Dr. Stephen Henson
01fc051e8a
Various X509 fixes. Disable broken certificate workarounds
...
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in
CRL issuer certificates. Reject CRLs with unhandled (any)
critical extensions.
2004-03-05 17:16:06 +00:00
Dr. Stephen Henson
91180d45f9
Typos.
...
Reported by: Jose Castejon-Amenedo <Jose.Castejon-Amenedo@hp.com>
2004-03-04 21:44:39 +00:00
Dr. Stephen Henson
0902c559fb
Typos.
...
Reported by: Jose Castejon-Amenedo <Jose.Castejon-Amenedo@hp.com>
2004-03-04 21:41:59 +00:00
Richard Levitte
4d6b383680
Avoid a memory leak in OCSP_parse_url().
...
Notified by Paul Siegel <psiegel@corestreet.com>
2004-03-01 14:58:25 +00:00
Richard Levitte
4cfa4ae820
Avoid a memory leak in OCSP_parse_url().
...
Notified by Paul Siegel <psiegel@corestreet.com>
2004-03-01 14:58:22 +00:00
Richard Levitte
ee121033dc
Make sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also.
...
PR: 833
2004-02-26 22:07:47 +00:00
Richard Levitte
f727266ae8
Make sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also.
...
PR: 833
2004-02-26 22:07:45 +00:00
Geoff Thorpe
c6700d2746
A cleanup of the ecs_ossl.c code and some (doxygen) comments for ecdsa.h
...
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-02-22 19:32:53 +00:00
Geoff Thorpe
1b06804491
When adding positive elements, we can use BN_uadd() instead of BN_add().
...
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-02-22 19:30:41 +00:00
Dr. Stephen Henson
33ad6eca7a
Use an OCTET STRING for the encoding of an OCSP nonce value.
...
The old raw format can't be handled by some implementations
and updates to RFC2560 will make the OCTET STRING mandatory.
2004-02-19 18:17:35 +00:00
Dr. Stephen Henson
dc90f64d56
Use an OCTET STRING for the encoding of an OCSP nonce value.
...
The old raw format can't be handled by some implementations
and updates to RFC2560 will make this mandatory.
2004-02-19 18:16:38 +00:00
Geoff Thorpe
6c43032121
minor signed/unsigned warning fixes
2004-02-10 18:46:10 +00:00
Andy Polyakov
1751034669
Typo in crypto/bn/asm/x86_64.c, bn_div_words().
...
PR: 821
2004-02-07 09:51:28 +00:00
Andy Polyakov
ad55502092
Typo in crypto/bn/asm/x86_64.c, bn_div_words().
...
PR: 821
2004-02-07 09:46:47 +00:00
Dr. Stephen Henson
d4575825f1
Add flag to avoid continuous
...
memory allocate when calling EVP_MD_CTX_copy_ex().
Without this HMAC is several times slower than
< 0.9.7.
2004-02-01 13:39:51 +00:00
Dr. Stephen Henson
31edde3edc
Add flag to avoid continuous
...
memory allocate when calling EVP_MD_CTX_copy_ex().
Without this HMAC is several times slower than
< 0.9.7.
2004-02-01 13:37:56 +00:00
Andy Polyakov
d04b1b4656
Typo in PA-RISC 2 rules in crypto/bn/Makefile.ssl
2004-01-30 05:41:23 +00:00
Andy Polyakov
1247092776
HP/UX PA-RISC 2 targets update.
2004-01-29 22:16:08 +00:00
Richard Levitte
381a693c39
make update
2004-01-29 10:23:54 +00:00
Richard Levitte
86cb571e28
Have the declarations match the definitions.
2004-01-29 09:41:01 +00:00
Richard Levitte
319a2c5f65
Typo
2004-01-29 02:55:47 +00:00
Richard Levitte
61a88c31c0
Typo
2004-01-29 02:55:43 +00:00
Richard Levitte
9d0e895120
Make n unsigned, to avoid signed vs. unsigned conflicts.
2004-01-29 00:05:54 +00:00
Richard Levitte
5922128732
0.9.7-stable is in freeze. That means we do bug fixes only, not new
...
functionality. Therefore, I'm backing out most of the "CFB DES
sync-up with FIPS branch" commit (I'm keeping the corrections of
DES_cfb_encrypt()).
2004-01-28 23:31:20 +00:00
Richard Levitte
e5886a2388
make update
2004-01-28 19:07:41 +00:00
Richard Levitte
8d1ebe0bd1
Add the missing parts for DES CFB1 and CFB8.
...
Add the corresponding AES parts while I'm at it.
make update
2004-01-28 19:05:35 +00:00
Richard Levitte
1fb724449d
make update
2004-01-28 18:38:33 +00:00
Richard Levitte
cb37947a71
Unsigned vs. signed problem removed
2004-01-28 08:48:15 +00:00
Richard Levitte
721a5e83f9
Unsigned vs. signed problem removed
2004-01-28 08:48:11 +00:00
Andy Polyakov
6df617a59d
#undef _POSIX_C_SOURCE in ui_openssl.c ruined IRIX builds. Comment on why
...
_POSIX_C_SOURCE needed in first place.
2004-01-27 22:06:48 +00:00
Andy Polyakov
8c6336b0aa
CFB DES sync-up with FIPS branch.
2004-01-27 21:47:35 +00:00
Andy Polyakov
4668056fc9
CFB DES sync-up with FIPS branch.
2004-01-27 21:46:19 +00:00
Richard Levitte
87203dc99a
Avoid signed vs. unsigned warnings (which are treated like errors on
...
Windows).
2004-01-27 01:16:38 +00:00
Richard Levitte
de23af982a
Avoid signed vs. unsigned warnings (which are treated like errors on
...
Windows).
2004-01-27 01:16:09 +00:00
Richard Levitte
3a5a176ea0
S_IFBLK and S_IFCHR may not exist in some places (like Windows), so
...
let's check for those macros, and if they aren't defined, let's assume
there aren't Unixly devices on this platform.
2004-01-26 23:46:03 +00:00
Richard Levitte
4de65cbc06
S_IFBLK and S_IFCHR may not exist in some places (like Windows), so
...
let's check for those macros, and if they aren't defined, let's assume
there aren't Unixly devices on this platform.
2004-01-26 23:45:32 +00:00
Andy Polyakov
27b2b78f90
Even though C specification explicitly says that constant type "stretches"
...
automatically to accomodate the value, some compilers fail to do so. Most
notably 0x0123456789ABCDEF should come out as long long in 32-bit context,
but HP compiler truncates it to 32-bit value. Which in turn breaks GF(2^m)
arithmetics in hpux-parisc2-cc build. Therefore this fix...
2004-01-25 10:53:43 +00:00
Andy Polyakov
7f24b1c3e9
Get rid of bogus warning when compiling with Sun vendor compiler.
2004-01-24 16:31:21 +00:00
Richard Levitte
a5e8bcfb7b
We're passed p, so let's use p instead of making assumptions.
2004-01-24 01:16:02 +00:00
Richard Levitte
a1d37a96df
Typo...
2004-01-22 22:36:48 +00:00
Richard Levitte
9d5c3c1939
Typo...
2004-01-22 22:36:46 +00:00
Andy Polyakov
d435752b0a
Proper support for HP-UX64 gcc build.
...
PR: 772
2004-01-21 09:58:18 +00:00
Andy Polyakov
c8b14ca177
SHA-1 assembler tune-up for Intel P4
2004-01-21 08:19:36 +00:00
Andy Polyakov
30cb9ec715
SHA-1 assembler tune-up for Intel P4
2004-01-21 08:17:08 +00:00
Richard Levitte
af6dab9b00
Adding a slash between the directoryt and the file is a problem with
...
VMS. The C RTL can handle it well if the "directory" is a logical
name with no colon, therefore ending being 'logname/file'. However,
if the given logical names actually has a colon, or if you use a full
VMS-syntax directory, you end up with 'logname:/file' or
'dev:[dir1.dir2]/file', and that isn't handled in any good way.
So, on VMS, we need to check if the directory string ends with a
separator (one of ':', ']' or '>' (< and > can be used instead [ and
])), and handle that by not inserting anything between the directory
spec and the file name. In all other cases, it's assumed the
directory spec is a logical name, so we need to place a colon between
it and the file.
Notified by Kevin Greaney <kevin.greaney@hp.com>.
2004-01-10 18:04:38 +00:00
Richard Levitte
8ba5c63de9
Adding a slash between the directoryt and the file is a problem with
...
VMS. The C RTL can handle it well if the "directory" is a logical
name with no colon, therefore ending being 'logname/file'. However,
if the given logical names actually has a colon, or if you use a full
VMS-syntax directory, you end up with 'logname:/file' or
'dev:[dir1.dir2]/file', and that isn't handled in any good way.
So, on VMS, we need to check if the directory string ends with a
separator (one of ':', ']' or '>' (< and > can be used instead [ and
])), and handle that by not inserting anything between the directory
spec and the file name. In all other cases, it's assumed the
directory spec is a logical name, so we need to place a colon between
it and the file.
Notified by Kevin Greaney <kevin.greaney@hp.com>.
2004-01-10 18:04:36 +00:00
cvs2svn
7f36acd8fe
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_7-stable'.
2004-01-04 18:59:15 +00:00
Lutz Jänicke
09d7c42a7c
Update URI
...
Submitted by: Gertjan van Oosten <gertjan@West.NL>
PR: #804
2004-01-04 18:06:51 +00:00
Lutz Jänicke
c0017a5a65
Update URI
...
Submitted by: Gertjan van Oosten <gertjan@West.NL>
PR: #804
2004-01-04 18:05:50 +00:00
Richard Levitte
075521725d
Fix Perl problems on sparc64.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:13:18 +00:00
Richard Levitte
faa9c5cbdc
Fix Perl problems on sparc64.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:13:16 +00:00
Richard Levitte
f28e8bd300
Only use environment variables if uid and gid are the same as euid and egid.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:07:20 +00:00
Richard Levitte
3e786f4b0d
Only use environment variables if uid and gid are the same as euid and egid.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:07:18 +00:00
Richard Levitte
de02ec2767
Check if a random "file" is really a device file, and treat it
...
specially if it is.
Add a few OpenBSD-specific cases.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:02:22 +00:00
Richard Levitte
4b66e713de
Check if a random "file" is really a device file, and treat it
...
specially if it is.
Add a few OpenBSD-specific cases.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:01:52 +00:00
Richard Levitte
90dd4d34bb
Correct documentation typos.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:05:26 +00:00
Richard Levitte
112341031b
Correct documentation typos.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:04:54 +00:00
Richard Levitte
7cf803230b
OpenBSD-internal changes.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:02:56 +00:00
Richard Levitte
2d6452cdf9
OpenBSD-internal changes.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:02:54 +00:00
Richard Levitte
cc056d6395
Use sh explicitely to run point.sh
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:00:24 +00:00
Richard Levitte
79b42e7654
Use sh explicitely to run point.sh
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:59:07 +00:00
Richard Levitte
f0c5db92f7
Include strings.h so strcasecmp() and strncasecmp() get properly declared.
2003-12-27 14:54:48 +00:00
Richard Levitte
394178c94c
Use BUF_strlcpy() instead of strcpy().
...
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:40:57 +00:00
Richard Levitte
d420ac2c7d
Use BUF_strlcpy() instead of strcpy().
...
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:40:17 +00:00
Richard Levitte
ec2a595627
Change 'exp' to something else, as 'exp' is predefined by GNU C. This
...
was already done in HEAD, but not in this branch (I wonder why...).
2003-12-27 14:24:20 +00:00
Richard Levitte
ffe966b0fa
To figure out if we're going outside the buffer, use the size of the buffer,
...
not the size of the integer used to index in said buffer.
PR: 794
Notified by: Rhett Garber <rhett_garber@hp.com>
2003-12-11 18:01:06 +00:00
Richard Levitte
a2b0de98af
To figure out if we're going outside the buffer, use the size of the buffer,
...
not the size of the integer used to index in said buffer.
PR: 794
Notified by: Rhett Garber <rhett_garber@hp.com>
2003-12-11 18:01:03 +00:00
Ulf Möller
380e145daf
Add "dif" variable to clean up the loop implementations.
...
Submitted by: Nils Larsch
2003-12-06 11:55:46 +00:00
Ulf Möller
a9f2330f43
Skip a curve with generator of non-prime order.
...
Submitted by: Nils Larsch
2003-12-06 11:41:22 +00:00
Ulf Möller
ce38bb1a8c
Avoid segfault if ret==0.
...
Submitted by: Nils Larsch
2003-12-06 11:39:37 +00:00
Lutz Jänicke
919f8bcd21
Restructure make targets to allow parallel make.
...
Submitted by: Witold Filipczyk <witekfl@poczta.gazeta.pl>
PR: #513
2003-12-03 16:29:41 +00:00
Lutz Jänicke
325829a9bc
Restructure make targets to allow parallel make.
...
Submitted by: Witold Filipczyk <witekfl@poczta.gazeta.pl>
PR: #513
2003-12-03 16:29:16 +00:00
Geoff Thorpe
2bfd2c74d2
Incremental cleanups to bn_lib.c.
...
- Add missing bn_check_top() calls and relocate some others
- Use BN_is_zero() where appropriate
- Remove assert()s that bn_check_top() is already covering
- Simplify the code in places (esp. bn_expand2())
- Only keep ambiguous zero handling if BN_STRICT isn't defined
- Remove some white-space and make some other aesthetic tweaks
2003-12-02 20:01:30 +00:00
Geoff Thorpe
82b2f57e30
Use the BN_is_odd() macro in place of code that (inconsistently) does much
...
the same thing.
Also, I have some stuff on the back-burner related to some BN_CTX notes
from Peter Gutmann about his cryptlib hacks to the bignum code. The BN_CTX
comments are there to remind me of some relevant points in the code.
2003-12-02 03:28:24 +00:00
Geoff Thorpe
2ae1ea3788
BN_FLG_FREE is of extremely dubious usefulness, and is only referred to
...
once in the source (where it is set for the benefit of no other code
whatsoever). I've deprecated the declaration in the header and likewise
made the use of the flag conditional in bn_lib.c. Note, this change also
NULLs the 'd' pointer in a BIGNUM when it is reset but not deallocated.
2003-12-02 03:16:56 +00:00
Geoff Thorpe
34066d741a
Declare the static BIGNUM "BN_value_one()" more carefully.
2003-12-01 23:13:17 +00:00
Geoff Thorpe
b74cc0776b
Add missing bn_check_top()s to bn_kron.c, remove some miscellaneous
...
white-space, and include extra headers to satisfy debugging builds.
2003-12-01 23:11:45 +00:00
Geoff Thorpe
e7e5fe4705
Add missing bn_check_top()s to bn_gf2m.c and remove some miscellaneous
...
white-space.
2003-12-01 23:10:21 +00:00
Geoff Thorpe
998ae048e7
The bn_set_max() macro is only "used" by the bn_set_[low|high]() macros
...
which, in turn, are used nowhere at all. This is a good thing because
bn_set_max() would currently generate code that wouldn't compile (BIGNUM
has no 'max' element).
The only apparent use for bn_set_[low|high] would be for implementing
windowing algorithms, and all of openssl's seem to use bn_***_words()
helpers instead (including the BN_div() that Nils fixed recently, which had
been using independently-coded versions of what these unused macros are
intended for). I'm therefore consigning these macros to cvs oblivion in the
name of readability.
2003-12-01 22:11:08 +00:00
Geoff Thorpe
e65c2b9872
bn_fix_top() exists for compatibility's sake and is mapped to
...
bn_correct_top() or bn_check_top() depending on debug settings. For
internal source, all bn_fix_top()s should be converted one way or the other
depending on whether the use of bn_correct_top() is justified.
For BN_div_recp(), these cases should not require correction if the other
bignum functions are doing their jobs properly, so convert to
bn_check_top().
2003-12-01 21:59:40 +00:00
Richard Levitte
b0ea8b160c
It was pointed out to me that if the requested size is 0, we shouldn't
...
ty to allocate anything at all. This will allow eNULL to still work.
PR: 751
Notified by: Lutz Jaenicke
2003-12-01 13:25:39 +00:00
Richard Levitte
2fe9ab8e20
It was pointed out to me that if the requested size is 0, we shouldn't
...
ty to allocate anything at all. This will allow eNULL to still work.
PR: 751
Notified by: Lutz Jaenicke
2003-12-01 13:25:37 +00:00
Richard Levitte
bb569f97b9
Check that OPENSSL_malloc() really returned some memory.
...
PR: 751
Notified by: meder@mcs.anl.gov
Reviewed by: Lutz Jaenicke, Richard Levitte
2003-12-01 12:11:57 +00:00
Richard Levitte
1145e03870
Check that OPENSSL_malloc() really returned some memory.
...
PR: 751
Notified by: meder@mcs.anl.gov
Reviewed by: Lutz Jaenicke, Richard Levitte
2003-12-01 12:11:55 +00:00
Richard Levitte
31670c94bc
CRYPTO_malloc(), CRYPTO_realloc() and variants of them should return NULL
...
if the give size is 0.
This is a thought that came up in PR 751.
2003-12-01 12:06:19 +00:00
Richard Levitte
6781efb92f
CRYPTO_malloc(), CRYPTO_realloc() and variants of them should return NULL
...
if the give size is 0.
This is a thought that came up in PR 751.
2003-12-01 12:06:15 +00:00
Lutz Jänicke
0bf1c1d80d
Some more ASFLAGS settings required
...
PR: #735
Submitted by: Tim Rice <tim@multitalents.net>
2003-12-01 08:12:47 +00:00
Lutz Jänicke
67e5d33dd7
Some more ASFLAGS settings required
...
PR: #735
Submitted by: Tim Rice <tim@multitalents.net>
2003-12-01 08:12:01 +00:00
Geoff Thorpe
6ed474ca66
Add more debugging to my Configure target, and "make update" to incorporate
...
this and a few other changes.
2003-11-30 23:29:27 +00:00
Geoff Thorpe
46cb8d3689
If BN_STRICT is defined, don't accept an ambiguous representation of zero
...
(ie. where top may be zero, or it may be one if the corresponding word is
set to zero). Note, this only affects the macros in bn.h, there are probably
similar corrections required in some c files.
Also, clarify the audit-related macros at the top of the header. Mental
note: I must not forget to clean all this out before 0.9.8 is released ...
2003-11-30 22:23:12 +00:00
Geoff Thorpe
23fc5ac646
Improve a couple of the bignum macros. Note, this doesn't eliminate
...
tolerance of ambiguous zero-representation, it just improves
BN_abs_is_word() and simplifies other macros that depend on it.
2003-11-30 22:02:10 +00:00
Geoff Thorpe
5734bebe05
Make BN_DEBUG_RAND less painfully slow by only consuming one byte of
...
pseudo-random data for each bn_pollute().
2003-11-30 21:21:30 +00:00
Geoff Thorpe
657a919598
This improves the placement of check_top() macros in a couple of bn_lib
...
functions.
2003-11-29 20:34:07 +00:00
Richard Levitte
b64614adfe
We're getting a clash with C++ because it has a type called 'list'.
...
Therefore, change all instances of the symbol 'list' to something else.
PR: 758
Submitted by: Frédéric Giudicelli <groups@newpki.org>
2003-11-29 10:25:42 +00:00
Richard Levitte
3822740ce3
We're getting a clash with C++ because it has a type called 'list'.
...
Therefore, change all instances of the symbol 'list' to something else.
PR: 758
Submitted by: Frédéric Giudicelli <groups@newpki.org>
2003-11-29 10:25:37 +00:00
Richard Levitte
0d78bc3356
Add IPSec/IKE/Oakley curves.
...
PR: 768
Submitted by: Vadim Fedukovich <vf@unity.net>
2003-11-29 09:25:59 +00:00
Richard Levitte
d87b79bf31
Damnit, I'm sick of having to do something special every time a module
...
that gets built before objects barfs all over the place because it
uses a new NID that hasn't had a chance of getting defined yet (in
this case, it was about a couple of new EC curves, and therefore a
couple of new corresponding NIDs).
I'm placing objects first in SDIRS! There.
2003-11-29 09:19:12 +00:00
Richard Levitte
753cbc2857
1024 is the export key bits limit according to current regulations, not 512.
...
PR: 771
Submitted by: c zhang <czhang2005@hotmail.com>
2003-11-28 22:39:23 +00:00
Richard Levitte
b727907ae8
1024 is the export key bits limit according to current regulations, not 512.
...
PR: 771
Submitted by: c zhang <czhang2005@hotmail.com>
2003-11-28 22:39:19 +00:00
Geoff Thorpe
444c3a8492
Get rid of some signed/unsigned comparison warnings.
2003-11-28 16:39:16 +00:00
Richard Levitte
4d8743f490
Netware-specific changes,
...
PR: 780
Submitted by: Verdon Walker <VWalker@novell.com>
Reviewed by: Richard Levitte
2003-11-28 13:10:58 +00:00
Richard Levitte
04dc4edb44
If dynamically-loadable ENGINEs are linked against a shared-library version
...
of libcrypto, then it is possible that when they are loaded they will share
the same static data as the loading application/library. This means it will
be too late to set memory/ERR/ex_data/[etc] callbacks, but entirely
unnecessary to try.
This change (and a great part of this comment) was implemented in
0.9.8-dev a long time ago, but slightly differently. In 0.9.8-dev, a
specific function that just returns a pointer to some static object is
used. For 0.9.7x, we couldn't do that, since the way we handle feature
freezes is, among other, to not add any more non-static functions.
Instead, we use the function ERR_get_implementation() and compare the
returned value with fns->err_fns, a member of fns that already is
there, and which therefore can safely be used in this manner.
What happens is that if the loaded ENGINE's return value from this
function matches the loading application/library's return value - they
share static data. If they don't match, the loaded ENGINE has its own
copy of libcrypto's static data and so the callbacks need to be set.
2003-11-27 16:41:26 +00:00
Geoff Thorpe
81ba5f6713
Due to recent debugging bursts, openssl should be more or less solid
...
against inconsistent BIGNUMs coming out of any of its API functions. So
this change no longer "fixes" the bn_print.c functions, but it makes for
cleaner code. This patch was a part of ticket 697.
PR: 697
Submitted by: Otto Moerbeek
Reviewed by: Geoff Thorpe
2003-11-25 21:07:59 +00:00
Geoff Thorpe
6defae04f3
Fix some handling in bn_word. This also resolves the issues observed in
...
ticket 697 (though uses a different solution than the proposed one). This
problem was initially raised by Otto Moerbeek.
PR: 697
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2003-11-25 20:39:19 +00:00
Geoff Thorpe
e1064adfd3
Some changes for bn_gf2m.c: better error checking plus some minor
...
optimizations.
Submitted by: Nils Larsch
2003-11-25 03:41:20 +00:00
Lutz Jänicke
d7559f16cd
Free "engine" resource in case of failure to prevent memory leak
...
PR: #778
Submitted by: George Mitchell <george@m5p.com>
2003-11-24 16:48:52 +00:00
Lutz Jänicke
d161f5a9b2
Free "engine" resource in case of failure to prevent memory leak
...
PR: #778
Submitted by: George Mitchell <george@m5p.com>
2003-11-24 16:47:44 +00:00
Geoff Thorpe
9e989810ba
BN_div() cleanup: replace the use of BN_sub and BN_add with bn_sub_words
...
and bn_add_words to avoid using fake bignums to window other bignums that
can lead to corruption. This change allows all bignum tests to pass with
BN_DEBUG and BN_DEBUG_RAND debugging and valgrind. NB: This should be
tested on a few different architectures and configuration targets, as the
bignum code this deals with is quite preprocessor (and assembly) sensitive.
Submitted by: Nils Narsch
Reviewed by: Geoff Thorpe, Ulf Moeller
2003-11-22 20:23:41 +00:00
Ulf Möller
28474e26f4
bn_sub_part_words() is unused in 0.9.7.
...
Spotted by Markus Friedl.
2003-11-22 10:42:33 +00:00
Geoff Thorpe
ec2179cf81
Fix a small bug in str_copy: if more than one variable is replaced, make
...
sure the current length is used to calculate the new buffer length instead
of using the old length (prior to any variable substitution).
Submitted by: Nils Larsch
2003-11-21 21:42:35 +00:00
Dr. Stephen Henson
a8287a90ea
Give CRLDP its standard name.
...
Max req -x509 use V1 if extensions section absent.
2003-11-20 22:45:06 +00:00
Dr. Stephen Henson
85421c7148
Give CRLDP its standard name.
...
Max req -x509 use V1 if extensions section absent.
2003-11-20 22:43:28 +00:00
Geoff Thorpe
77cc150b61
Remove duplicate prototypes have already been (correctly) added to rsa.h,
...
as this is already included by x509.h anyway.
2003-11-19 05:18:54 +00:00
Ulf Möller
31182ad39b
re-enable the test, keeping the original method for RAND_pseudo_bytes
...
which is used by BN_DEBUG_RAND
Submitted by: Nils Larsch
2003-11-16 19:33:31 +00:00
Lutz Jänicke
fda5e38551
Provide ASFLAGS in the subdirectories handling assembler code.
...
Submitted by: Tim Rice <tim@multitalents.net>
PR: #735 , #765
2003-11-16 14:38:34 +00:00
Lutz Jänicke
a601df36f3
Provide ASFLAGS in the subdirectories handling assembler code.
...
Submitted by: Tim Rice <tim@multitalents.net>
PR: #735 , #765
2003-11-16 14:37:48 +00:00
Ulf Möller
ac9c6e10a4
The x9.62 tests replace the PRNG with specific numbers,
...
so don't run them if BN_DEBUG_RAND is defined.
Also, fix another small bug.
Submitted by: Nils Larsch
2003-11-16 12:24:45 +00:00
Ulf Möller
1a01733047
BN_set_bit() etc should use "unsigned int".
...
Keep it as is to avoid an API change, but check for negativ values.
Submitted by: Nils Larsch
2003-11-15 08:37:50 +00:00
Geoff Thorpe
9dde17e8b4
This rewrites two "for" loops in BN_rshift() - equality with zero is
...
generally a more efficient comparison than comparing two integers, and the
first of these two loops was off-by-one (copying one too many values). This
change also removes a superfluous assignment that would set an unused word
to zero (and potentially allow an overrun in some cases).
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2003-11-13 15:03:14 +00:00
Geoff Thorpe
37af03d311
General improvements to the ec_asn1.c code. This squashes at least one bug
...
(where it was impossible to create an EC certificate with a compressed
public key), and has some style improvements based on some comments from
Steve Henson about use of the ASN1 macros.
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2003-11-10 18:09:18 +00:00
Geoff Thorpe
f7a397cc8d
Avoid possible memory leaks in error-handling.
...
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2003-11-10 18:05:22 +00:00
Dr. Stephen Henson
cd2e8a6f2d
Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex().
2003-11-10 01:37:23 +00:00
Dr. Stephen Henson
2d4b834926
Oops!
2003-11-10 01:29:27 +00:00
Dr. Stephen Henson
c22e6753ef
Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex().
2003-11-10 01:25:11 +00:00
Geoff Thorpe
f75abcefed
This extends the debugging macros to use "pollution" during
...
bn_correct_top(), previously only bn_check_top() did this.
2003-11-06 23:24:44 +00:00
Geoff Thorpe
18f62d4b82
Add debug-screening of input parameters to some functions I'd missed
...
before.
2003-11-06 23:13:04 +00:00
Geoff Thorpe
5c0c22803e
Put more debug screening in BN_div() and correct a comment.
2003-11-06 23:11:07 +00:00
Geoff Thorpe
0ef85c7f45
This is a revert of my previous commit to "improve" the declaration of
...
constant BIGNUMs. It turns out that this trips up different but equally
useful compiler warnings to -Wcast-qual, and so wasn't worth the ugliness
it created. (Thanks to Ulf for the forehead-slap.)
2003-11-05 19:30:29 +00:00
Ulf Möller
078dd1a0f9
typo in comment
2003-11-05 17:28:59 +00:00
Ulf Möller
2b96c95197
cleanup as discussed with Geoff
2003-11-05 17:28:25 +00:00
Geoff Thorpe
d870740cd7
Put the first stage of my bignum debugging adventures into CVS. This code
...
is itself experimental, and in addition may cause execution to break on
existing openssl "bugs" that previously were harmless or at least
invisible.
2003-11-04 22:54:49 +00:00
Geoff Thorpe
d8ec0dcf45
Avoid some shadowed variable names.
...
Submitted by: Nils Larsch
2003-11-04 00:51:32 +00:00
Geoff Thorpe
c465e7941e
This is the least unacceptable way I've found for declaring the bignum data
...
and structures as constant without having to cast away const at any point.
There is still plenty of other code that makes gcc's "-Wcast-qual" unhappy,
but crypto/bn/ is now ok. Purists are welcome to suggest alternatives.
2003-11-04 00:29:09 +00:00
Geoff Thorpe
a9fd78f9da
bn_div() does some pretty nasty things with temporary variables,
...
constructing BIGNUM structures with pointers offset into other bignums
(among other things). This corrects some of it that is too plainly insane,
and tries to ensure that bignums are normalised when passed to other
functions.
2003-10-31 01:35:16 +00:00
Geoff Thorpe
5f747c7f4b
When a BN_CTX is used for temporary workspace, the variables are sometimes
...
left in an inconsistent state when they are released for later reuse. This
change resets the BIGNUMs when they are released back to the context.
2003-10-30 01:07:56 +00:00
Geoff Thorpe
c4db1a8b5c
This fixes a couple of cases where an inconsistent BIGNUM could be passed as
...
input to a function.
2003-10-30 01:03:31 +00:00
Geoff Thorpe
aca95e0b2f
Remove a line that was causing redundant declarations.
...
Obtained from: Stephen Henson <steve@openssl.org>
2003-10-29 22:55:19 +00:00
Geoff Thorpe
06e4024d98
Oops, this file already had the "empty source file" workaround but it
...
requires -DPEDANTIC and was hidden at the bottom of the file. This moves it
to the top and removes the redundant declaration.
2003-10-29 22:25:04 +00:00
Geoff Thorpe
8087d8f7ea
Make md32_common.h friendlier to compiler warnings.
...
Obtained from: Andy Polyakov <appro@openssl.org>
2003-10-29 20:55:03 +00:00
Geoff Thorpe
31166ec8f3
Some provisional bignum debugging has begun to detect inconsistent BIGNUM
...
structures being passed in to or out of API functions, and this corrects a
couple of cases found so far.
Also, lop off a couple of bytes of white-space.
2003-10-29 20:47:49 +00:00
Geoff Thorpe
2754597013
A general spring-cleaning (in autumn) to fix up signed/unsigned warnings.
...
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
2003-10-29 20:24:15 +00:00
Geoff Thorpe
2ce90b9b74
BN_CTX is opaque and the static initialiser BN_CTX_init() is not used
...
except internally to the allocator BN_CTX_new(), as such this deprecates
the use of BN_CTX_init() in the API. Moreover, the structure definition of
BN_CTX is taken out of bn_lcl.h and moved into bn_ctx.c itself.
NDEBUG should probably only be "forced" in the top-level configuration, but
until it is I will avoid removing it from bn_ctx.c which might surprise
people with massive slow-downs in their keygens. So I've left it in
bn_ctx.c but tidied up the preprocessor logic a touch and made it more
tolerant of debugging efforts.
2003-10-29 18:04:37 +00:00
Richard Levitte
db5b10fab5
Removing those memcpy()s also took away the possibility for in and out to
...
be the same. Therefore, the removed memcpy()s need to be restored.
2003-10-29 06:21:25 +00:00
Richard Levitte
4e952ae4fc
Removing those memcpy()s also took away the possibility for in and out to
...
be the same. Therefore, the removed memcpy()s need to be restored.
2003-10-29 06:21:22 +00:00
Geoff Thorpe
db59141467
remove accidentally committed debugging cruft.
2003-10-29 05:35:31 +00:00
Geoff Thorpe
8a66d17899
Remove an unnecessary cast that causes certain compilers (eg. mine) some
...
confusion. Also silence a couple of signed/unsigned warnings.
2003-10-29 05:00:57 +00:00
Geoff Thorpe
2eeaa0261e
Remove redundant declaration.
2003-10-29 04:58:23 +00:00
Geoff Thorpe
8dc344ccbf
Relax some over-zealous constification that gave some lhash-based code no
...
choice but to have to cast away "const" qualifiers from their prototypes.
This does not remove constification restrictions from hash/compare
callbacks, but allows destructor commands to be run over a tables' elements
without bad casts.
2003-10-29 04:57:05 +00:00
Geoff Thorpe
6bcd3f903a
Comments out some unimplemented functions instead of redeclaring them.
2003-10-29 04:42:29 +00:00
Geoff Thorpe
40f935f5b4
Avoid "empty source file" warnings.
2003-10-29 04:41:19 +00:00
Geoff Thorpe
0991f07034
For whatever reason (compiler or header bugs), at least one commonly-used
...
linux system (namely mine) chokes on our definitions and uses of the "HZ"
symbol in crypto/tmdiff.[ch] and apps/speed.c as a "bad function cast"
(when in fact there is no function casting involved at all). In both cases,
it is easily worked around by not defining a cast into the macro and
jiggling the expressions slightly.
In addition - this highlights some cruft in openssl that needs sorting out.
The tmdiff.h header is exported as part of the openssl API despite the fact
that it is ugly as the driven sludge and not used anywhere in the library,
applications, or utilities. More weird still, almost identical code exists
in apps/speed.c though it looks to be slightly tweaked - so either tmdiff
should be updated and used by speed.c, or it should be dumped because it's
obviously not useful enough.
Rather than removing it for now, I've changed the API for tmdiff to at
least make sense. This involves taking the object type (MS_TM) from the
implementation and using it in the header rather than using "char *" in the
API and casting mercilessly in the code (ugh). If someone doesn't like
"MS_TM" and the "ms_time_***" naming, by all means change it. This should
be a harmless improvement, because the existing API is clearly not very
useful (eg. we reimplement it rather than using it in our own utils).
However, someone still needs to take a hack at consolidating speed.c and
tmdiff.[ch] somehow.
2003-10-29 04:40:13 +00:00
Geoff Thorpe
2aaec9cced
Update any code that was using deprecated functions so that everything builds
...
and links with OPENSSL_NO_DEPRECATED defined.
2003-10-29 04:14:08 +00:00
Geoff Thorpe
9d473aa2e4
When OPENSSL_NO_DEPRECATED is defined, deprecated functions are (or should
...
be) precompiled out in the API headers. This change is to ensure that if
it is defined when compiling openssl, the deprecated functions aren't
implemented either.
2003-10-29 04:06:50 +00:00
Geoff Thorpe
6145b0b183
The "cryptodev" engine preprocessor logic used undefined symbols in
...
comparisons. It's better not to allow this, because it gives false
positives when using compiler warnings that detect mistyped symbols.
2003-10-29 04:00:14 +00:00
Geoff Thorpe
66b82f5aad
make update
2003-10-28 22:10:47 +00:00
Geoff Thorpe
12bdceac8a
Ignore derived file.
2003-10-28 17:26:46 +00:00
Geoff Thorpe
8ad7e3ad2a
Remove duplicate prototypes have already been (correctly) added to rsa.h,
...
as this is already included by x509.h anyway.
2003-10-24 16:17:11 +00:00
Richard Levitte
fa5846e58b
Correct serious bug in AES-CBC decryption when the message length isn't
...
a multiple of AES_BLOCK_SIZE.
Optimize decryption of all complete blocks in AES-CBC by removing an
unnecessary memcpy().
The error was notified by James Fernandes <jf210032@exchange.DAYTONOH.NCR.com>.
The unnecessary memcpy() was found as an effect of investigating that error.
2003-10-15 09:00:18 +00:00
Richard Levitte
0b6956b474
Correct serious bug in AES-CBC decryption when the message length isn't
...
a multiple of AES_BLOCK_SIZE.
Optimize decryption of all complete blocks in AES-CBC by removing an
unnecessary memcpy().
The error was notified by James Fernandes <jf210032@exchange.DAYTONOH.NCR.com>.
The unnecessary memcpy() was found as an effect of investigating that error.
2003-10-15 09:00:14 +00:00
Richard Levitte
0bb6187e71
The object file is o_str.o, not o_str.c.
...
Thanks to Peter Sylvester <Peter.Sylvester@EdelWeb.fr> for the notification.
2003-10-13 11:34:40 +00:00
Dr. Stephen Henson
c5a5546389
Add support for digested data PKCS#7 type.
2003-10-11 22:11:45 +00:00
Dr. Stephen Henson
79e4022a33
Simplify cipher and digest lookup in PKCS#7 code.
2003-10-11 16:47:44 +00:00
Dr. Stephen Henson
77fe058c10
Simplify cipher and digest lookup in PKCS#7 code.
2003-10-11 16:46:40 +00:00
Dr. Stephen Henson
8d9086dfa2
New function to initialize a PKCS7 structure of type other.
2003-10-10 23:40:47 +00:00
Dr. Stephen Henson
0602abf5bd
Initialize digested data type in PKCS7_set_type().
2003-10-10 23:31:53 +00:00
Dr. Stephen Henson
caf044cb3e
Retrieve correct content to sign when the
...
type is "other".
2003-10-10 23:25:43 +00:00
Dr. Stephen Henson
80986c9ced
Retrieve correct content to sign when the
...
type is "other".
2003-10-10 23:24:10 +00:00
Richard Levitte
ede7c28eb7
In realloc, don't destroy the old memory area if a new one couldn't be
...
allocated.
Notified by Daniel Lucq <daniel@lucq.org>
2003-10-07 12:09:42 +00:00
Richard Levitte
83eb412da8
In realloc, don't destroy the old memory area if a new one couldn't be
...
allocated.
Notified by Daniel Lucq <daniel@lucq.org>
2003-10-07 12:09:39 +00:00
Richard Levitte
8242354952
Make sure int SSL_COMP_add_compression_method() checks if a certain
...
compression identity is already present among the registered
compression methods, and if so, reject the addition request.
Declare SSL_COMP_get_compression_method() so it can be used properly.
Change ssltest.c so it checks what compression methods are available
and enumerates them. As a side-effect, built-in compression methods
will be automagically loaded that way. Additionally, change the
identities for ZLIB and RLE to be conformant to
draft-ietf-tls-compression-05.txt.
Finally, make update.
Next on my list: have the built-in compression methods added
"automatically" instead of requiring that the author call
SSL_COMP_add_compression_method() or
SSL_COMP_get_compression_methods().
2003-10-06 11:00:15 +00:00
Richard Levitte
c40b9bdefb
Setting the ex_data index is unsafe in a threaded environment, so
...
let's wrap it with a lock.
2003-10-06 09:09:44 +00:00
Richard Levitte
6895cca89d
Remove unused code, don't use zlib functions that are really macros
...
and provide missing prototypes.
2003-10-04 09:09:19 +00:00
Richard Levitte
cf89b40584
Include e_os.h to get a proper definition of memmove on the platforms
...
that do not have it.
2003-10-01 20:43:03 +00:00
Richard Levitte
d680c13060
Include e_os.h to get a proper definition for memmove() for the
...
platforms that don't have it.
2003-10-01 20:41:49 +00:00
Dr. Stephen Henson
2990244980
ASN1 parse fix and release file changes.
2003-09-30 16:47:33 +00:00
Dr. Stephen Henson
0c6fa13fee
In order to get the expected self signed error when
...
calling X509_verify_cert() in x509.c the cert should
not be added to the trusted store.
2003-09-30 13:10:48 +00:00
Dr. Stephen Henson
68f0bcfbc3
Changes for release
2003-09-30 12:08:23 +00:00
Dr. Stephen Henson
662ede2370
Fix for ASN1 parsing bugs.
2003-09-30 12:05:44 +00:00
Dr. Stephen Henson
c93f908f7f
Fix to make it compile under Win32.
2003-09-29 17:10:01 +00:00
Richard Levitte
057a04398d
Synchronise util/libeay.num with the 0.9.7-stable one.
...
make update
2003-09-28 09:34:50 +00:00
Richard Levitte
71583fb0d7
Uhmm, It seem to have forgotten one file when I committed the MSDOS
...
change yesterday.
PR: 669
2003-09-28 07:11:37 +00:00
Richard Levitte
7f3ba9428f
Uhmm, It seem to have forgotten one file when I committed the MSDOS
...
change yesterday.
PR: 669
2003-09-28 07:11:33 +00:00
Richard Levitte
058f86e9e0
Change the indentation from 12 to indent+4.
...
PR: 657
2003-09-27 22:48:36 +00:00
Richard Levitte
3c02e24bb3
Change the indentation from 12 to indent+4.
...
PR: 657
2003-09-27 22:48:33 +00:00
Richard Levitte
4509102cb9
Make MD5 assembler code able to handle messages larger than 2GB on 32-bit
...
systems and above.
PR: 664
2003-09-27 22:14:47 +00:00
Richard Levitte
1be02dd842
Make MD5 assembler code able to handle messages larger than 2GB on 32-bit
...
systems and above.
PR: 664
2003-09-27 22:14:39 +00:00
Richard Levitte
732d1bf43a
Add reference counting around the thread state hash table.
...
Unfortunately, this means that the dynamic ENGINE version just went up, and
isn't backward compatible.
PR: 678
2003-09-27 20:29:11 +00:00
Richard Levitte
11171f3c74
Add reference counting around the thread state hash table.
...
Unfortunately, this means that the dynamic ENGINE version just went up, and
isn't backward compatible.
PR: 678
2003-09-27 20:29:05 +00:00
Ralf S. Engelschall
6bd27f8644
Fix prime generation loop in crypto/bn/bn_prime.pl by making
...
sure the loop does correctly stop and breaking ("division by zero")
modulus operations are not performed. The (pre-generated) prime
table crypto/bn/bn_prime.h was already correct, but it could not be
re-generated on some platforms because of the "division by zero"
situation in the script.
2003-09-25 13:57:58 +00:00
Dr. Stephen Henson
82384690e2
Typos.
2003-09-09 23:44:39 +00:00
Richard Levitte
e6fa67fa93
Generalise the definition of strcasecmp() and strncasecmp() for
...
platforms that don't (necessarely) have it. In the case of VMS, this
means moving a couple of functions from apps/ to crypto/ and make them
general (although only used privately).
2003-09-09 14:48:36 +00:00
Dr. Stephen Henson
510dc1ecd0
outlen should be int * in out_utf8.
2003-08-21 12:32:12 +00:00
Dr. Stephen Henson
3b07c32fe7
outlen should be int * in out_utf8.
2003-08-21 12:31:17 +00:00
Richard Levitte
05a1f76093
make update
2003-08-11 09:53:24 +00:00
Richard Levitte
4ed9388e5d
A new branch for FIPS-related changes has been created with the name
...
OpenSSL-fips-0_9_7-stable.
Since the 0.9.7-stable branch is supposed to be in freeze and should
only contain bug corrections, this change removes the FIPS changes
from that branch.
2003-08-11 09:37:17 +00:00
Richard Levitte
88401ed449
Correct two problems, found by Martin Kochanski <cardbox@easynet.co.uk>:
...
1. CreateToolhelp32Snapshot returns INVALID_HANDLE_VALUE, not NULL, on error.
2. On Windows CE, a snapshot handle is closed with CloseToolhelp32Snapshot,
not CloseHandle.
2003-08-07 11:57:42 +00:00
Richard Levitte
30e4269241
Correct two problems, found by Martin Kochanski <cardbox@easynet.co.uk>:
...
1. CreateToolhelp32Snapshot returns INVALID_HANDLE_VALUE, not NULL, on error.
2. On Windows CE, a snapshot handle is closed with CloseToolhelp32Snapshot,
not CloseHandle.
2003-08-07 11:57:21 +00:00
Bodo Möller
59315df637
add OpenSSL license
...
fix typo
2003-08-06 10:38:37 +00:00
Bodo Möller
3aa8d3a7f1
add OpenSSL license
...
fix typo
2003-08-06 10:36:25 +00:00
Richard Levitte
98c1a4900c
Inclusion of openssl/engine.h should always be wrapped with a check that
...
OPENSSL_NO_ENGINE is not defined.
2003-08-04 10:12:38 +00:00
Richard Levitte
5b6e7c8c65
Inclusion of openssl/engine.h should always be wrapped with a check that
...
OPENSSL_NO_ENGINE is not defined.
2003-08-04 10:12:36 +00:00
Dr. Stephen Henson
6b063f32d9
Make the EFB NIDs have empty OIDs aliased to the real EFB OID.
2003-08-01 17:06:48 +00:00
Ben Laurie
afab06d3f5
DES CFB8 test.
2003-08-01 10:31:25 +00:00
Ben Laurie
8fb97c9acd
Fix DES CFB-r.
2003-08-01 10:25:58 +00:00
Ben Laurie
c5f070d5d5
Whoops, forgot FIPS DES, also add EVPs for DES CFB1 and 8.
2003-07-30 18:30:18 +00:00
Ben Laurie
f3b2ea53e2
AES CFB8.
2003-07-29 17:05:16 +00:00
Ben Laurie
c473d53898
The rest of the keysizes for CFB1, working AES AVS test for CFB1.
2003-07-29 13:24:27 +00:00
Ben Laurie
e8f8249319
Working CFB1 and test vectors.
2003-07-29 10:56:56 +00:00
Ben Laurie
e2ced802b4
Add support for partial CFB modes, make tests work, update dependencies.
2003-07-28 15:08:00 +00:00
Ben Laurie
75622f1ece
Unfinished FIPS stuff for review/improvement.
2003-07-27 17:00:51 +00:00
Ben Laurie
a052dd6532
Add untested CFB-r mode. Will be tested soon.
2003-07-27 13:46:57 +00:00
Dr. Stephen Henson
f96d1af449
Avoid clashes with Win32 names in WinCrypt.h
2003-07-23 00:10:43 +00:00
Bodo Möller
968766cad8
updates for draft-ietf-tls-ecc-03.txt
...
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
2003-07-22 12:34:21 +00:00
Bodo Möller
652ae06bad
add test for secp160r1
...
add code for kP+lQ timings
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
Reviewed by: Bodo Moeller
2003-07-22 10:39:10 +00:00
Bodo Möller
ada0e717fa
new function EC_GROUP_cmp() (used by EVP_PKEY_cmp())
...
Submitted by: Nils Larsch
2003-07-21 13:43:28 +00:00
Richard Levitte
f9d183c209
Replace CCITT with ITU-T. Keep CCITT around as an alias.
...
make update
PR: 80
2003-07-04 15:45:04 +00:00
Richard Levitte
61f00386ab
The counter is big-endian. Since it comes as an array of char,
...
there's absolutely no need to special-case it on little-endian
machines.
Notified by Thierry Boivin <Thierry.Boivin@celsecat.com>
2003-07-04 11:37:50 +00:00
Richard Levitte
5f24adda77
Oops, I forgot to replace 'counter' with 'ivec' when used...
2003-07-03 20:50:46 +00:00
Richard Levitte
2ae0352b0f
Oops, I forgot to replace 'counter' with 'ivec' when used...
2003-07-03 20:50:44 +00:00
Richard Levitte
ba64c2cc8f
The 'counter' is really the IV.
2003-07-03 06:42:45 +00:00
Richard Levitte
da6c44fc97
The 'counter' is really the IV.
2003-07-03 06:42:43 +00:00
Richard Levitte
29e62e487f
Change AES-CTR to increment the IV by 1 instead of 2^64.
2003-07-03 06:41:33 +00:00
Richard Levitte
da0d33560f
Change AES-CTR to increment the IV by 1 instead of 2^64.
2003-07-03 06:41:30 +00:00
Richard Levitte
eb3d68c454
Nils Larsch told me I could remove that variable entirely.
2003-06-26 11:52:23 +00:00
Richard Levitte
c89f31def0
make update
2003-06-26 10:27:11 +00:00
Richard Levitte
ed5fae580e
Implement missing functions.
...
Have the f parameter to _ctrl functions have the prototype (*)(void)
rather than (*)(), for the sake of C++ compilers.
Disable unimplemented functionality.
2003-06-26 10:26:42 +00:00
Richard Levitte
d55141ed7a
"Remove" unused variable
2003-06-26 10:23:00 +00:00
Richard Levitte
dfc3151925
The definition of dynamic_ctrl() should change along with the
...
declaration :-).
2003-06-26 07:03:49 +00:00
Bodo Möller
0fbffe7a71
implement PKCS #8 / SEC1 private key format for ECC
...
Submitted by: Nils Larsch
2003-06-25 21:35:05 +00:00
Dr. Stephen Henson
00dc2d7551
Return EOF when an S/MIME part have been read.
2003-06-24 17:12:22 +00:00
Dr. Stephen Henson
037f6e73f1
Return EOF when an S/MIME part have been read.
2003-06-24 17:11:44 +00:00
Richard Levitte
4aae637f6c
We set the export flag for 512 *bit* keys, not 512 *byte* ones.
...
PR: 587
2003-06-19 18:55:56 +00:00
Richard Levitte
f6b9cd7f82
We set the export flag for 512 *bit* keys, not 512 *byte* ones.
...
PR: 587
2003-06-19 18:55:50 +00:00
Richard Levitte
834ac33a37
dynamic_ctrl() didn't have exactly the same prototype as defined by
...
ENGINE_CTRL_FUNC_PTR.
2003-06-19 16:57:38 +00:00
Richard Levitte
4e9023f4d2
Unsigned vs. signed fixed.
2003-06-19 16:56:48 +00:00
Richard Levitte
0bd71d3b7e
Add the application data type to the README.
2003-06-18 07:14:52 +00:00
Richard Levitte
d97322f0e6
Missing string and potential memory leaks.
...
Notified by Goetz Babin-Ebell <goetz@shomitefo.de>
2003-06-18 07:12:28 +00:00
Richard Levitte
b52d512dfa
Slightly better check of attributes. Now, mem_list_next can actually stop when the searched for key doesn't have it's attributes within the range of the checked key.
2003-06-12 21:32:54 +00:00
Richard Levitte
a3a2ff4cd9
Beautify
2003-06-12 18:13:27 +00:00
Richard Levitte
8c2786fff7
Do not try to use non-existent gmtime_r() on SunOS4.
...
PR: 585
2003-06-12 00:57:27 +00:00
Richard Levitte
8645c415cf
Do not try to use non-existent gmtime_r() on SunOS4.
...
PR: 585
2003-06-12 00:57:25 +00:00
Richard Levitte
1b9f21fdc8
Make sure DSO-dlfcn works properly on SunOS4.
...
PR: 585
2003-06-12 00:51:59 +00:00
Richard Levitte
54bbde3c3f
Make sure DSO-dlfcn works properly on SunOS4.
...
PR: 585
2003-06-12 00:51:54 +00:00
Richard Levitte
e666c4599f
Add the possibility to have symbols loaded globally with DSO.
2003-06-11 22:42:28 +00:00
Richard Levitte
c78b4f1d3d
Remove unused variable
2003-06-11 21:47:21 +00:00
Richard Levitte
6e260c4093
Add an entry for X509_TRUST_OBJECT_SIGN in trstandard[].
...
PR: 617
2003-06-11 21:22:34 +00:00
Richard Levitte
33862b90bb
Add an entry for X509_TRUST_OBJECT_SIGN in trstandard[].
...
PR: 617
2003-06-11 21:22:30 +00:00
Richard Levitte
54f6451670
Add functionality to set marks on the error stack and to pop all errors to the next mark.
2003-06-11 20:49:58 +00:00
Richard Levitte
25a1259911
Make sure to NUL-terminate the string on end-of-file (and error)
...
PR: 643
2003-06-11 18:43:49 +00:00
Richard Levitte
606c8048a0
Make sure to NUL-terminate the string on end-of-file (and error)
...
PR: 643
2003-06-11 18:43:45 +00:00
Richard Levitte
4eebab0d22
The output from AES_cbc_encrypt() should be exact multiple blocks when encrypting
2003-06-10 04:11:46 +00:00
Richard Levitte
55b12f8641
The output from AES_cbc_encrypt() should be exact multiple blocks when encrypting
2003-06-10 04:11:42 +00:00
Geoff Thorpe
bc63a2ee0e
This memset() in the ubsec ENGINE is a bug. Zeroing out the result array
...
should not be necessary in any case, but more importantly the result and
input BIGNUMs could be the same, in which case this is clearly a problem.
Submitted by: Jonathan Hersch
Reviewed by: Joe Orton
Approved by: Geoff Thorpe
2003-06-06 17:53:24 +00:00
Richard Levitte
2ee67f1dad
Make sure the sigaction structure and fileno function are properly declared with an ANSI compiler on Solaris (and possibly others).
2003-06-04 09:13:19 +00:00
Richard Levitte
4af3184662
Remove extra ;
2003-06-04 09:11:44 +00:00
Richard Levitte
e31047744a
Make sure the function definitions match their declaration.
2003-06-04 09:11:15 +00:00
Richard Levitte
f6eba601b0
Make sure that size_t matches size_t.
2003-06-04 09:10:43 +00:00
Dr. Stephen Henson
476f09712c
Really get X509_CRL_CHECK_ALL right this time...
2003-06-04 00:40:47 +00:00
Dr. Stephen Henson
50078051bd
Really get X509_CRL_CHECK_ALL right this time...
2003-06-04 00:40:05 +00:00
Dr. Stephen Henson
16c9148220
Move the base64 BIO fixes to 0.9.7-stable
2003-06-03 00:11:37 +00:00
Dr. Stephen Henson
ca82ac1fee
Only count 'LF' as EOL in pk7_mime.c, this avoids incorrect
...
results if CR+LF straddles the line buffer.
2003-06-02 17:53:42 +00:00
Dr. Stephen Henson
9d92486cfb
Only count 'LF' as EOL in pk7_mime.c, this avoids incorrect
...
results if CR+LF straddles the line buffer.
2003-06-02 17:52:19 +00:00
Dr. Stephen Henson
aff0542844
Stop checking for CRLF when start of buffer is reached.
...
Add rest of long line fix which got missed before
2003-06-02 01:12:01 +00:00
Dr. Stephen Henson
bb41fdb5ec
Stop checking for CRLF when start of buffer is reached.
2003-06-02 01:03:08 +00:00
Dr. Stephen Henson
beab098d53
Various S/MIME bug and compatibility fixes.
2003-06-01 20:51:58 +00:00
Dr. Stephen Henson
3410aa1aa8
Various S/MIME bug and compatibility fixes.
2003-06-01 20:45:44 +00:00
Richard Levitte
2a948bd306
Include openssl/e_os.h so OPENSSL_SYSNAME_ULTRASPARC and other configuration
...
macros get properly defined.
2003-05-29 22:22:34 +00:00
Richard Levitte
c4d471552f
Include openssl/e_os.h so OPENSSL_SYSNAME_ULTRASPARC and other configuration
...
macros get properly defined.
2003-05-29 22:22:30 +00:00
Richard Levitte
d4e35514ba
Have ASFLAGS be defined the same way as CFLAGS
2003-05-29 22:20:57 +00:00
Richard Levitte
01fc834bc9
Have ASFLAGS be defined the same way as CFLAGS
2003-05-29 22:20:47 +00:00
Richard Levitte
f7f8d82aaa
PR: 630
...
Avoid looking outside the key_data array.
2003-05-29 20:59:38 +00:00
Richard Levitte
3fd6b9f6d4
PR: 630
...
Avoid looking outside the key_data array.
2003-05-29 20:59:30 +00:00
Lutz Jänicke
83b4f49c0a
Move header file inclusion to prevent irritation of users forgetting to
...
call "make depend" after enabling or disabling ciphers...
Submitted by: Tal Mozes <talm@cyber-ark.com>
PR: #628
2003-05-28 19:56:46 +00:00
Lutz Jänicke
828ce10ce7
Move header file inclusion to prevent irritation of users forgetting to
...
call "make depend" after enabling or disabling ciphers...
Submitted by: Tal Mozes <talm@cyber-ark.com>
PR: #628
2003-05-28 19:56:04 +00:00
Dr. Stephen Henson
8939adbad9
PR: 627
...
Allocate certificatePolicies correctly if CPS field is absent.
Fix various memory leaks in certificatePolicies.
2003-05-28 17:28:42 +00:00
Dr. Stephen Henson
60790aff6f
PR: 627
...
Allocate certificatePolicies correctly if CPS field is absent.
Fix various memory leaks in certificatePolicies.
2003-05-28 17:28:11 +00:00
Dr. Stephen Henson
ff160dba54
PR: 631
...
Submitted by: Doug Sauder <dws+001@hunnysoft.com>
Fix bug in X509V3_get_d2i() when idx in not NULL.
2003-05-28 16:57:22 +00:00
Dr. Stephen Henson
e19d0ef068
PR: 631
...
Submitted by: Doug Sauder <dws+001@hunnysoft.com>
Fix bug in X509V3_get_d2i() when idx in not NULL.
2003-05-28 16:57:08 +00:00
Richard Levitte
f5f7dffdd1
Make sure to compare unsigned against unsigned.
2003-05-28 10:34:29 +00:00
Richard Levitte
fb5b7317a7
Make sure to compare unsigned against unsigned.
2003-05-28 10:34:04 +00:00
Richard Levitte
457f692eab
Fix sign bugs.
...
PR: 621
2003-05-21 14:29:33 +00:00
Richard Levitte
83743ad039
Fix sign bugs.
...
PR: 621
2003-05-21 14:29:13 +00:00
Richard Levitte
163f5b236c
Correct signedness
2003-05-21 14:21:26 +00:00
Richard Levitte
e077b5452f
Make sure EC_window_bits_for_scalar_size() returns a size_t
2003-05-21 08:40:18 +00:00
Richard Levitte
513c01a591
Make sure EC_window_bits_for_scalar_size() returns a size_t
2003-05-21 08:40:06 +00:00
Richard Levitte
d9a2a89a17
I have no idea how I cut away that piece of text...
2003-05-21 06:50:51 +00:00
Richard Levitte
31939f1544
I don't remember what my thinking was with str_compat.h. Maybe it'll
...
come back to me...
2003-05-20 09:00:59 +00:00
Richard Levitte
9acef3bbd7
Misspelled functions.
2003-05-20 08:50:18 +00:00
Richard Levitte
164bc7dae8
Some misspelled function names.
2003-05-20 08:49:12 +00:00
Richard Levitte
f59c941950
Make the function STORE_new_engine() public.
2003-05-19 23:06:09 +00:00
Richard Levitte
0239876511
Remove certain functions
2003-05-19 23:03:43 +00:00
Dr. Stephen Henson
727ef76ebd
Add correct DN entry for serialNumber.
2003-05-07 23:20:58 +00:00
Dr. Stephen Henson
22e6c2524e
Add correct DN entry for serialNumber.
2003-05-07 23:20:41 +00:00
Richard Levitte
bca52f7d4e
Define the two authentication parameter types for passphrase and
...
Kerberos 5 authentications.
2003-05-07 21:17:30 +00:00
Richard Levitte
48c36fdb2a
Add the possibility to hand execution parameters (for example
...
authentication material) to the STORE functions.
Suggested by Götz Babin-Ebell <babin-ebell@trustcenter.de>.
2003-05-07 21:06:15 +00:00
Richard Levitte
54a7ea6f36
DO NOT constify RSA* in RSA_sign() and RSA_verify(), since there are function
...
called downstream that need it to be non-const. The fact that the RSA_METHOD
functions take the RSA* as a const doesn't matter, it just expresses that
*they* won't touch it.
PR: 602
2003-05-07 11:38:13 +00:00
Richard Levitte
816d785721
DO NOT constify RSA* in RSA_sign() and RSA_verify(), since there are function
...
called downstream that need it to be non-const. The fact that the RSA_METHOD
functions take the RSA* as a const doesn't matter, it just expresses that
*they* won't touch it.
PR: 602
2003-05-07 11:38:10 +00:00
Richard Levitte
742b139f54
Add the possibility to store arbitrary data in a STORE.
...
Suggested by Götz Babin-Ebell <babin-ebell@trustcenter.de>.
2003-05-06 08:02:14 +00:00
Richard Levitte
0e2f5ec2d2
Constify RSA_sign() and RSA_verify().
...
PR: 602
2003-05-05 13:55:23 +00:00
Richard Levitte
3b30121bd9
Constify RSA_sign() and RSA_verify().
...
PR: 602
2003-05-05 13:55:18 +00:00
Richard Levitte
9ee789e6c3
Yeah, right, an object file ending with .c, that'll work!
2003-05-03 06:58:08 +00:00
Dr. Stephen Henson
8c5e375c8e
Typo.
2003-05-02 11:42:17 +00:00
Dr. Stephen Henson
b9d2d20086
Make DER option work again.
...
Fix typo.
2003-05-02 11:41:40 +00:00
Richard Levitte
b9d7ca9748
It's usually best if the function name matches everywhere...
2003-05-02 07:25:54 +00:00
Richard Levitte
5b194dfbd5
STORE was created 2003, darnit!
2003-05-01 20:44:20 +00:00
Richard Levitte
7f6af7d9db
Get the year right...
2003-05-01 20:15:35 +00:00
Richard Levitte
42b2b6a2d5
Provide some extra comments about the STORE_Memory STORE method.
2003-05-01 04:31:12 +00:00
Richard Levitte
d1465bac90
make update
2003-05-01 04:10:32 +00:00
Richard Levitte
3bbb0212f3
Add STORE support in ENGINE.
2003-05-01 03:57:46 +00:00
Richard Levitte
a5db6fa576
Define a STORE type. For documentation, read the entry in CHANGES,
...
crypto/store/README, crypto/store/store.h and crypto/store/str_locl.h.
2003-05-01 03:53:12 +00:00
Richard Levitte
9236b5b013
Define a STORE lock (the STORE type will be committed later).
2003-05-01 03:46:10 +00:00
Richard Levitte
535fba4907
Define the OPENSSL_ITEM structure.
2003-05-01 03:45:18 +00:00
Richard Levitte
1ae0a83bdd
Add BUF_strndup() and BUF_memdup(). Not currently used, but I've code
...
that uses them that I'll commit in a few days.
2003-04-29 22:08:57 +00:00
Richard Levitte
7ae46c6761
make update
2003-04-29 21:35:28 +00:00
Richard Levitte
d584fd6b66
Include objects.h to get a correct declaration of OBJ_bsearch_ex(),
...
not to mention the OBJ_BSEARCH_* macros.
2003-04-29 20:46:32 +00:00
Richard Levitte
54dbdd9837
Some variables were uninitialised...
2003-04-29 20:45:36 +00:00
Richard Levitte
26851b6b42
Add an extended variant of sk_find() which returns a non-NULL pointer
...
even if an exact match wasn't found.
2003-04-29 20:30:55 +00:00
Richard Levitte
ea5240a5ed
Add an extended variant of OBJ_bsearch() that can be given a few
...
flags.
2003-04-29 20:25:21 +00:00
Bodo Möller
ce8a202831
fix typo
...
Submitted by: Nils Larsch
2003-04-22 12:44:58 +00:00
Bodo Möller
eec7968f18
fix typo
...
Submitted by: Nils Larsch
2003-04-22 08:29:21 +00:00
Richard Levitte
7f0f9f1934
Memory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances.
...
Memory leak fix: RSA_blinding_on() would leave a dangling pointer in
rsa->blinding under certain circumstances.
Double definition fix: RSA_FLAG_NO_BLINDING was defined twice.
2003-04-16 06:25:29 +00:00
Richard Levitte
040c687ce4
Memory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances.
...
Memory leak fix: RSA_blinding_on() would leave a dangling pointer in
rsa->blinding under certain circumstances.
Double definition fix: RSA_FLAG_NO_BLINDING was defined twice.
2003-04-16 06:25:21 +00:00
Richard Levitte
8f09a154e3
Memory leak fix: local blinding structure not freed in rsa_eay_private_decrypt()
2003-04-15 13:01:50 +00:00
Richard Levitte
cd1226bc6a
Memory leak fix: local blinding structure not freed in rsa_eay_private_decrypt()
2003-04-15 13:01:37 +00:00
Richard Levitte
fba1cfa06d
The release is tagged, time to work on 0.9.7c.
2003-04-10 20:40:19 +00:00
Richard Levitte
27f7d430ce
Forgot to code the status bits for release. This file will be
...
retagged.
2003-04-10 20:29:08 +00:00
Richard Levitte
5964e95c0a
Time to release 0.9.7b.
...
The tag will be OpenSSL_0_9_7b.
2003-04-10 20:22:15 +00:00
Richard Levitte
1a0c1f9052
make update
2003-04-10 20:11:09 +00:00
Richard Levitte
f78ae9c0f2
make update.
2003-04-10 20:10:22 +00:00
Dr. Stephen Henson
88ec5a637f
Only call redirected rsa_sign or rsa_verify if the pointer is set.
...
This allows, for example, a smart card to redirect rsa_sign and keep
the default rsa_verify.
2003-04-10 01:13:37 +00:00
Dr. Stephen Henson
0b1c00abeb
Typo.
2003-04-10 00:04:02 +00:00
Dr. Stephen Henson
75fcbb43a7
Typo.
2003-04-10 00:03:22 +00:00
Richard Levitte
0ae4ad9e9f
Include rand.h, so RAND_status() and friends get properly declared.
2003-04-08 11:07:13 +00:00
Richard Levitte
721688c2f8
Include rand.h, so RAND_status() and friends get properly declared.
2003-04-08 11:07:05 +00:00
Richard Levitte
1ed3815650
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework, here in
...
form of unneeded direct calls through the engine pointer..
2003-04-08 06:02:00 +00:00
Richard Levitte
0b55368306
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework, here in
...
form of unneeded direct calls through the engine pointer..
2003-04-08 06:01:55 +00:00
Richard Levitte
27310553b1
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form
...
of unneeded includes of openssl/engine.h.
2003-04-08 06:00:17 +00:00
Richard Levitte
43eb3b0130
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form
...
of unneeded includes of openssl/engine.h.
2003-04-08 06:00:05 +00:00
Richard Levitte
78490b9cc2
RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function
...
pointers should be used. It doesn't necessarely mean it should go through
the ENGINE framework.
2003-04-07 19:15:29 +00:00
Richard Levitte
0a861ab7f3
RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function
...
pointers should be used. It doesn't necessarely mean it should go through
the ENGINE framework.
2003-04-07 19:15:25 +00:00
Richard Levitte
7b36590b17
What was I smoking? EVP_PKEY_cmp() should return with 0 if
...
EVP_PKEY_cmp_parameters() returned 0, otherwise it should
go on processing the public key component. Thia has nothing
to do with the proper handling of EC parameters or not.
2003-04-07 10:15:32 +00:00
Richard Levitte
a8b728445c
Correct a typo.
...
Have EVP_PKEY_cmp() call EVP_PKEY_cmp_parameters(), and make a note
about the lack of parameter comparison for EC.
2003-04-07 10:09:44 +00:00
Richard Levitte
af0f0f3e8f
Constify
2003-04-06 15:31:18 +00:00
Richard Levitte
86ccb91ddb
Do not call ENGINE_setup_bsd_cryptodev() when OPENSSL_NO_ENGINE is defined.
...
PR: 564
2003-04-05 21:21:29 +00:00
Richard Levitte
8d570498a2
Do not call ENGINE_setup_bsd_cryptodev() when OPENSSL_NO_ENGINE is defined.
...
PR: 564
2003-04-05 21:21:26 +00:00
Richard Levitte
3ae70939ba
Correct a lot of printing calls. Remove extra arguments...
2003-04-03 23:39:48 +00:00
Richard Levitte
d5157a6244
Make %p and %# work properly, at least with pointers and floats.
2003-04-03 23:35:16 +00:00
Richard Levitte
c433d72593
Make %p and %# work properly, at least with pointers and floats.
2003-04-03 23:35:14 +00:00
Richard Levitte
68b42986cb
Add GCC attributes when compiled with gcc. This helps find out if
...
we're using the printing functions correctly or not.
I used the corresponding attributes found in the header files of my
Linux installation.
2003-04-03 23:06:05 +00:00
Richard Levitte
e6526fbf4d
Add functionality to help making self-signed certificate.
2003-04-03 22:27:24 +00:00
Richard Levitte
8382ec5d37
Reindent for readability.
2003-04-03 19:10:32 +00:00
Bodo Möller
46b695d850
make RSA blinding thread-safe
2003-04-02 09:50:55 +00:00
Bodo Möller
5679bcce07
make RSA blinding thread-safe
2003-04-02 09:50:22 +00:00
Richard Levitte
54e73364f1
Don't feil when indent is 0.
...
PR: 559
2003-03-31 13:24:04 +00:00
Richard Levitte
6dd6da6005
Don't feil when indent is 0.
...
PR: 559
2003-03-31 13:24:02 +00:00
Dr. Stephen Henson
1a15c89988
Multi valued AVA support.
2003-03-30 01:51:16 +00:00
Richard Levitte
a47789e849
Update VMS building system
2003-03-26 14:34:38 +00:00
Dr. Stephen Henson
81bd0446a9
make update
2003-03-24 17:06:25 +00:00
Dr. Stephen Henson
520b76ffd9
Support for name constraints.
2003-03-24 17:04:44 +00:00
Dr. Stephen Henson
1e2b14e9ca
Get X509_V_FLAG_CRL_CHECK_ALL logic the right way round.
...
PR:544
2003-03-24 16:58:01 +00:00
Dr. Stephen Henson
4fe70c7812
Get X509_V_FLAG_CRL_CHECK_ALL logic the right way round.
...
PR:544
2003-03-24 16:57:08 +00:00
Dr. Stephen Henson
1c2d141238
Name Constraints OID.
2003-03-24 00:56:09 +00:00
Dr. Stephen Henson
5cc5ec1bba
make update
2003-03-21 16:28:29 +00:00
Dr. Stephen Henson
f80153e20b
Support for policy constraints.
2003-03-21 16:26:20 +00:00
Richard Levitte
9b94f215b1
Define COMP method function prototypes properly.
2003-03-21 00:05:14 +00:00
Richard Levitte
8b5bcef798
Make sure to declare mem*() properly.
2003-03-21 00:04:14 +00:00
Richard Levitte
ea17e1f00f
make update
2003-03-20 23:54:33 +00:00
Richard Levitte
be9bec9bc7
Make sure we get the definition of OPENSSL_NO_RSA.
2003-03-20 23:34:28 +00:00
Richard Levitte
9c35452842
Make sure we get the definition of OPENSSL_NO_HMAC and OPENSSL_NO_SHA.
2003-03-20 23:34:08 +00:00
Richard Levitte
69104cdf34
Make sure we get the definition of OPENSSL_NO_SHA.
2003-03-20 23:32:16 +00:00
Richard Levitte
dfefdb41f7
Make sure we get the definition of OPENSSL_NO_RIPEMD.
2003-03-20 23:31:56 +00:00
Richard Levitte
cd6ab56da0
Make sure we get the definition of OPENSSL_NO_MDC2.
2003-03-20 23:31:44 +00:00
Richard Levitte
c988c9b839
Make sure we get the definition of OPENSSL_NO_MD5.
2003-03-20 23:31:34 +00:00
Richard Levitte
bff8e1dddb
Make sure we get the definition of OPENSSL_NO_MD4.
2003-03-20 23:31:24 +00:00
Richard Levitte
641e6ef2cb
Make sure we get the definition of OPENSSL_NO_MD2.
2003-03-20 23:30:04 +00:00
Richard Levitte
9e9e8cb6a8
Make sure we get the definition of OPENSSL_NO_DES.
2003-03-20 23:29:38 +00:00
Richard Levitte
f118514501
Make sure we get the definition of OPENSSL_NO_RC5.
2003-03-20 23:29:26 +00:00
Richard Levitte
39c4b7092c
Make sure we get the definition of OPENSSL_NO_RC4.
2003-03-20 23:29:17 +00:00
Richard Levitte
c7e7fc3ee4
Make sure we get the definition of OPENSSL_NO_RC2.
2003-03-20 23:29:06 +00:00
Richard Levitte
786b0075d5
Make sure we get the definition of OPENSSL_NO_IDEA.
2003-03-20 23:28:55 +00:00
Richard Levitte
fb10590910
Make sure we get the definition of OPENSSL_NO_CAST.
2003-03-20 23:28:27 +00:00
Richard Levitte
abf21308d2
Make sure we get the definition of OPENSSL_NO_BF.
2003-03-20 23:28:16 +00:00
Richard Levitte
8c84b677e2
Make sure we get the definition of OPENSSL_NO_AES.
2003-03-20 23:28:03 +00:00
Richard Levitte
d5ef144222
Make sure we get the definition of a number of OPENSSL_NO_* macros.
2003-03-20 23:27:17 +00:00
Richard Levitte
741dae576f
Make sure we get the definition of OPENSSL_NO_BIO.
2003-03-20 23:26:46 +00:00
Richard Levitte
59ade20500
Include e_os.h correctly.
2003-03-20 23:26:32 +00:00
Richard Levitte
c11b9af75e
Make sure we get the definition of OPENSSL_NO_MD2.
2003-03-20 23:24:59 +00:00
Richard Levitte
08a54f6e6a
Make sure we get the definition of OPENSSL_NO_FP_API.
2003-03-20 23:24:47 +00:00
Richard Levitte
8305477157
Make sure we get the definition of OPENSSL_NO_IDEA and IDEA_INT.
2003-03-20 23:24:32 +00:00
Richard Levitte
e8cc7de4f4
Make sure we get the definition of OPENSSL_NO_HMAC.
2003-03-20 23:23:43 +00:00
Richard Levitte
3b6aa36c77
Make sure we get the definition of OPENSSL_NO_ECDSA.
2003-03-20 23:22:31 +00:00
Richard Levitte
03829b2b47
Make sure we get the definition of OPENSSL_NO_ECDH.
2003-03-20 23:22:17 +00:00
Richard Levitte
87c9c659de
Make sure we get the definition of OPENSSL_NO_EC.
2003-03-20 23:22:06 +00:00
Richard Levitte
751ff1d376
Make sure we get the definition of OPENSSL_NO_DSA and OPENSSL_NO_SHA.
2003-03-20 23:21:51 +00:00
Richard Levitte
d3ae5b1c8a
Make sure we get the definition of OPENSSL_NO_DH.
2003-03-20 23:21:27 +00:00
Richard Levitte
0f3879455b
Make sure we get the definition of OPENSSL_EXTERN, OPENSSL_NO_DES,
...
DES_LONG and OPENSSL_NO_DESCBCM.
2003-03-20 23:21:10 +00:00
Richard Levitte
0c7d61ee0e
Make sure we get the definition of OPENSSL_NO_CAST.
2003-03-20 23:20:15 +00:00
Richard Levitte
78951e7711
Make sure we get the definition of OPENSSL_NO_ERR.
2003-03-20 23:19:41 +00:00
Richard Levitte
9ba4cc007b
Make sure we get the definition of OPENSSL_NO_SOCK.
2003-03-20 23:18:32 +00:00
Richard Levitte
7b5a6c7a62
Make sure we get the definition of OPENSSL_NO_FP_API.
2003-03-20 23:17:23 +00:00
Richard Levitte
44deca977d
Make sure we get the definition of OPENSSL_NO_BF.
2003-03-20 23:17:04 +00:00
Richard Levitte
536b73e78e
Make sure we get the definition of OPENSSL_NO_BIO and OPENSSL_NO_RSA.
2003-03-20 23:16:45 +00:00
Richard Levitte
940767b03f
Make sure we get the definition of OPENSSL_NO_AES.
2003-03-20 23:15:51 +00:00
Dr. Stephen Henson
b24668626e
make update
2003-03-20 17:59:39 +00:00
Dr. Stephen Henson
ea3675b5b6
New ASN1 macros to just implement and declare the new and free functions
...
and changes to mkdef.pl so it recognises them.
Use these in policyMappings extension.
2003-03-20 17:58:33 +00:00
Bodo Möller
c554155b58
make sure RSA blinding works when the PRNG is not properly seeded;
...
enable it automatically for the built-in engine
2003-03-20 17:31:30 +00:00
Dr. Stephen Henson
a1d12daed2
Support for policyMappings
2003-03-20 17:26:44 +00:00
Dr. Stephen Henson
6f528cac5a
Typo: OID should be policyMappings
2003-03-20 17:14:27 +00:00
Dr. Stephen Henson
10a66ad389
Avoid warning.
2003-03-20 17:09:46 +00:00
Dr. Stephen Henson
ce06265a37
make update
2003-03-20 14:21:36 +00:00
Richard Levitte
2dd060d94e
Shut up an ANSI compiler about uninitialised variables.
...
PR: 517
2003-03-20 10:57:12 +00:00
Richard Levitte
42a559163d
Shut up an ANSI compiler about uninitialised variables.
...
PR: 517
2003-03-20 10:57:09 +00:00
Bodo Möller
84b1e84af1
make sure RSA blinding works when the PRNG is not properly seeded;
...
enable it automatically only for the built-in engine
2003-03-19 18:58:55 +00:00
Dr. Stephen Henson
5250725ba5
Fix Certificate and CRL adding in X509_load_cert_crl_file:
...
an X509_INFO structure can contain more than one object,
for example a certififcate and a CRL.
2003-03-19 13:56:32 +00:00
Dr. Stephen Henson
9ed1fa4813
Fix Certificate and CRL adding in X509_load_cert_crl_file:
...
an X509_INFO structure can contain more than one object,
for example a certififcate and a CRL.
2003-03-19 13:55:48 +00:00
Ben Laurie
96c15b8aad
Turn on RSA blinding by default.
2003-03-18 12:12:10 +00:00
Dr. Stephen Henson
bc441b739b
Don't give an error if response reason absent in OCSP HTTP.
2003-03-14 23:38:34 +00:00
Dr. Stephen Henson
2007fe63f8
Don't give an error if response reason absent in OCSP HTTP.
2003-03-14 23:37:17 +00:00
Dr. Stephen Henson
ee435c0d9c
Add entry for domainComponent so it is treated correctly.
...
Add table order test to end of a_strnid.c
2003-03-14 01:45:44 +00:00
Dr. Stephen Henson
e6539fe22d
Add entry for domainComponent so it is treated correctly.
...
Add table order test to end of a_strnid.c
2003-03-14 01:44:42 +00:00
Dr. Stephen Henson
ba5df66a8b
Add some OIDs.
2003-03-13 23:37:55 +00:00
Geoff Thorpe
bba2cb3ada
Fix a bone-head bug. This warrants a CHANGES entry because it could affect
...
applications if they were passing a bogus 'flags' parameter yet having
things work as they wanted anyway.
2003-03-13 20:28:42 +00:00
Geoff Thorpe
86a925b27e
Fix a bone-head bug. This warrants a CHANGES entry because it could affect
...
applications if they were passing a bogus 'flags' parameter yet having
things work as they wanted anyway.
2003-03-13 20:23:19 +00:00
Dr. Stephen Henson
52c4c51f02
Return an error if gmtime returns NULL.
2003-03-13 14:13:53 +00:00
Dr. Stephen Henson
954d8e4f79
Return an error if gmtime returns NULL.
2003-03-13 14:10:11 +00:00
Dr. Stephen Henson
90e8a3102b
Fixes for EVP_DigestInit_ex() and OPENSSL_NO_ENGINE.
2003-03-12 02:31:40 +00:00
Dr. Stephen Henson
b35ca7b257
Fixes for EVP_DigestInit_ex() and OPENSSL_NO_ENGINE.
2003-03-12 02:31:12 +00:00
Geoff Thorpe
879650b866
The default implementation of DSA_METHOD has an interdependence on the
...
dsa_mod_exp() and bn_mod_exp() handlers from dsa_do_verify() and
dsa_sign_setup(). When another DSA_METHOD implementation does not define
these lower-level handlers, it becomes impossible to do a fallback to
software on errors using a simple DSA_OpenSSL()->fn(key).
This change allows the default DSA_METHOD to function in such circumstances
by only using dsa_mod_exp() and bn_mod_exp() handlers if they exist,
otherwise using BIGNUM implementations directly (which is what those
handlers did before this change). There should be no noticable difference
for the software case, or indeed any custom case that didn't already
segfault, except perhaps that there is now one less level of indirection in
all cases.
PR: 507
2003-03-11 01:49:21 +00:00
Bodo Möller
176f31ddec
- new ECDH_compute_key interface (KDF is no longer a fixed built-in)
...
- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary
2003-02-28 15:37:10 +00:00
Dr. Stephen Henson
57bc7769b7
Encryption BIOs misbehave when used with non blocking I/O.
...
Two fixes:
1. If BIO_write() fails inside enc_write() it should return the
total number of bytes successfully written.
2. If BIO_write() fails during BIO_flush() it should return immediately
with the error code: previously it would fall through to the final
encrypt, corrupting the buffer.
2003-02-27 14:08:44 +00:00
Dr. Stephen Henson
b8dc9693a7
Encryption BIOs misbehave when used with non blocking I/O.
...
Two fixes:
1. If BIO_write() fails inside enc_write() it should return the
total number of bytes successfully written.
2. If BIO_write() fails during BIO_flush() it should return immediately
with the error code: previously it would fall through to the final
encrypt, corrupting the buffer.
2003-02-27 14:07:59 +00:00
Bodo Möller
155bd1137e
add Certicom licensing e-mail address
2003-02-27 12:25:35 +00:00
Dr. Stephen Henson
f0dc08e656
Support for dirName from config files in GeneralName extensions.
2003-02-27 01:54:11 +00:00
Dr. Stephen Henson
e9ec63961b
Fix indefinite length encoding so EOC correctly updates
...
the buffer pointer.
Rename PKCS7_PARTSIGN to PKCS7_STREAM.
Guess what that's for :-)
2003-02-25 19:03:31 +00:00
Bodo Möller
5c9a9c9c33
include OpenSSL license (in addition to EAY license)
2003-02-24 17:15:28 +00:00
Ulf Möller
607ae30be8
replace symlink with copy, as in head
2003-02-22 22:59:01 +00:00
Ulf Möller
b4f43344d5
Copy rather than symlink the test data.
...
This is needed because Windows doesn't support symlinks.
The Cygwin/MinGW build now passes "make test".
2003-02-22 22:19:48 +00:00
Ulf Möller
c8c5cec1f9
remove some more useless code. The mingw target can now be built
...
under cygwin.
2003-02-22 22:15:31 +00:00
Ulf Möller
37d9503a67
mingw related cleanups, as in head
2003-02-22 18:02:46 +00:00
Ulf Möller
66ecdf3bfb
more mingw related cleanups.
2003-02-22 18:00:14 +00:00
Dr. Stephen Henson
5562cfaca4
Base64 bio fixes. The base64 bio was seriously broken
...
when reading from a non blocking BIO.
It would incorrectly interpret retries as EOF, incorrectly
buffer initial data and have no buffering at all after initial
data (data would be sent one byte at a time to EVP_DecodeUpdate).
2003-02-22 02:12:52 +00:00
Bodo Möller
f2aa055ec6
treat 'out' like i2d functions do; cf. asn1_item_flags_i2d (crypto/asn/tasn_enc.c)
2003-02-21 16:06:39 +00:00
Bodo Möller
62e3163b1b
ECPublicKey_set_octet_string and ECPublicKey_get_octet_string
...
behaviour was not quite consistent with the conventions
for d2i and i2d functions as far as handling of the 'out'
or 'in' pointer is concerned.
This patch changes this behaviour, and renames the functions to
o2i_ECPublicKey and i2o_ECPublicKey (not 'd2i' and 'i2d' because the
external encoding is just a raw object string without any DER icing).
Submitted by: Nils Larsch
2003-02-21 13:58:23 +00:00
Dr. Stephen Henson
8214e74f76
Ooops forgot to recognise V_ASN1_GENERALSTRING.
2003-02-20 17:13:21 +00:00
Dr. Stephen Henson
542a1b1a2e
Re enable the read side non blocking test BIO code.
...
For some reason it was disabled...
2003-02-20 13:39:30 +00:00
Dr. Stephen Henson
5672e3a321
Fix bug in base64 bios during write an non blocking I/O:
...
if the write fails when flushing the buffer return the
value to the application so it can retry.
2003-02-20 13:37:48 +00:00
Bodo Möller
fbbfd86b67
typo
...
PR: 511
Submitted by: Eric Cronin
2003-02-19 16:29:47 +00:00
Richard Levitte
dab0aaa612
Let's move on to development of 0.9.7b.
2003-02-19 12:55:39 +00:00
Richard Levitte
6fcf1dbc50
Time to release 0.9.7a.
...
The tag will be OpenSSL_0_9_7a.
2003-02-19 12:33:55 +00:00
Richard Levitte
a3063b37ef
Make sure the memory allocation routines check for negative sizes
2003-02-19 11:54:57 +00:00
Richard Levitte
d5234c7b3a
Make sure the memory allocation routines check for negative sizes
2003-02-19 11:54:42 +00:00
Richard Levitte
cf13eaf1a1
Borland C++ Builder 5 complains about unreachable statements.
2003-02-19 11:22:18 +00:00
Richard Levitte
77e270d10e
Borland C++ Builder 5 complains about unreachable statements.
2003-02-19 11:22:15 +00:00
Dr. Stephen Henson
988e8458ad
Typo.
2003-02-18 12:46:47 +00:00
Richard Levitte
cc811b1d7e
Make the no-err option work properly
2003-02-18 12:15:13 +00:00
Richard Levitte
758f942b88
Make the no-err option work properly
2003-02-18 12:14:57 +00:00
Geoff Thorpe
b653327d47
Declare prototypes for function pointer types, even if they are likely to
...
be cast later on.
2003-02-15 20:32:13 +00:00
Dr. Stephen Henson
27068df7e0
Single pass processing to cleartext S/MIME signing.
2003-02-15 00:50:55 +00:00
Geoff Thorpe
b12753dffc
We cache a montgomery form for 'n' if the PUBLIC flag is set, not PRIVATE.
...
Also, I've added handling for other mod_exp calls that were not using any
cached montgomery forms. These cases matter only for special RSA keys (eg.
ones that are missing information) so are unlikely to be used in normal
circumstances.
2003-02-15 00:18:38 +00:00
Geoff Thorpe
79221bc265
David Brumley <dbrumley@stanford.edu> noted and corrected a case in the
...
verification step of CRT private key operations in the RSA code -
previously no montgomery form was checked or used for 'n', and so it would
be generated on the fly each time. As a result, private key operations are
now a percent or two faster.
Rather than adding this as another repetition of the nearly-identical
montgomery "check for first-use" initialisation code blocks, I've taken
this chance to create a helper function and macro-wrapper to replace them.
PR: 475
2003-02-14 23:21:19 +00:00
Bodo Möller
1dc94d4dcc
mask old error codes so that mkerr.pl does not re-add them
2003-02-14 14:43:31 +00:00
Richard Levitte
b9447ec1bc
Make it possible to disable OCSP, the speed application, and the use of sockets.
...
PR: 358
2003-02-14 01:03:06 +00:00
Richard Levitte
85d686e723
Make it possible to disable OCSP, the speed application, and the use of sockets.
...
PR: 358
2003-02-14 01:02:58 +00:00
Richard Levitte
4989f0599f
Another long name to deal with
2003-02-13 13:21:13 +00:00
Richard Levitte
73bec6d4b7
Oh, the destest program did look at the return value...
2003-02-13 08:53:43 +00:00
Richard Levitte
e4b52ac353
Oh, the destest program did look at the return value...
2003-02-13 08:53:40 +00:00
Bodo Möller
abd22c9c46
new lock for EC_PRE_COMP structures
...
Submitted by: Nils Larsch
2003-02-12 22:01:12 +00:00
Bodo Möller
ba729265a8
Allow EC_GROUP objects to share precomputation for improved memory
...
efficiency (EC_PRE_COMP objects are now constant once completed).
Extend 'extra_data' API to support arbitrarily many slots (although we
need only one at the moment).
Modify EC internal 'extra_data' API: EC_GROUP_[clear_]free_extra_data
now frees only a single slot (the previous functions are available as
EC_GROUP_[clear_]free_all_extra_data).
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
2003-02-12 18:30:16 +00:00
Richard Levitte
e4b95737f0
Adjust DES_cbc_cksum() so the returned value is the same as MIT's
...
mit_des_cbc_cksum(). The difference was first observed, then verified by
looking at the MIT source.
2003-02-12 17:20:50 +00:00
Richard Levitte
9ec1d35f29
Adjust DES_cbc_cksum() so the returned value is the same as MIT's
...
mit_des_cbc_cksum(). The difference was first observed, then verified by
looking at the MIT source.
2003-02-12 17:20:39 +00:00
Dr. Stephen Henson
a8f5b2ed50
GeneralString support in mini-ASN1 compiler
2003-02-11 14:06:27 +00:00
Richard Levitte
28f573a28d
Make sure memcpy() is properly declared by including string.h.
2003-02-10 11:14:35 +00:00
Bodo Möller
e2c9c91b5b
fix EC_GROUP_copy for EC_GFp_nist_method()
...
Submitted by: Nils Larsch
2003-02-08 19:51:37 +00:00
Bodo Möller
65b254e8c0
remove debugging leftovers
2003-02-08 15:56:05 +00:00
Bodo Möller
82871eaa17
comment
2003-02-07 11:54:57 +00:00
Bodo Möller
24893ca999
typo
2003-02-06 19:32:06 +00:00
Bodo Möller
37c660ff9b
implement fast point multiplication with precomputation
...
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
2003-02-06 19:25:12 +00:00
Bodo Möller
a004b06237
additional sanity checks for arguments to EC_POINTs_mul()
2003-02-06 18:07:23 +00:00
Bodo Möller
98eab43915
EC_GROUP_get_extra_data() should not set an error when it returns NULL.
...
(NB: this is not an API change because this internal function is unused
in 0.9.7. 0.9.8-dev will use it, and will contain a similar change).
2003-02-06 18:00:20 +00:00
Bodo Möller
772ec4135c
typo in WIN16 section
...
Submitted by: Toni Andjelkovic <toni@soth.at>
2003-02-05 16:54:10 +00:00
Bodo Möller
ef03883edd
typo in WIN16 section
...
Submitted by: Toni Andjelkovic <toni@soth.at>
2003-02-05 16:50:50 +00:00
Dr. Stephen Henson
4e5d3a7f98
IPv6 display and input support for extensions usingh GeneralName.
2003-02-05 00:34:31 +00:00
Ben Laurie
2619676256
Old-style callbacks can be NULL!
2003-02-01 20:58:59 +00:00
Ben Laurie
33cc07f79a
Fix warning.
2003-02-01 20:55:29 +00:00
Richard Levitte
83df7b20c4
We can't say in advance what the argument to BIO_socket_ioctl() should be, so
...
let's make that a void *. Also, BIO_socket_nbio() should send it an int
argument, not a long.
PR: 457
2003-01-31 12:20:41 +00:00
Richard Levitte
c029841e36
We can't say in advance what the argument to BIO_socket_ioctl() should be, so
...
let's make that a void *. Also, BIO_socket_nbio() should send it an int
argument, not a long.
PR: 457
2003-01-31 12:20:35 +00:00
Richard Levitte
8e1e238219
A few small bugs with BIO popping.
...
PR: 364
2003-01-30 21:49:16 +00:00
Richard Levitte
5d780babe3
A few small bugs with BIO popping.
...
PR: 364
2003-01-30 21:49:12 +00:00
Richard Levitte
bd573ee31a
The OPENSSL_NO_ENGINE has small problem: it changes certain structures. That's
...
bad, so let's not check OPENSSL_NO_ENGINE in those places. Fortunately, all
the header files where the problem existed include ossl_typ.h, which makes
a 'forward declaration' of the ENGINE type.
2003-01-30 18:52:52 +00:00
Richard Levitte
5fe11c7533
The OPENSSL_NO_ENGINE has small problem: it changes certain structures. That's
...
bad, so let's not check OPENSSL_NO_ENGINE in those places. Fortunately, all
the header files where the problem existed include ossl_typ.h, which makes
a 'forward declaration' of the ENGINE type.
2003-01-30 18:52:46 +00:00
Richard Levitte
0b13e9f055
Add the possibility to build without the ENGINE framework.
...
PR: 287
2003-01-30 17:39:26 +00:00
Richard Levitte
6d85cd36e2
Add the possibility to build without the ENGINE framework.
...
PR: 287
2003-01-30 17:37:49 +00:00
Geoff Thorpe
f3c22ef10d
This glues the GMP wrapper ENGINE into OpenSSL if it is being built (ie. if
...
the OPENSSL_USE_GMP symbol is defined). Also, I've re-ordered the listing
of other builtin ENGINEs to be alphabetical (though "dynamic" will still
come first).
2003-01-30 15:49:03 +00:00
Richard Levitte
10ac28e26d
Small typo, OENSSL should really be spelled OPENSSL.
...
PR: 476
2003-01-30 11:08:47 +00:00
Richard Levitte
c0a93e31ab
Small typo, OENSSL should really be spelled OPENSSL.
...
PR: 476
2003-01-30 11:08:44 +00:00
Richard Levitte
40b676aa4f
DVCS (see RFC 3029) was missing among the possible purposes.
...
Notified privately to me by Peter Sylvester <Peter.Sylvester@EdelWeb.fr>,
one of the authors of said RFC
2003-01-29 15:06:38 +00:00
Richard Levitte
b637670f03
DVCS (see RFC 3029) was missing among the possible purposes.
...
Notified privately to me by Peter Sylvester <Peter.Sylvester@EdelWeb.fr>,
one of the authors of said RFC
2003-01-29 15:06:35 +00:00
Bodo Möller
bd1217a176
simplify
...
Submitted by: Nils Larsch
2003-01-28 13:08:21 +00:00
Bodo Möller
82516e3baf
cofactor is optional in parameter encodings
...
Submitted by: Nils Larsch
2003-01-25 15:28:49 +00:00
Bodo Möller
30e3c99d9f
consistency
2003-01-24 22:27:00 +00:00