-colon macro fixes that I've
already sent.
 2002-02-05 17:15:18 +00:00
Richard Levitte
c31bbf1e68 Apply one patch from Assar Westerlund <assar@sics.se>: 
The following patch makes sure that string2key does not use weak DES
keys (then making them non-weak by xor:ing with 0xF0).
 2002-02-05 15:05:42 +00:00
Richard Levitte
5e68f8ce15 Apply three patches from Assar Westerlund <assar@kth.se>: 
This patch makes the macros in des_old.h actually pretend to be
functions.

There's no reason not to define _ossl_old_crypt when using
PERL5/FreeBSD/darwin/Next, since it makes using crypt and including
des.h break.  Here's a trivial patch.

This patch fixes some of the typos used in macro names in des_old.h
and the number of arguments for some of them.
 2002-02-05 06:02:58 +00:00
Richard Levitte
b9a3ef4c6e ASN1_BIT_STRING_set_bit() didn't clear previously set bits 2002-02-03 21:31:41 +00:00
Dr. Stephen Henson
1955b87423 #undef some things that cause a conflict under Win32 when 
wincrypt.h is included.
 2002-02-02 13:19:27 +00:00
Lutz Jänicke
866eedb936 Shut up compiler warnings for inconsistent declarations. 2002-01-29 17:14:50 +00:00
Richard Levitte
1199e2d8cf Apply patch from Toomas Kiisk <vix@cyber.ee> and complete it. 2002-01-29 12:36:01 +00:00
Bodo Möller
072569e0f1 Undo previous change, X509_check_issued() was correct. 
[See
     Message-ID: <3BB07999.30432AD2@celocom.com>
     Date: Tue, 25 Sep 2001 13:33:29 +0100
     From: Dr S N Henson <drh@celocom.com>
     To: openssl-dev@openssl.org
     Subject: Re: Error in v3_purp.c
]
 2002-01-27 17:41:12 +00:00
Lutz Jänicke
2a81428489 Remove blanks at begin of empty lines irritating epv_test.c 2002-01-26 15:24:38 +00:00
Richard Levitte
b77fcddb6b Apply a small patch from Oscar Jacobsson <oscar@jacobsson.org> that 
makes things more compilable with VC++.
 2002-01-26 04:50:41 +00:00
Richard Levitte
f6fbd470e3 It looks like I didn't remove everything that has to do with the 
non-existant aestest.c.
 2002-01-26 04:45:37 +00:00
Richard Levitte
63810d8566 Apply a small patch from Diego R. Lopez <diego.lopez@rediris.es>, 
making X509_check_issued() properly match an issuer that's found in a
Authority Key Identifier.
 2002-01-26 04:25:16 +00:00
Richard Levitte
123c401967 GCC uses __i386__. 2002-01-26 03:57:41 +00:00
Richard Levitte
2d57b73a50 I got a request to make the "old des" symbols more closely tied to 
OpenSSL.  Adding '_ossl' in the name seems to be a good way to do
this.
 2002-01-26 01:14:09 +00:00
Richard Levitte
a297985f42 Apply a change by Toomas Kiisk <vix@cyber.ee>: 
* Fix a crashbug and a logic bug in hwcrhk_load_pubkey()
 2002-01-25 17:45:30 +00:00
Richard Levitte
72165799a8 There is no aestest currently. The EVP tester is used to check the 
AES algorithm.
 2002-01-25 07:52:25 +00:00
Geoff Thorpe
f1c2a9de45 The 'type' parameter, an EVP_MD pointer, represents the type of digest 
required as well as a default implementation (when no ENGINE provides a
replacement implementation). This change makes sure the correct
implementation's "init()" handler is used rather than assuming 'type'.
 2002-01-25 03:13:50 +00:00
Richard Levitte
52b66a622d Keep the NIST AES vectors that were there previously. 2002-01-24 18:09:50 +00:00
Bodo Möller
273db408a8 sort functions ... 2002-01-24 17:17:33 +00:00
Bodo Möller
957b6db3b1 fix formatting of automatically generated error section 2002-01-24 16:20:42 +00:00
Bodo Möller
a14e2d9dfe New functions 
ERR_peek_last_error
    ERR_peek_last_error_line
    ERR_peek_last_error_line_data
(supersedes ERR_peek_top_error).

Rename OPENSSL_NO_OLD_DES_SUPPORT into OPENSSL_DISABLE_OLD_DES_SUPPORT
because OPENSSL_NO_... indicates disabled algorithms (according to
mkdef.pl).
 2002-01-24 16:16:43 +00:00
Richard Levitte
fe19c448f0 make update 
libeay.num got tweaked so the old des symbols would retain their
positions.
 2002-01-24 12:31:54 +00:00
Richard Levitte
fcf6473199 Because of recent changes, there's no need to hack the des symbols any 
more.
 2002-01-24 12:30:15 +00:00
Richard Levitte
5dcf517d84 To avoid all kinds of link-level clashes, rename all old des_* 
functions to _old_des_*.
 2002-01-24 12:19:13 +00:00
Ben Laurie
24995f3a10 Support old DES APIs by default. 2002-01-22 23:19:01 +00:00
Ben Laurie
0fc5cf0870 Make no config file not an error. Move /dev/crypto config to ctrl. 2002-01-22 22:29:58 +00:00
Dr. Stephen Henson
f78d4a35f8 Constification. 2002-01-22 02:06:33 +00:00
Dr. Stephen Henson
df5eaa8a52 default_algorithms option in ENGINE config. 2002-01-22 01:40:18 +00:00
Lutz Jänicke
575e664a7c Fix incorrect BIO_*_ctrl() macros (Shay Harding <sharding@ccbill.com>). 2002-01-21 17:59:37 +00:00
Richard Levitte
7389c848d4 Use FIPS-197 vectors for AES. The NIST vectors were constructed by 
reencrypting or redecrypting the ciphertext 10000 times, which of
course gives higly different results.
 2002-01-21 17:55:38 +00:00
Richard Levitte
4d393410f3 Add more of the NIST test vectors for AES. 
For some reason, they give incorrect results with the OpenSSL
implementation.  I wonder why...
 2002-01-21 16:09:45 +00:00
Richard Levitte
bd69750360 Bring VMS up to date with development. 2002-01-21 15:37:53 +00:00
Dr. Stephen Henson
c9501c223f Initial ENGINE config module, docs to follow. 
Fix buffer overrun errors in OPENSSL_conf().
 2002-01-21 03:02:36 +00:00
Ben Laurie
9dd5ae6553 Constification, add config to /dev/crypto. 2002-01-18 16:51:05 +00:00
Bodo Möller
e1e876072d disable broken code 2002-01-18 12:28:05 +00:00
Ben Laurie
dd2589494f Other errors are possible. 2002-01-18 12:19:24 +00:00
Ben Laurie
1cfa8a397f Stupid apps should die, not fail silently. 2002-01-18 11:46:39 +00:00
Ben Laurie
bdae099862 Fix memory leak. 2002-01-18 11:32:30 +00:00
Ben Laurie
cca28b291c Constification, missing declaration, update dependencies. 2002-01-18 10:59:43 +00:00
Ben Laurie
45d87a1ffe Prototype info function. 2002-01-12 15:56:13 +00:00
Ben Laurie
37530362fa Return value could be undefined. 2002-01-12 13:13:22 +00:00
Richard Levitte
fd795679bb Patches to make OpenSSL compilable on MacOS/X. 
Submitted by Pier Fumagalli <pier@betaversion.org>
 2002-01-08 09:19:31 +00:00
Geoff Thorpe
e4dd79bbc8 - Add the same header stuff to aes_locl.h as is in des_locl.h to avoid 
undefined functions (memset, etc).
- Put a .cvsignore in the aes directory too.
 2002-01-05 12:55:08 +00:00
Dr. Stephen Henson
bc37d996fc Experimental configuration code. 
Incomplete, largely untested and subject to change/deletion.
 2002-01-05 01:37:16 +00:00
Bodo Möller
245f44e2ab add automatically generated ERR_load_... prototype 2002-01-04 13:12:08 +00:00
Bodo Möller
e5d6528a12 fix EVP_CIPHER_mode macro 
Submitted by: "Dan S. Camper" <dan@bti.net>
 2002-01-04 13:04:45 +00:00
Richard Levitte
6f9079fd50 Because Rijndael is more known as AES, use crypto/aes instead of 
crypto/rijndael.  Additionally, I applied the AES integration patch
from Stephen Sprunk <stephen@sprunk.org> and fiddled it to work
properly with the normal EVP constructs (and incidently work the same
way as all other symmetric cipher implementations).

This results in an API that looks a lot like the rest of the OpenSSL
cipher suite.
 2002-01-02 16:55:35 +00:00
Richard Levitte
c938563a81 The block size may be something other than 8! 2002-01-02 16:51:17 +00:00
Richard Levitte
40928698bb When RSA or DSA are disabled, do not include the stuff that's specific 
to them.
 2002-01-02 12:45:51 +00:00
Richard Levitte
138d8ab0c7 make update 2002-01-02 12:44:54 +00:00
Richard Levitte
67fec850e1 Allow verification of other types than DATA. 
Submitted by Leonard Janke <leonard@votehere.net>
 2002-01-02 11:54:38 +00:00
Richard Levitte
e7227322b3 Allow 8-bit characters. This is not really complete, it only marks 
characters with the highest bit set as HIGHBIT.  We need to expand
this to support the UTF-8 character set properly.  However, this
solves the problem that the character 0x80 (which is common in UTF-8)
gets masked to 0x00.
Patch submitted by "Huang Yuzhen" <huangyuzhen@bj.tom.com>
 2002-01-02 11:06:02 +00:00
Richard Levitte
a92ae07091 And just for the sake of completeness, let's add some standard macros... 2001-12-21 01:12:29 +00:00
Richard Levitte
68809d3969 Better use the same number in all branches, to avoid confusion 2001-12-21 01:08:40 +00:00
Richard Levitte
d6a89fcf88 Do not forget to compile comp_err.c 2001-12-20 22:12:10 +00:00
Ben Laurie
7c517a04b1 Security fix. 2001-12-20 12:18:08 +00:00
Bodo Möller
755cc53a6e formatting consistency 2001-12-17 19:28:05 +00:00
Bodo Möller
1226c472b7 oops 2001-12-17 19:26:43 +00:00
Bodo Möller
4d7072f4b5 remove redundant ERR_load_... declarations 2001-12-17 19:22:23 +00:00
Bodo Möller
66df02fd98 fix BN_rand_range 2001-12-14 10:09:29 +00:00
Richard Levitte
f11fd3f4e1 Implement failover for ubsec. Submitted by Subramanian Ramamoorthy 
<sram@broadcom.com> with the following comment:

[...] We have implemented failover (ie, if for some reason that the
hardware fails, the implementation detects this failure and performs
this operation as if no hardware is present, ie, in software) for
sometime now and have tested it here with our hardware. [...]

This change was cc:ed to exports@crypto.com
 2001-12-12 12:53:13 +00:00
Ulf Möller
31106cc750 name confusion with HP library function prototype (?) 2001-12-10 18:52:06 +00:00
Ben Laurie
ff3fa48fc7 Improve back compatibility. 2001-12-09 21:53:31 +00:00
Dr. Stephen Henson
f3e24baddf Don't overwrite signing time. 2001-12-07 00:36:32 +00:00
Richard Levitte
d4704d5245 UID was never a lable for uniqueIdentifier. However, LDAP and certain 
RFCs concerning X.500 directories use UID as a shorter name for the
attribute type userId, which is defined by CCITT and available through
RFCs 1274 and 2247.

Unfortunately, if some applications have used the name "UID" for the
uniqueIdentifier attribute type, they will produce incorrect results.
However, I found it better to follow the standards that are out there
rather than having our own incompatible one.
 2001-12-04 11:01:17 +00:00
Bodo Möller
c3fbf5d9a8 Fix: 2.5.29 is "id-ce", not "ld-ce" (sort of a typo in objects.h). 
Fix (?): Delete 'ip-pda 6' (id-pda-pseudonym) because it does not exist
in RFC 3039.

Also change Perl scripts to put auto-generation warning in the
first lines of the file.
 2001-12-03 13:47:22 +00:00
Dr. Stephen Henson
6a0dec9584 Make EVP_SealInit() return the correct value. 2001-12-01 23:09:38 +00:00
Dr. Stephen Henson
322de0c8c1 NO_DSA, NO_RSA patches. 2001-12-01 22:41:39 +00:00
Geoff Thorpe
bcbe4e5254 This looks to have been a typo. 2001-11-24 04:02:42 +00:00
Bodo Möller
883b0c2274 fix submitted by Andy Schneider <andy.schneider@bjss.co.uk> 
(in main branch, hn_ncipher.c is already correct)
 2001-11-23 20:58:40 +00:00
Bodo Möller
c05940edc7 comment 2001-11-22 11:08:38 +00:00
Geoff Thorpe
c507a16e49 Cut "ENGINE_ID" to the more concise "ID". 2001-11-22 10:08:49 +00:00
Geoff Thorpe
e4a6cf421a When the "dynamic" ENGINE loads another ENGINE from a shared-library, it 
essentially overwrites itself with the new ENGINE, with the exception of
reference counts, ex_data structures, and other 'admin' elements. However
if the new ENGINE doesn't populate certain elements, there's the risk of
the "dynamic" ENGINE's elements showing through - the "cmd_defns" were just
one of the possibilities. This implements a more comprehensive cleanup.
 2001-11-22 09:13:18 +00:00
Geoff Thorpe
329636d6e3 The "openssl" ENGINE is no longer used except as a testing/debugging 
device. This change enables it for building as a self-contained "dynamic"
ENGINE, to help testing such mechanisms.
 2001-11-22 09:01:11 +00:00
Geoff Thorpe
9163b8fb23 'flags' should only be set inside DSO_load() if constructing a new DSO 
object - otherwise we overwrite any flags that had been previously set in
the DSO before calling DSO_load().
 2001-11-22 08:48:09 +00:00
Richard Levitte
9d93ce246c On VMS, the norm is still that symbols are uppercased, so for now it's better 
to trust that norm.  I might implement a control for this later on
 2001-11-16 13:12:19 +00:00
Bodo Möller
e71adb85c5 avoid stupid compiler warning 2001-11-16 11:37:36 +00:00
Richard Levitte
0d197a833c On systems that don't do too well including headers from a different 
directory, trust the building scripts to handle it properly.
 2001-11-16 08:54:34 +00:00
Richard Levitte
e0031b80ee Make sure evp_locl.h can be included (hw_openbsd_dev_crypto.c needs that). 2001-11-16 08:52:56 +00:00
Bodo Möller
b19941ab05 comment 2001-11-16 06:22:21 +00:00
Bodo Möller
752938daab use a more interesting test case 2001-11-16 06:22:05 +00:00
Bodo Möller
c78515f55e comments etc. 2001-11-15 22:35:41 +00:00
Bodo Möller
3ba1f11147 Improve EC efficiency. 2001-11-15 22:32:11 +00:00
Richard Levitte
acf60ef707 At least for the two common Unixly DSO loading methods, include the 
system error in the error text.
 2001-11-15 18:24:42 +00:00
Richard Levitte
b476df64a1 make update 
perl util/mkerr.pl -recurse -write -rebuild
 2001-11-15 12:25:14 +00:00
Richard Levitte
5b8a57ecae After loading a dynamic engine, reset the command definitions to the 
empty set.  This prevents engines that do not set the command
definitions themselves to inherit the ones from "dynamic", which would
otherwise be very confusing.
 2001-11-14 22:32:19 +00:00
Bodo Möller
3a8a0a3945 2001, not 2000 2001-11-09 13:15:05 +00:00
Bodo Möller
c5d4ab7e35 adjust to OpenSSL_0_9_6-stable version 2001-11-09 13:09:11 +00:00
Bodo Möller
b955dbd325 cast to 'unsigned long' before using ~ if we need an unsigned long result 
Submitted by: "Stefan Marxen" <stefan.marxen@gmx.net>
 2001-11-09 12:58:05 +00:00
Dr. Stephen Henson
3a3619b46a PKCS#12 code fixes: initialize and cleanup digests and ciphers 
properly.
 2001-11-06 13:54:48 +00:00
Dr. Stephen Henson
b83eddc578 Win32 fixes. 2001-11-06 13:40:27 +00:00
Richard Levitte
7f558334ad des_old.h doesn't really need to include des.h, so don't. That will 
avoid clashes with other code that have their own DES_ functions but
really only use OpenSSL's old des_ functions.
 2001-11-06 11:37:14 +00:00
Richard Levitte
6acc3b9689 Place the OpenSSL-specific headers back so they always get included, 
or we get a dependency war in Makefile.ssl
 2001-11-05 18:18:12 +00:00
Richard Levitte
66aa856698 No need to include anything on systems that do not have /dev/crypt 2001-11-05 12:44:14 +00:00
Richard Levitte
a7b42009c4 Change the shared library support so the shared libraries get built 
sooner and the programs get built against the shared libraries.

This requires a bit more work.  Things like -rpath and the possibility
to still link the programs statically should be included.  Some
cleanup is also needed.  This will be worked on.
 2001-10-30 08:00:59 +00:00
Richard Levitte
7b5ffd6834 Addapt VMS scripts to the newer disk layout system ODS-5, which allows more than one period and mixed size characters in file names 2001-10-29 13:05:28 +00:00
Dr. Stephen Henson
1586365835 Stop compiler warnings. 2001-10-27 00:18:04 +00:00
Dr. Stephen Henson
7d5b04db4e Add support for Subject Info Acess extension. 2001-10-27 00:16:53 +00:00
Bodo Möller
b693f941fd Consistency fix in BUF_MEM_grow: Initialise to zero when new memory 
had to be allocated, not just when reusing the existing buffer.
 2001-10-26 13:12:25 +00:00
Bodo Möller
c602e7f4e8 disable caching in BIO_gethostbyname 2001-10-26 13:04:23 +00:00
Ben Laurie
f533b7780e Fix warning. 2001-10-25 14:24:59 +00:00
Bodo Möller
cc2f5a8022 Like MD_Init, MD now must include a NULL engine pointer in its definition. 2001-10-25 08:53:54 +00:00
Bodo Möller
b441bf9226 remove redundant definitions that are also in des.h 2001-10-25 08:46:10 +00:00
Bodo Möller
af50b58c3f filenames are des_old.[ch], not des.comp* 2001-10-25 08:23:13 +00:00
Richard Levitte
ce15d5a9dc Remove DES_random_seed() but retain des_random_seed() for now. Change 
the docs to reflect this change and correct libeay.num.
 2001-10-25 06:46:22 +00:00
Richard Levitte
cfc781be6e Have the removal warnings very high up in the source. 2001-10-25 05:37:10 +00:00
Richard Levitte
84acc3c2bc A C file is a C file is a C file! 2001-10-24 21:31:14 +00:00
Richard Levitte
c2e4f17c1a Due to an increasing number of clashes between modern OpenSSL and 
libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_.  Compatibility routines are provided and declared by including
openssl/des_old.h.  Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.

The compatibility functions will be removed in some future release, at
the latest in version 1.0.
 2001-10-24 21:21:12 +00:00
Richard Levitte
513d4b4c16 make update 2001-10-24 08:27:22 +00:00
Richard Levitte
7ef701519b Correction of the id-pda OID's. 
Submitted by Frederic.Giudicelli@INTRINsec.com
 2001-10-23 14:30:57 +00:00
Dr. Stephen Henson
f1558bb424 Reject certificates with unhandled critical extensions. 2001-10-21 02:09:15 +00:00
Dr. Stephen Henson
98e6654938 Typo. 2001-10-20 16:22:28 +00:00
Dr. Stephen Henson
cecd263878 Add missing EVP_CIPHER_CTX_{init,cleanup} 2001-10-20 16:18:03 +00:00
Dr. Stephen Henson
581f1c8494 Modify EVP cipher behaviour in a similar way 
to digests to retain compatibility.
 2001-10-17 00:37:12 +00:00
Dr. Stephen Henson
20d2186c87 Retain compatibility of EVP_DigestInit() and EVP_DigestFinal() 
with existing code.

Modify library to use digest *_ex() functions.
 2001-10-16 01:24:29 +00:00
Ulf Möller
5dd955dcd2 openbsd-x86 macros 
Submitted by: Toomas Kiisk <vix@cyber.ee>
 2001-10-14 00:57:30 +00:00
Richard Levitte
67d0738aba In certain cases, no encoding has been set up for the b64 filter. In 
such cases, a flush should *not* attempt to finalise the encoding, as
the EVP_ENCODE_CTX structure will only be filled with garbage.  For
the same reason, do the same check when a wpending is performed.
 2001-10-11 19:38:40 +00:00
Richard Levitte
b8a61e7362 'make update' 2001-10-10 21:52:06 +00:00
Richard Levitte
dd5e774664 Add support for md4WithRSAEncryption. 2001-10-10 21:37:45 +00:00
Richard Levitte
b30245dae0 'make update' 2001-10-10 07:56:20 +00:00
Richard Levitte
116daf4c2f To avoid commit wars over dependencies, let's make it so things that 
depend on the environment, like the presence of the OpenBSD crypto
device or of Kerberos, do not change the dependencies within OpenSSL.
 2001-10-10 07:55:02 +00:00
Richard Levitte
4b12506891 A few more OIDs, contributed by Peter Sylvester <Peter.Sylvester@EdelWeb.fr> 2001-10-09 15:32:23 +00:00
Geoff Thorpe
cf98440178 evp_test.c and evptests.txt both need to be linked in the test/ directory 
however for different reasons. This separation should prevent the win32
build from interpreting evptests.txt as source code.
 2001-10-09 01:38:31 +00:00
Geoff Thorpe
c500d44735 Change some EVP prototypes to use "cipher" rather than "type" as a variable 
name. The implementations already use this anyway.
 2001-10-08 17:25:42 +00:00
Geoff Thorpe
18eda73234 EVP_EncryptInit_ex() and EVP_DecryptInit_ex() had been defined in evp.h but 
not implemented. (Bug reported by Martin Szotkowski)

This also changes the non-"_ex" versions to defer directly to
EVP_CipherInit_ex() rather than EVP_CipherInit() to avoid an unecessary
level of indirection.
 2001-10-08 17:24:10 +00:00
Geoff Thorpe
7526e2c043 As ENGINE_load_openbsd_dev_crypto() is an API function, it makes sense for 
it to be defined on all platforms whether or not it is of any practical
use on them. This also resolves linker problems on "special" platforms,
such as win32.
 2001-10-08 17:08:17 +00:00
Geoff Thorpe
6d52f260bf Make sure the "ENGINE_TABLE" cleanup callbacks have correct prototypes. 2001-10-08 17:06:52 +00:00
Geoff Thorpe
752f2b6785 Missing pointer in the eng_table_register function. Reported by 
Martin Szotkowski.
 2001-10-08 14:44:38 +00:00
Lutz Jänicke
e1c279b63d Small documentation fixes (Howard Lum <howard@pumpkin.canada.sun.com>) 2001-10-08 08:37:24 +00:00
Richard Levitte
f8000b9345 'make update' 2001-10-04 07:49:09 +00:00
Richard Levitte
77a8eb352f Since ossl_typ.h is an exported header, we sure need to export it on 
VMS as well :-).
 2001-10-04 07:46:30 +00:00
Richard Levitte
114697bef3 Because there's chances we clash with the system's types.h, rename our 
types.h to ossl_typ.h.
Also, it seems like krb5 was forgotten in some places.
 2001-10-04 07:34:45 +00:00
Richard Levitte
2aa9043ad3 Because there's chances we clash with the system's types.h, rename our 
types.h to ossl_typ.h.
 2001-10-04 07:32:46 +00:00
Dr. Stephen Henson
1a095560f7 Use the maximum block length for the extra size in the encrypt 
BIO buffer instead of hard coding it as 8.
 2001-10-03 12:47:03 +00:00
Dr. Stephen Henson
f329b8d73b Make EVP_DecryptUpdate work again. 2001-10-02 16:19:49 +00:00
Richard Levitte
e3a7463c5d A lot of things are undeclared unless x509.h is included. 2001-10-02 11:06:42 +00:00
Richard Levitte
796c6eadcb Hmm, everything "open" isn't necessarely "openssl" :-). 
*sigh* habit...
 2001-10-02 10:03:15 +00:00
Richard Levitte
b485e5b7e3 Woopsie... 2001-10-01 17:20:28 +00:00
Richard Levitte
1cf9d58cb4 sk_ENGINE_CLEANUP_ITEM_pop_free() is duplicated in ENGINE_cleanup(). 
Let's use sk_ENGINE_CLEANUP_ITEM_pop_free() instead.
 2001-10-01 17:15:28 +00:00
Richard Levitte
0cff933416 Addapt seldom compiled code to new semantics of the key schedule (not 
a pointer any more).
 2001-10-01 17:10:10 +00:00
Richard Levitte
c41b29e5db Some new symbols have very long names... 2001-10-01 17:09:17 +00:00
Richard Levitte
65fb3fa630 o_time.c contains symbols with dollar signs in them, so we must tell 
the compiler not to warn about that.
 2001-10-01 17:08:18 +00:00
Geoff Thorpe
0b0f08dbc7 The cleanup stack in ENGINE changed slightly, so this "make update" is 
needed.
 2001-10-01 16:39:58 +00:00
Geoff Thorpe
5c32657c80 The STACK macros take care of casting to and from the designated item type 
of the stack, and the (void *) type used in the underlying sk_***
functions.  However, declaring a STACK_OF(type) where type is a *function*
type implicitly involves casts between function pointers and data pointers.
That's a no-no. This changes the ENGINE_CLEANUP handling to use a regular
data type in the stack.
 2001-10-01 16:26:00 +00:00
Dr. Stephen Henson
de822715b2 Constify EVP_SealInit, EVP_OpenInit 2001-09-28 01:47:36 +00:00
Dr. Stephen Henson
d46c1a8126 Support fractional seconds in GeneralizedTime 2001-09-28 00:44:44 +00:00
Richard Levitte
e32587d5a6 Synchronise with Unixly build. 2001-09-27 16:07:36 +00:00
Richard Levitte
37da54b10e The #error message must match a very specific regexp (see mkdef.pl, 
currently line 470).
 2001-09-26 15:18:32 +00:00
Ben Laurie
0fea7ed4a4 Don't clean up stuff twice. 2001-09-26 15:15:03 +00:00
Ben Laurie
dbeac560aa Fixes. 2001-09-26 15:14:10 +00:00
Ben Laurie
c9fc143972 Fix warning. 2001-09-26 11:38:57 +00:00
Geoff Thorpe
004aa803a9 "FALLBACK" handling was a hack that was thrown out long ago in the 
ENGINE redevelopment. The idea had been that "-1" could be used as a
special "ask me later" 'nid' rather than specifying supported cipher and
digest 'nid's up front. However the idea turned out to be pretty broken.
 2001-09-25 21:52:39 +00:00
Geoff Thorpe
d7e0299792 Fiddling. 2001-09-25 21:44:12 +00:00
Geoff Thorpe
9dfdf0ad1d This change puts the original OpenBSD /dev/crypto support that was in 
crypto/evp/ into the corresponding ENGINE. This code is currently untested.
 2001-09-25 21:43:08 +00:00
Geoff Thorpe
3b04cdd706 This change adds dummy RC4 and SHA1 support to the "openssl" ENGINE for 
testing. Because of the recent changes (see crypto/engine/README), the
"openssl" ENGINE is no longer needed nor is it loaded automatically or by
ENGINE_load_builtin_engines(). So a explicit ENGINE_load_openssl() call is
required by applications or a modification to eng_all.c before this ENGINE
will be used. This change will send output to stderr as/when its
implementations are used.
 2001-09-25 21:41:20 +00:00
Geoff Thorpe
11a57c7be5 This changes EVP's cipher and digest code to hook via the ENGINE support. 
See crypto/engine/README for details.

- it also removes openbsd_hw.c from the build (that functionality is
  going to be available in the openbsd ENGINE in a upcoming commit)

- evp_test has had the extra initialisation added so it will use (if
  possible) any ENGINEs supporting the algorithms required.
 2001-09-25 21:37:02 +00:00
Geoff Thorpe
b370230b78 This change adds cipher and digest support into ENGINE using the 
ENGING_TABLE mechanism. The necessary hooks from crypto/evp/ to use this
will be committed shortly.
 2001-09-25 21:28:40 +00:00
Geoff Thorpe
50a381b789 indentation. 2001-09-25 21:22:32 +00:00
Geoff Thorpe
534aaf3731 "make update". 2001-09-25 20:39:59 +00:00
Geoff Thorpe
cb78486d97 This commits changes to various parts of libcrypto required by the recent 
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGINE. Previously their use of
"method" pointers was replaced by use of ENGINE references. See
crypto/engine/README for details.

Also, remove the ENGINE iterations from evp_test - even when the
cipher/digest code is committed in, this functionality would require a
different set of API calls.
 2001-09-25 20:23:40 +00:00
Geoff Thorpe
9c9aa4f145 This commits the changes to STACK macros forced by recent ENGINE surgery. 2001-09-25 20:17:15 +00:00
Geoff Thorpe
b6d1e52d45 This change replaces the ENGINE's underlying mechanics with the new 
ENGINE_TABLE-based stuff - as described in crypto/engine/README.

Associated miscellaneous changes;
 - the previous cipher/digest hooks that hardwired directly to EVP's
   OBJ_NAME-based storage have been backed out. New cipher/digest support
   has been constructed and will be committed shortly.
 - each implementation defines its own ENGINE_load_<name> function now.
 - the "openssl" ENGINE isn't needed or loaded any more.
 - core (not algorithm or class specific) ENGINE code has been split into
   multiple files to increase readability and decrease linker bloat.
 - ENGINE_cpy() has been removed as it wasn't really a good idea in the
   first place and now, because of registration issues, can't be
   meaningfully defined any more.
 - BN_MOD_EXP[_CRT] support is removed as per the README.
 - a bug in enginetest.c has been fixed.

NB: This commit almost certainly breaks compilation until subsequent
changes are committed.
 2001-09-25 20:00:51 +00:00
Geoff Thorpe
f185e725a0 Some major restructuring changes to ENGINE, including integrated cipher and 
digest support, are on their way. Rather than having gigantic commit log
messages and/or CHANGES entries, this change to the README will serve as an
outline of what it all is and how it all works.
 2001-09-25 19:31:30 +00:00
Dr. Stephen Henson
591ccf586d Fix AES CBC mode EVP_CIPHER structures: the IV length is always 
16.
 2001-09-25 13:49:58 +00:00
Richard Levitte
98c2a26ea6 In case of memory problems, the va_start() wasn't cleaned with a va_end(). 
Noticed by Thomas Klausner <wiz@danbala.ifoer.tuwien.ac.at>.
 2001-09-24 13:39:48 +00:00
Bodo Möller
be6d77005f comments 2001-09-20 15:41:34 +00:00
Geoff Thorpe
2b67158673 Some of the ENGINE file names were changed for 8.3 filename uniqueness 
recently. So comments including file names have been fixed, and copyright
notices brought up to "2001" at the same time.
 2001-09-14 18:31:57 +00:00
Geoff Thorpe
db744f8950 Fix a typo in the preprocessor logic in eng_list.c that had left RSA, DSA, 
and DH all conditional upon OPENSSL_NO_RSA.
 2001-09-14 18:23:31 +00:00
Geoff Thorpe
e059b19ddb Add a SHA1 test to evptests.txt - only the MD5 hash algorithm was being 
tested previously.
 2001-09-14 18:21:36 +00:00
Geoff Thorpe
997a54c981 'evp_test' needs to initialise and cleanup EVP_CIPHER_CTX structures. Also, 
fix a typo and add cleanup operations. This also switches on memory leak
checking (which is how the rest was found).
 2001-09-14 18:20:44 +00:00
Bodo Möller
4e1b0d8904 avoid "statement not reached" warning 2001-09-13 13:02:59 +00:00
Geoff Thorpe
1a1422643b ENGINE uses a very opaque design, so we can predeclare the structure type 
in "types.h" so that very few headers will need to include engine.h,
generally only C files using API functions will need it (reducing
the header dependencies quite a lot).
 2001-09-12 02:34:20 +00:00
Geoff Thorpe
409960491d ENGINE files were renamed, and error strings are now in eng_err.c 2001-09-12 01:54:17 +00:00
Dr. Stephen Henson
96bd6f730a Add certificate and request demos. 
Fix X509V3 macro so they compile.
 2001-09-12 00:19:20 +00:00
Geoff Thorpe
51ac0cfe44 make update 2001-09-10 21:18:11 +00:00
Geoff Thorpe
1023cfe70d enginetest needs 'memset' defined. 2001-09-10 21:02:06 +00:00
Ulf Möller
8e0a2d8461 missed one file 2001-09-10 20:16:31 +00:00
Bodo Möller
9f29ec4721 fix memory leak (I think) 2001-09-10 18:50:09 +00:00
Bodo Möller
b9a20b5057 remove an old comment 2001-09-10 18:49:25 +00:00
Bodo Möller
8573fa1806 avoid warning ('const' discarded) 2001-09-10 17:46:54 +00:00
Bodo Möller
5a85385387 typo 2001-09-10 16:57:06 +00:00
Bodo Möller
5e54b4f364 Get rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case 
distinction (which does not work well because if CRYPTO_MDEBUG is
defined at library compile time, it is not necessarily defined at
application compile time; and memory debugging now can be reconfigured
at run-time anyway).  To get the intended semantics, we could just use
the EVP_DigestInit_dbg unconditionally (which uses the caller's
__FILE__ and __LINE__ for memory leak debugging), but this would make
memory debugging inconsistent.  Instead, callers can use
CRYPTO_push_info() to track down memory leaks.
 2001-09-10 15:00:30 +00:00
Bodo Möller
5ba372b17c Get rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case 
distinction (which does not work well because if CRYPTO_MDEBUG is
defined at library compile time, it is not necessarily defined at
application compile time; and memory debugging now can be reconfigured
at run-time anyway).  To get the intended semantics, we could just use
the EVP_DigestInit_dbg unconditionally (which uses the caller's
__FILE__ and __LINE__ for memory leak debugging), but this would make
memory debugging inconsistent.  Instead, callers can use
CRYPTO_push_info() to track down memory leaks.

Also fix indentation, and add OpenSSL copyright.
 2001-09-10 14:59:17 +00:00
Bodo Möller
f9b0f47c0c copyright 2001-09-10 14:51:19 +00:00
Bodo Möller
4deeadf7dc Delete pointless casts 2001-09-10 14:10:10 +00:00
Bodo Möller
384eff877c Fix apps/openssl.c and ssl/ssltest.c so that they use 
CRYPTO_set_mem_debug_options() instead of CRYPTO_dbg_set_options(),
which is the default implementation of the former and should usually
not be directly used by applications (at least if we assume that the
options accepted by the default implementation will also be meaningful
to any other implementations).

Also fix apps/openssl.c and ssl/ssltest such that environment variable
setting 'OPENSSL_DEBUG_MEMORY=off' actively disables the compiled-in
library defaults (i.e. such that CRYPTO_MDEBUG is ignored in this
case).
 2001-09-10 09:50:30 +00:00
Dr. Stephen Henson
68dbba9817 Replace old (and invalid) copyright notice. 2001-09-08 12:15:09 +00:00
Bodo Möller
ea7150b070 The various hash #includes in rand_lcl.h *are* needed despite 
<openssl/evp.h> is now used (MD_DIGEST_LENGTH definitions!).
No need to include such headers directly in md_rand.c.
 2001-09-07 23:55:15 +00:00
Ben Laurie
e8330cf5ac Add a cleanup function for MDs. 2001-09-07 12:03:24 +00:00
Ben Laurie
f1047cebea Remove duplication. 2001-09-07 11:44:59 +00:00
Ben Laurie
da8a2e6f90 Now need sha.h for some reason. 2001-09-07 11:44:17 +00:00
Ben Laurie
546ec5a9b3 Redo type-safety fix. 2001-09-07 11:43:30 +00:00
Ulf Möller
14cfde9c83 make engine file names unique in 8.3 2001-09-07 04:14:48 +00:00
Ulf Möller
ce9eab79a7 unused function 2001-09-06 17:02:33 +00:00
Ulf Möller
e9e202cfa8 include the proper header file 2001-09-06 16:25:34 +00:00
Ulf Möller
d83ae69455 double definition 2001-09-06 16:24:29 +00:00
Bodo Möller
619b2c03dc Avoid strdup. 
(Some platforms need _XOPEN_SOURCE and _XOPEN_SOURCE_EXTENDED to get
the declaration, but on other platforms _XOPEN_SOURCE disables
the strdup declaration in <string.h>.)
 2001-09-06 13:09:00 +00:00
Bodo Möller
78f7923580 Totally get rid of CRYPTO_LOCK_ERR_HASH. 
In err.c, flags int_error_hash_set and int_thread_hash_set
appear superfluous since we can just as well initialize
int_error_hash and int_thread_hash to NULL.

Change some of the err.c formatting to conform with the rest of
OpenSSL.
 2001-09-06 12:37:36 +00:00
Bodo Möller
a9ed4da8eb improve OAEP check 2001-09-06 10:42:56 +00:00
Bodo Möller
e1a4814cd4 fix formatting so that the file can be view with any tab-width 2001-09-06 09:30:16 +00:00
Geoff Thorpe
1a7691c059 This adds "destroy" handlers to the existing ENGINEs that load their own 
error strings - the destroy handler functions unload the error strings so
any pending error state referring to them will not attempt to reference
them after the ENGINE has been destroyed.
 2001-09-05 19:00:33 +00:00
Geoff Thorpe
f524ddbe04 ENGINE's init() and finish() handler functions are used when the ENGINE is 
being enabled or disabled (respectively) for operation. Additionally, each
ENGINE has a constructor function where it can do more 'structural' level
intialisations such as loading error strings, creating "ex_data" indices,
etc. This change introduces a handler function that gives an ENGINE a
corresponding opportunity to cleanup when the ENGINE is being destroyed. It
also adds the "get/set" API functions that control this "destroy" handler
function in an ENGINE.
 2001-09-05 18:32:23 +00:00
Geoff Thorpe
e815d3015e Change DH_up() -> DH_up_ref() 2001-09-05 17:02:35 +00:00
Geoff Thorpe
dc2a33d680 "DH_up" had been changed to "DH_up_ref" in libeay.num but the function 
declaration and implementation had not. So a recent update recreated the
original definition in libeay.num ... this corrects it and changes the "dh"
code to the "up_ref" variant.
 2001-09-05 16:54:32 +00:00
Bodo Möller
7ba45bf133 Solaris <string.h> does not declare 'strdup' if _XOPEN_SOURCE is 
defined.

(Preprocessor symbols such as _POSIX_C_SOURCE or _XOPEN_SOURCE are
supposed to disable anything not allowed by the respective
specification; I'm not sure why 'strdup' would be considered
an outlaw though.)
 2001-09-05 14:40:05 +00:00
Ulf Möller
d98a4b7366 bug fix: bn_sqr_recursive output is twice its input size. 2001-09-05 04:43:43 +00:00
Ulf Möller
9d07fd03e3 Use GCC 2.95/3.0 optimization 2001-09-05 02:18:40 +00:00
Ulf Möller
5b46eee0f5 strsep implementation to allow the file to compile on non-BSD systems 
Submitted by: "Brian Havard" <brianh@kheldar.apana.org.au>
 2001-09-04 22:19:06 +00:00
Geoff Thorpe
e5e6a94fbf Make the 'dynamic' ENGINE bundle up the loading application/library's 
locking callbacks to pass to the loaded library (in addition to the
existing mem, ex_data, and err callbacks). Also change the default
implementation of the "bind_engine" function to apply those callbacks, ie.
the IMPLEMENT_DYNAMIC_BIND_FN macro.
 2001-09-04 21:25:17 +00:00