Commit graph

1365 commits

Author SHA1 Message Date
Bodo Möller
ecc5ef8793 In addition to RC5, also exclude MDC2 from compilation unless
the algorithm is explicitly requested.
2005-03-02 20:11:31 +00:00
Bodo Möller
c9a112f540 Change ./Configure so that certain algorithms can be disabled by default.
This is now the case for RC5.

As a side effect, the OPTIONS in the Makefile will usually look a
little different now, but they are essentially only for information
anyway.
2005-02-22 10:29:51 +00:00
Lutz Jänicke
f69a8aebab Fix hang in EGD/PRNGD query when communication socket is closed
prematurely by EGD/PRNGD.
PR: 1014
Submitted by: Darren Tucker <dtucker@zip.com.au>
2005-02-19 10:19:07 +00:00
Dr. Stephen Henson
e90faddaf8 Prompt for passphrases for PKCS12 input format 2004-12-29 01:07:14 +00:00
Richard Levitte
6951c23afd Add functionality needed to process proxy certificates. 2004-12-28 00:21:35 +00:00
Dr. Stephen Henson
a0e7c8eede Add lots of checks for memory allocation failure, error codes to indicate
failure and freeing up memory if a failure occurs.

PR:620
2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
5b40d7dd97 Add -passin argument to dgst command. 2004-12-03 12:26:56 +00:00
Dr. Stephen Henson
1862dae862 Perform partial comparison of different character types in X509_NAME_cmp(). 2004-12-01 01:45:30 +00:00
Richard Levitte
5022e4ecdf Document the change. 2004-11-29 11:57:00 +00:00
Andy Polyakov
ea681ba872 Summarize recent RC4 tune-ups. 2004-11-26 15:26:09 +00:00
Dr. Stephen Henson
401ee37a3e Allow alternative manual sections to be embedded in .pod file comments. 2004-11-25 17:47:31 +00:00
Dr. Stephen Henson
826a42a088 PR: 910
Add command line options -certform, -keyform and -pass to s_client and
s_server. This supports the use of alternative passphrase sources, key formats
and keys handled by an ENGINE.

Update docs.
2004-11-16 17:30:59 +00:00
Dr. Stephen Henson
2f605e8d24 Fix race condition when CRL checking is enabled. 2004-10-04 16:30:12 +00:00
Dr. Stephen Henson
5d7c222db8 New X509_VERIFY_PARAM structure and associated functionality.
This tidies up verify parameters and adds support for integrated policy
checking.

Add support for policy related command line options. Currently only in smime
application.

WARNING: experimental code subject to change.
2004-09-06 18:43:01 +00:00
Geoff Thorpe
30fe028f07 Make a note of the new engine. 2004-08-04 22:42:29 +00:00
Dr. Stephen Henson
637ff35ef6 Delta CRL support in extension code. 2004-07-06 17:16:40 +00:00
Geoff Thorpe
df11e1e921 Deprecate unused cruft, and "make update". 2004-06-17 23:50:25 +00:00
Andy Polyakov
ad5003409d Mention new SHA algorithms in CHANGES. This completes the integration. 2004-05-31 14:03:02 +00:00
Dr. Stephen Henson
4843acc868 Fixes so alerts are sent properly in s3_pkt.c
PR: 851
2004-05-15 17:55:07 +00:00
Andy Polyakov
e14f4aab0a CHANGES to mention improved PowerPC platform support. 2004-05-13 13:58:44 +00:00
Bodo Möller
d5f686d808 - update from current 0.9.6-stable CHANGES file
- update from current 0.9.7-stable CHANGES file:

  Now here we have "CHANGES between 0.9.7e and 0.9.8", and I hope
  that all patches mentioned for 0.9.7d and 0.9.7e actually are
  in the CVS HEAD, i.e. what is to become 0.9.8.

  I have rewritten the 'openssl ca -create_serial' entry (0.9.8)
  so that it explains the earlier change that is now listed (0.9.7e).

  The ENGINE_set_default typo bug entry has been moved from 0.9.8
  to 0.9.7b, which is where it belongs.
2004-05-04 01:15:48 +00:00
Geoff Thorpe
bcfea9fb25 Allow RSA key-generation to specify an arbitrary public exponent. Jelte
proposed the change and submitted the patch, I jiggled it slightly and
adjusted the other parts of openssl that were affected.

PR: 867
Submitted by: Jelte Jansen
Reviewed by: Geoff Thorpe
2004-04-26 15:31:35 +00:00
Geoff Thorpe
955d465c2c As far as I can tell, the bugfix this comment refers to was committed to
0.9.7-stable as well as HEAD (and doesn't apply to the 0.9.6-engine
variant).
2004-04-21 15:12:20 +00:00
Dr. Stephen Henson
64674bcc8c Reduce chances of issuer and serial number duplication by use of random
initial serial numbers.

PR: 842
2004-04-20 12:05:26 +00:00
Geoff Thorpe
3a87a9b9db Reduce header interdependencies, initially in engine.h (the rest of the
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
2004-04-19 17:46:04 +00:00
Dr. Stephen Henson
bf5773fa2d Oops forgot CHANGES entry. 2004-03-31 12:55:33 +00:00
Dr. Stephen Henson
216659eb87 Enhance EVP code to generate random symmetric keys of the
appropriate form, for example correct DES parity.

Update S/MIME code and EVP_SealInit to use new functions.

PR: 700
2004-03-28 17:38:00 +00:00
Dr. Stephen Henson
e1a27eb34a Allow CRLs to be passed into X509_STORE_CTX. This is useful when the
verified structure can contain its own CRLs (such as PKCS#7 signedData).

Tidy up some of the verify code.
2004-03-27 22:49:28 +00:00
Dr. Stephen Henson
6446e0c3c8 Extend OID config module format. 2004-03-27 13:30:14 +00:00
Geoff Thorpe
5c98b2caf5 Replace the BN_CTX implementation with my current work. I'm leaving the
little TODO list in there as well as the debugging code (only enabled if
BN_CTX_DEBUG is defined).

I'd appreciate as much review and testing as can be spared for this. I'll
commit some changes to other parts of the bignum code shortly to make
better use of this implementation (no more fixed size limitations). Note
also that under identical optimisations, I'm seeing a noticable speed
increase over openssl-0.9.7 - so any feedback to confirm/deny this on other
systems would also be most welcome.
2004-03-25 04:16:14 +00:00
Geoff Thorpe
46ef873f0b By adding a BN_CTX parameter to the 'rsa_mod_exp' callback, private key
operations no longer require two distinct BN_CTX structures. This may put
more "strain" on the current BN_CTX implementation (which has a fixed limit
to the number of variables it will hold), but so far this limit is not
triggered by any of the tests pass and I will be changing BN_CTX in the
near future to avoid this problem anyway.

This also changes the default RSA implementation code to use the BN_CTX in
favour of initialising some of its variables locally in each function.
2004-03-25 02:52:04 +00:00
Dr. Stephen Henson
4acc3e907d Initial support for certificate policy checking and evaluation.
This is currently *very* experimental and needs to be more fully integrated
with the main verification code.
2004-03-23 14:14:35 +00:00
Geoff Thorpe
7f663ce430 Note my bignum hijinx in case app maintainers are using CHANGES for their
porting efforts. Also, add Richard's name to the prior change.
2004-03-17 18:30:47 +00:00
Richard Levitte
875a644a90 Constify d2i, s2i, c2i and r2i functions and other associated
functions and macros.

This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const.  Those will be removed when this change has been
properly reviewed.
2004-03-15 23:15:26 +00:00
Geoff Thorpe
b6358c89a1 Convert openssl code not to assume the deprecated form of BN_zero().
Remove certain redundant BN_zero() initialisations, because BN_CTX_get(),
BN_init(), [etc] already initialise to zero.

Correct error checking in bn_sqr.c, and be less wishy-wash about how/why
the result's 'top' value is set (note also, 'max' is always > 0 at this
point).
2004-03-13 23:57:20 +00:00
Geoff Thorpe
9e051bac13 Document a change I'd already made, and at the same time, correct the
change to work properly; BN_zero() should set 'neg' to zero as well as
'top' to match the behaviour of BN_new().
2004-03-13 22:10:15 +00:00
Dr. Stephen Henson
edec614efd Support for inhibitAnyPolicy extension. 2004-03-08 13:56:31 +00:00
Dr. Stephen Henson
bc50157010 Various X509 fixes. Disable broken certificate workarounds
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in
CRL issuer certificates. Reject CRLs with unhandled (any)
critical extensions.
2004-03-05 17:16:35 +00:00
Dr. Stephen Henson
dc90f64d56 Use an OCTET STRING for the encoding of an OCSP nonce value.
The old raw format can't be handled by some implementations
and updates to RFC2560 will make this mandatory.
2004-02-19 18:16:38 +00:00
Dr. Stephen Henson
d4575825f1 Add flag to avoid continuous
memory allocate when calling EVP_MD_CTX_copy_ex().

Without this HMAC is several times slower than
< 0.9.7.
2004-02-01 13:39:51 +00:00
Dr. Stephen Henson
cd2e8a6f2d Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex(). 2003-11-10 01:37:23 +00:00
Geoff Thorpe
d870740cd7 Put the first stage of my bignum debugging adventures into CVS. This code
is itself experimental, and in addition may cause execution to break on
existing openssl "bugs" that previously were harmless or at least
invisible.
2003-11-04 22:54:49 +00:00
Geoff Thorpe
2ce90b9b74 BN_CTX is opaque and the static initialiser BN_CTX_init() is not used
except internally to the allocator BN_CTX_new(), as such this deprecates
the use of BN_CTX_init() in the API. Moreover, the structure definition of
BN_CTX is taken out of bn_lcl.h and moved into bn_ctx.c itself.

NDEBUG should probably only be "forced" in the top-level configuration, but
until it is I will avoid removing it from bn_ctx.c which might surprise
people with massive slow-downs in their keygens. So I've left it in
bn_ctx.c but tidied up the preprocessor logic a touch and made it more
tolerant of debugging efforts.
2003-10-29 18:04:37 +00:00
Geoff Thorpe
8dc344ccbf Relax some over-zealous constification that gave some lhash-based code no
choice but to have to cast away "const" qualifiers from their prototypes.
This does not remove constification restrictions from hash/compare
callbacks, but allows destructor commands to be run over a tables' elements
without bad casts.
2003-10-29 04:57:05 +00:00
Geoff Thorpe
0991f07034 For whatever reason (compiler or header bugs), at least one commonly-used
linux system (namely mine) chokes on our definitions and uses of the "HZ"
symbol in crypto/tmdiff.[ch] and apps/speed.c as a "bad function cast"
(when in fact there is no function casting involved at all). In both cases,
it is easily worked around by not defining a cast into the macro and
jiggling the expressions slightly.

In addition - this highlights some cruft in openssl that needs sorting out.
The tmdiff.h header is exported as part of the openssl API despite the fact
that it is ugly as the driven sludge and not used anywhere in the library,
applications, or utilities. More weird still, almost identical code exists
in apps/speed.c though it looks to be slightly tweaked - so either tmdiff
should be updated and used by speed.c, or it should be dumped because it's
obviously not useful enough.

Rather than removing it for now, I've changed the API for tmdiff to at
least make sense. This involves taking the object type (MS_TM) from the
implementation and using it in the header rather than using "char *" in the
API and casting mercilessly in the code (ugh). If someone doesn't like
"MS_TM" and the "ms_time_***" naming, by all means change it. This should
be a harmless improvement, because the existing API is clearly not very
useful (eg. we reimplement it rather than using it in our own utils).

However, someone still needs to take a hack at consolidating speed.c and
tmdiff.[ch] somehow.
2003-10-29 04:40:13 +00:00
Geoff Thorpe
2aaec9cced Update any code that was using deprecated functions so that everything builds
and links with OPENSSL_NO_DEPRECATED defined.
2003-10-29 04:14:08 +00:00
Geoff Thorpe
9d473aa2e4 When OPENSSL_NO_DEPRECATED is defined, deprecated functions are (or should
be) precompiled out in the API headers. This change is to ensure that if
it is defined when compiling openssl, the deprecated functions aren't
implemented either.
2003-10-29 04:06:50 +00:00
Dr. Stephen Henson
c5a5546389 Add support for digested data PKCS#7 type. 2003-10-11 22:11:45 +00:00
Dr. Stephen Henson
8d9086dfa2 New function to initialize a PKCS7 structure of type other. 2003-10-10 23:40:47 +00:00
Dr. Stephen Henson
caf044cb3e Retrieve correct content to sign when the
type is "other".
2003-10-10 23:25:43 +00:00
Dr. Stephen Henson
2990244980 ASN1 parse fix and release file changes. 2003-09-30 16:47:33 +00:00
Ralf S. Engelschall
6bd27f8644 Fix prime generation loop in crypto/bn/bn_prime.pl by making
sure the loop does correctly stop and breaking ("division by zero")
modulus operations are not performed. The (pre-generated) prime
table crypto/bn/bn_prime.h was already correct, but it could not be
re-generated on some platforms because of the "division by zero"
situation in the script.
2003-09-25 13:57:58 +00:00
Bodo Möller
a907751350 certain changes have to be listed twice in this file because OpenSSL
0.9.6h forked into 0.9.6i and 0.9.7 ...
2003-09-04 12:52:56 +00:00
Dr. Stephen Henson
560dfd2a02 New -ignore_err option in ocsp application to stop the server
exiting on the first error in a request.
2003-09-03 23:56:01 +00:00
Dr. Stephen Henson
14f3d7c5cc Only accept a client certificate if the server requests
one, as required by SSL/TLS specs.
2003-09-03 23:47:34 +00:00
Bodo Möller
968766cad8 updates for draft-ietf-tls-ecc-03.txt
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
2003-07-22 12:34:21 +00:00
Bodo Möller
652ae06bad add test for secp160r1
add code for kP+lQ timings

Submitted by: Douglas Stebila <douglas.stebila@sun.com>
Reviewed by: Bodo Moeller
2003-07-22 10:39:10 +00:00
Bodo Möller
ddc38679ce tolerate extra data at end of client hello for SSL 3.0
PR: 659
2003-07-21 15:17:46 +00:00
Bodo Möller
02e0559477 fix: 0.9.7 is based on 0.9.6h, not on 0.9.6k
typo in 0.9.6k section
2003-07-21 15:08:01 +00:00
Richard Levitte
cf9a88cad7 Document the last change.
PR: 587
2003-06-19 19:04:13 +00:00
Richard Levitte
4f1cd8324c Prepare for changes in the 0.9.6 branch 2003-06-19 19:01:05 +00:00
Richard Levitte
ed7f1d0bc6 Prepare for changes in the 0.9.6 branch 2003-06-19 18:59:27 +00:00
Richard Levitte
e666c4599f Add the possibility to have symbols loaded globally with DSO. 2003-06-11 22:42:28 +00:00
Richard Levitte
54f6451670 Add functionality to set marks on the error stack and to pop all errors to the next mark. 2003-06-11 20:49:58 +00:00
Richard Levitte
a069460015 Document the AES_cbc_encrypt() change 2003-06-10 04:42:38 +00:00
Dr. Stephen Henson
63b815583b Update CHANGES to reflect base64 fix added to 0.9.7 2003-06-03 00:16:47 +00:00
Dr. Stephen Henson
beab098d53 Various S/MIME bug and compatibility fixes. 2003-06-01 20:51:58 +00:00
Richard Levitte
3bbb0212f3 Add STORE support in ENGINE. 2003-05-01 03:57:46 +00:00
Richard Levitte
a5db6fa576 Define a STORE type. For documentation, read the entry in CHANGES,
crypto/store/README, crypto/store/store.h and crypto/store/str_locl.h.
2003-05-01 03:53:12 +00:00
Richard Levitte
535fba4907 Define the OPENSSL_ITEM structure. 2003-05-01 03:45:18 +00:00
Richard Levitte
1ae0a83bdd Add BUF_strndup() and BUF_memdup(). Not currently used, but I've code
that uses them that I'll commit in a few days.
2003-04-29 22:08:57 +00:00
Richard Levitte
9d6c32d6d1 Correct documentation. sk_find_ex() doesn't return a pointer, it
returns an index.
2003-04-29 20:31:58 +00:00
Richard Levitte
ea5240a5ed Add an extended variant of OBJ_bsearch() that can be given a few
flags.
2003-04-29 20:25:21 +00:00
Bodo Möller
7a04fdd87f include 'Changes between 0.9.6i and 0.9.6j' 2003-04-11 15:03:12 +00:00
Richard Levitte
16b1b03543 Implement self-signing in 'openssl ca'. This makes it easier to have
the CA certificate part of the CA database, and combined with
'unique_subject=no', it should make operations like CA certificate
roll-over easier.
2003-04-03 22:33:59 +00:00
Richard Levitte
e6526fbf4d Add functionality to help making self-signed certificate. 2003-04-03 22:27:24 +00:00
Richard Levitte
f85b68cd49 Make it possible to have multiple active certificates with the same
subject.
2003-04-03 16:33:03 +00:00
Bodo Möller
5679bcce07 make RSA blinding thread-safe 2003-04-02 09:50:22 +00:00
Dr. Stephen Henson
1a15c89988 Multi valued AVA support. 2003-03-30 01:51:16 +00:00
Dr. Stephen Henson
520b76ffd9 Support for name constraints. 2003-03-24 17:04:44 +00:00
Dr. Stephen Henson
f80153e20b Support for policy constraints. 2003-03-21 16:26:20 +00:00
Bodo Möller
c554155b58 make sure RSA blinding works when the PRNG is not properly seeded;
enable it automatically for the built-in engine
2003-03-20 17:31:30 +00:00
Dr. Stephen Henson
a1d12daed2 Support for policyMappings 2003-03-20 17:26:44 +00:00
Bodo Möller
02da5bcd83 countermeasure against new Klima-Pokorny-Rosa atack 2003-03-19 19:19:53 +00:00
Geoff Thorpe
bba2cb3ada Fix a bone-head bug. This warrants a CHANGES entry because it could affect
applications if they were passing a bogus 'flags' parameter yet having
things work as they wanted anyway.
2003-03-13 20:28:42 +00:00
Geoff Thorpe
879650b866 The default implementation of DSA_METHOD has an interdependence on the
dsa_mod_exp() and bn_mod_exp() handlers from dsa_do_verify() and
dsa_sign_setup(). When another DSA_METHOD implementation does not define
these lower-level handlers, it becomes impossible to do a fallback to
software on errors using a simple DSA_OpenSSL()->fn(key).

This change allows the default DSA_METHOD to function in such circumstances
by only using dsa_mod_exp() and bn_mod_exp() handlers if they exist,
otherwise using BIGNUM implementations directly (which is what those
handlers did before this change). There should be no noticable difference
for the software case, or indeed any custom case that didn't already
segfault, except perhaps that there is now one less level of indirection in
all cases.

PR: 507
2003-03-11 01:49:21 +00:00
Bodo Möller
176f31ddec - new ECDH_compute_key interface (KDF is no longer a fixed built-in)
- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary
2003-02-28 15:37:10 +00:00
Dr. Stephen Henson
f0dc08e656 Support for dirName from config files in GeneralName extensions. 2003-02-27 01:54:11 +00:00
Dr. Stephen Henson
e9ec63961b Fix indefinite length encoding so EOC correctly updates
the buffer pointer.

Rename PKCS7_PARTSIGN to PKCS7_STREAM.

Guess what that's for :-)
2003-02-25 19:03:31 +00:00
Ulf Möller
63ff3e83fc Add instructions for building the MinGW target in Cygwin, and
rearrange some of the other text for better readability.
2003-02-22 23:03:42 +00:00
Richard Levitte
132eaa59da Allow building applications against static libraries with Makefile.shared. 2003-02-22 14:41:34 +00:00
Dr. Stephen Henson
5562cfaca4 Base64 bio fixes. The base64 bio was seriously broken
when reading from a non blocking BIO.

It would incorrectly interpret retries as EOF, incorrectly
buffer initial data and have no buffering at all after initial
data (data would be sent one byte at a time to EVP_DecodeUpdate).
2003-02-22 02:12:52 +00:00
Richard Levitte
5b0b0e98ce Security fix: Vaudenay timing attack on CBC.
An advisory will be posted to the web.  Expect a release within the hour.
2003-02-19 12:03:59 +00:00
Richard Levitte
758f942b88 Make the no-err option work properly 2003-02-18 12:14:57 +00:00
Dr. Stephen Henson
27068df7e0 Single pass processing to cleartext S/MIME signing. 2003-02-15 00:50:55 +00:00
Richard Levitte
b7bbac72c4 Add support for IA64.
PR: 454
2003-02-14 13:30:35 +00:00
Richard Levitte
2d3de726c5 Add full support for -rpath/-R, both in shared libraries and
applications, at least on the platforms where it's known how
to do it.

Note: this has only been tested on GNU-based platforms (Linux), and
needs to be tested on all others.  Additionally, it's not yet
supported on the following platforms, for lack of information:

Darwin (MacOS X)
Cygwin
OSF1/Alpha
SVR3
ReliantUNIX

Please help out with testing and the platforms we don't yet know well
enough.
2003-02-13 23:52:54 +00:00
Richard Levitte
9ec1d35f29 Adjust DES_cbc_cksum() so the returned value is the same as MIT's
mit_des_cbc_cksum().  The difference was first observed, then verified by
looking at the MIT source.
2003-02-12 17:20:39 +00:00
Dr. Stephen Henson
cf56663fb7 Option to disable SSL auto chain build 2003-02-12 17:06:02 +00:00
Bodo Möller
8537943e8b first section is now "Changes between 0.9.7a and 0.9.8", not "... 0.9.7 and 0.9.8" 2003-02-11 16:42:30 +00:00
Bodo Möller
24893ca999 typo 2003-02-06 19:32:06 +00:00
Bodo Möller
37c660ff9b implement fast point multiplication with precomputation
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
2003-02-06 19:25:12 +00:00
Dr. Stephen Henson
4e5d3a7f98 IPv6 display and input support for extensions usingh GeneralName. 2003-02-05 00:34:31 +00:00
Richard Levitte
0b13e9f055 Add the possibility to build without the ENGINE framework.
PR: 287
2003-01-30 17:39:26 +00:00
Geoff Thorpe
96f7065f63 Summarise the last couple of commits. 2003-01-30 15:52:40 +00:00
Bodo Möller
c1862f9136 consistency 2003-01-24 22:28:32 +00:00
Dr. Stephen Henson
d3b5cb5343 Check return value of gmtime() and add error codes
where it fails in ASN1_TIME_set().

Edit asn1.h so the new error code is the same in 0.9.7
and 0.9.8, rebuild new error codes.

Clear error queue in req.c if *_min or *_max is absent.
2003-01-24 01:12:01 +00:00
Lutz Jänicke
a74333f905 Fix initialization sequence to prevent freeing of unitialized objects.
Submitted by: Nils Larsch <nla@trustcenter.de>

PR: 459
2003-01-15 14:54:59 +00:00
Lutz Jänicke
8ec16ce711 Really fix SSLv2 session ID handling
PR: 377
2003-01-15 09:51:22 +00:00
Geoff Thorpe
0e4aa0d2d2 As with RSA, which was modified recently, this change makes it possible to
override key-generation implementations by placing handlers in the methods
for DSA and DH. Also, parameter generation for DSA and DH is possible by
another new handler for each method.
2003-01-15 02:01:55 +00:00
Richard Levitte
04aff67de4 Merge from 0.9.7-stable. 2003-01-13 17:16:25 +00:00
Bodo Möller
9d5390a049 document BN_GENCB API by adding an example 2003-01-13 13:44:20 +00:00
Richard Levitte
afd41c9fc7 Add better support for FreeBSD on non-x86 machines.
Add specific support for FreeBSD on sparc64.
PR: 427
2003-01-12 04:43:44 +00:00
Richard Levitte
4a9476dd8d When preparing a separate build tree, don't make softlinks to softlinks.
Add instructions in INSTALL, for easy access.
PR: 437
2003-01-10 10:56:14 +00:00
Richard Levitte
7a1c6aa2a3 It's rather silly to believe we'd release 0.9.7a in 2002 :-).
It's even more silly to pretend we know which year 0.9.8 will be
released.
2002-12-31 01:00:06 +00:00
Richard Levitte
948dcdb81b Merge in changes from 0.9.7-stable. 2002-12-31 00:02:10 +00:00
Richard Levitte
08101d72ce Merge in changes from 0.9.7-stable. 2002-12-30 23:56:09 +00:00
Lutz Jänicke
21cde7a41c Fix wrong handling of session ID in SSLv2 client code.
PR: 377
2002-12-29 20:59:35 +00:00
Richard Levitte
9cd16b1dea We stupidly had a separate LIBKRB5 variable for KRB5 library dependencies,
and then didn't support it very well.  And that when there already is a
useful variable for exactly this kind of thing; EX_LIBS...
2002-12-19 22:10:12 +00:00
Richard Levitte
a1457874c6 OK, there's at least one application author who has provided dynamic locking
callbacks
2002-12-13 07:30:53 +00:00
Richard Levitte
14676ffcd6 Document the modifications in 0.9.7 that will make the hw_ncipher.c
engine work properly even in bad situations.
2002-12-12 17:40:15 +00:00
Richard Levitte
fdaea9ed2e Since it's defined in draft-ietf-tls-compression-04.txt, let's make
ZLIB a known compression method, with the identity 1.
2002-12-08 09:31:41 +00:00
Geoff Thorpe
e9224c7177 This is a first-cut at improving the callback mechanisms used in
key-generation and prime-checking functions. Rather than explicitly passing
callback functions and caller-defined context data for the callbacks, a new
structure BN_GENCB is defined that encapsulates this; a pointer to the
structure is passed to all such functions instead.

This wrapper structure allows the encapsulation of "old" and "new" style
callbacks - "new" callbacks return a boolean result on the understanding
that returning FALSE should terminate keygen/primality processing.  The
BN_GENCB abstraction will allow future callback modifications without
needing to break binary compatibility nor change the API function
prototypes. The new API functions have been given names ending in "_ex" and
the old functions are implemented as wrappers to the new ones.  The
OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined,
declaration of the older functions will be skipped. NB: Some
openssl-internal code will stick with the older callbacks for now, so
appropriate "#undef" logic will be put in place - this is in case the user
is *building* openssl (rather than *including* its headers) with this
symbol defined.

There is another change in the new _ex functions; the key-generation
functions do not return key structures but operate on structures passed by
the caller, the return value is a boolean. This will allow for a smoother
transition to having key-generation as "virtual function" in the various
***_METHOD tables.
2002-12-08 05:24:31 +00:00
Richard Levitte
43ecece595 Merge in relevant changes from the OpenSSL 0.9.6h release. 2002-12-05 21:50:13 +00:00
Dr. Stephen Henson
2053c43de2 In asn1_d2i_read_bio, don't assume BIO_read will
return the requested number of bytes when reading
content.
2002-12-03 23:50:59 +00:00
Richard Levitte
df29cc8f77 Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler
and linker optimizations.
PR: 343
2002-11-27 12:24:05 +00:00
Richard Levitte
17582ccf21 Heimdal isn't really supported right now. Say so, and offer a possibility
to force the use of Heimdal, and warn if that's used.
PR: 346
2002-11-26 10:11:58 +00:00
Lutz Jänicke
6a8afe2201 Fix bug introduced by the attempt to fix client side external session
caching (#288): now internal caching failed (#351):
Make sure, that cipher_id is set before comparing.
Submitted by:
Reviewed by:
PR: 288 (and 351)
2002-11-20 10:48:58 +00:00
Richard Levitte
20199ca809 Document the addition of certificate pairs. 2002-11-18 23:56:15 +00:00
Richard Levitte
0bf23d9b20 WinCE patches 2002-11-15 22:37:18 +00:00
Richard Levitte
6f17f16fd5 Changes to make shared library building and use work better with Cygwin 2002-11-15 16:48:38 +00:00
Richard Levitte
84034f7aec Document the change to remove the 'done' flag variable in the
OpenSSL_add_all_*() routines
2002-11-15 13:58:11 +00:00
Richard Levitte
0a5942093e We need to read one more byte of the REQUEST-CERTIFICATE message.
PR: 300
2002-11-15 09:15:55 +00:00
Bodo Möller
2b2ab52354 harmonize with 0.9.7 tree 2002-11-14 12:17:47 +00:00
Richard Levitte
83411793b6 Handle last lines that aren't properly terminated.
PR: 308
2002-11-14 06:51:18 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Richard Levitte
c81a15099a X509_NAME_cmp() now compares PrintableString and emailAddress with a value of type
ia5String correctly.
PR: 244
2002-11-09 21:52:20 +00:00
Bodo Möller
b53e44e572 implement and use new macros BN_get_sign(), BN_set_sign()
Submitted by: Nils Larsch
2002-11-04 13:17:22 +00:00
Geoff Thorpe
9c3db400dc The recent CHANGES note between 0.9.6g and 0.9.6h needs copying into the
other branches.
2002-10-29 18:01:08 +00:00
Bodo Möller
19b8d06a79 clean up new code for NIST primes
create new lock CRYPTO_LOCK_BN to avoid race condition
2002-10-28 14:02:19 +00:00
Bodo Möller
5c6bf03117 fast reduction for NIST curves
Submitted by: Nils Larsch
2002-10-28 13:23:24 +00:00
Richard Levitte
874fee478c Clarify where the engines are by default. 2002-10-12 16:07:31 +00:00
Richard Levitte
6f7c2cb31e Step 14 of move of engines: Final step, document the change. 2002-10-11 22:06:44 +00:00
Bodo Möller
3e06fb754e synchronize with 0.9.7-stable version of this file 2002-10-11 17:56:34 +00:00
Richard Levitte
30afcc072a Move the shared library construction stuff to Makefile.shared, a
helper makefile that generalises our way of building shared libraries
and is designed to take care of almost anything (I hope).
2002-10-11 00:37:11 +00:00
Richard Levitte
7ba3a4c3d2 RFC 2712 redefines the codes for use of Kerberos 5 in SSL/TLS.
PR: 189
2002-10-10 07:59:03 +00:00
Dr. Stephen Henson
fc6a6a1030 Add version info to Win32 DLLs.
We might want to edit the strings a bit...

Maybe add to 0.9.7 too?
2002-10-04 21:22:47 +00:00
Dr. Stephen Henson
9a48b07ee4 Various enhancements to PKCS#12 code, new
medium level API, improved PKCS12_create
and additional functionality in pkcs12
utility.
2002-10-03 23:53:52 +00:00
Dr. Stephen Henson
230fd6b7b6 Preliminary streaming ASN1 encode support. 2002-10-03 12:38:52 +00:00
Bodo Möller
929f116733 fix more race conditions
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
2002-09-26 15:52:34 +00:00
Bodo Möller
b8565a9af9 really fix race conditions
Submitted by: "Patrick McCormick" <patrick@tellme.com>

PR: 262
PR: 291
2002-09-25 15:38:57 +00:00
Bodo Möller
e78f137899 really fix race condition
PR: 262
2002-09-23 14:25:07 +00:00
Bodo Möller
a4f53a1c73 there is no minimum length for session IDs
PR: 274
2002-09-19 11:44:07 +00:00
Bodo Möller
a90ae02454 fix race condition
PR: 262
2002-09-19 11:26:45 +00:00
Bodo Möller
9226e2187c Let 'openssl req' fail if an argument to '-newkey' is not
recognized instead of using RSA as a default.
2002-09-10 07:34:45 +00:00
Bodo Möller
ba11121731 -nameopt fix has been moved to 0.9.7 2002-09-02 14:22:51 +00:00
Bodo Möller
ed5e37c309 mention EC_get_builtin_curves() 2002-09-02 07:12:08 +00:00
Dr. Stephen Henson
fc85ac20c7 Make -nameopt work in req and add support for -reqopt 2002-08-22 23:43:48 +00:00
Lutz Jänicke
82a20fb0f0 Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb().
Submitted by:
Reviewed by:
PR: 212
2002-08-16 17:04:04 +00:00
Dr. Stephen Henson
3f6db7f518 Fix block_size field for CFB and OFB modes: it should be 1. 2002-08-16 01:53:24 +00:00
Bodo Möller
7eb18f1237 Simplify handling of named curves: get rid of EC_GROUP_new_by_name(),
EC_GROUP_new_by_nid() should be enough.  This avoids a lot of
redundancy.

Submitted by: Nils Larsch
2002-08-15 09:21:31 +00:00
Bodo Möller
749d055eba move a TODO from CHANGES to STATUS 2002-08-14 11:07:29 +00:00
Bodo Möller
49a0f77867 add 'TODO' items 2002-08-14 10:49:29 +00:00
Dr. Stephen Henson
2af52de7b5 Fix typo in OBJ_txt2obj which incorrectly passed the content
length, instead of the encoding length to d2i_ASN1_OBJECT.

This wasn't visible before becuse ASN1_get_object() used
to read past the length of the supplied buffer.
2002-08-14 00:48:02 +00:00
Bodo Möller
8e28c67155 add 0.9.6g information 2002-08-12 08:45:00 +00:00
Bodo Möller
ea26226046 ECC ciphersuite support
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
(Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)
2002-08-09 08:56:08 +00:00
Bodo Möller
e172d60ddb Add ECDH support.
Additional changes:
 - use EC_GROUP_get_degree() in apps/req.c
 - add ECDSA and ECDH to apps/speed.c
 - adds support for EC curves over binary fields to ECDSA
 - new function EC_KEY_up_ref() in crypto/ec/ec_key.c
 - reorganize crypto/ecdsa/ecdsatest.c
 - add engine support for ECDH
 - fix a few bugs in ECDSA engine support

Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-09 08:43:04 +00:00
Richard Levitte
fbe792f0ac 0.9.6f is released 2002-08-08 22:55:28 +00:00
Dr. Stephen Henson
f908226898 Fix the ASN1 sanity check: correct header length
calculation and check overflow against LONG_MAX.
2002-08-02 18:48:55 +00:00
Bodo Möller
909abce800 disable Sun divison algorithm by default 2002-08-02 18:26:02 +00:00
Bodo Möller
95ecacf8a2 Let BN_rand_range() abort with an error after 100 iterations
without success.
2002-08-02 15:02:03 +00:00
Bodo Möller
6fb60a84dd Change BN_mod_sqrt() so that it verifies that the input value is
really the square of the return value.
2002-08-02 14:57:53 +00:00
Bodo Möller
35b73a1f20 Rename implementations of method functions so that they match
the new method names where _GF... suffixes have been removed.

Revert changes to ..._{get/set}_Jprojective_coordinates_...:
The current implementation for ECC over binary fields does not use
projective coordinates, and if it did, it would not use Jacobian
projective coordinates; so it's OK to use the ..._GFp prefix for all
this.

Add author attributions to some files so that it doesn't look
as if Sun wrote all of this :-)
2002-08-02 14:28:37 +00:00
Bodo Möller
9e4f9b36fc typos 2002-08-02 13:52:19 +00:00
Bodo Möller
7793f30e09 add support for elliptic curves over binary fields
Submitted by: Duglas Stebila <douglas.stebila@sun.com>,
              Sheueling Chang <sheueling.chang@sun.com>

(CHANGES entries by Bodo Moeller)
2002-08-02 13:42:24 +00:00
Bodo Möller
1dc920c8de Binary field arithmetic contributed by Sun Microsystems.
The 'OPENSSL_NO_SUN_DIV' default is still subject to change,
so I didn't bother to finish the CHANGES entry yet.

Submitted by: Douglas Stebila <douglas.stebila@sun.com>, Sheueling Chang <sheueling.chang@sun.com>
(CHANGES entry by Bodo Moeller)
2002-08-02 13:03:55 +00:00
Bodo Möller
16dc1cfb5c Add more WAP/WTLS elliptic curve OIDs.
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-02 12:28:34 +00:00
Bodo Möller
5574e0ed41 get rid of OpenSSLDie 2002-08-02 11:48:15 +00:00
Lutz Jänicke
c046fffa16 OpenSSL Security Advisory [30 July 2002]
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
2002-07-30 13:04:04 +00:00
Richard Levitte
f013c7f2a6 Document the recent DJGPP-related changes 2002-07-23 13:45:38 +00:00
Bodo Möller
648765ba2f add an explanation and fix a typo 2002-07-22 08:39:44 +00:00
Lutz Jänicke
c6ccf055ba New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT.
Submitted by:
Reviewed by:
PR: 127
2002-07-19 19:55:34 +00:00
Richard Levitte
041843e47e For those wanting to build for several platforms with the same source
directory, making a separate directory tree with lots of symbolic links
seems to be the solution.  Unfortunately, Configure doesn't take appropriate
steps to support this solution (as in removing a file that's going to be
rewritten).  This change corrects that situation.  Now I just have to
find all other places where there's lack of support for this.
2002-07-16 09:19:37 +00:00
Bodo Möller
5dbd3efce7 Replace 'ecdsaparam' commandline utility by 'ecparam'
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.

Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.

Fix ec_asn1.c (take into account the desired conversion form).

'make update'.

Submitted by: Nils Larsch
2002-07-14 16:54:31 +00:00
Lutz Jänicke
063a8905bf Ciphers with NULL encryption were not properly handled because they were
not covered by the strength bit mask.
Submitted by:
Reviewed by:
PR: 130
2002-07-10 06:41:55 +00:00
Bodo Möller
ea4f109c99 AES cipher suites are now official (RFC3268) 2002-07-04 08:51:09 +00:00
Bodo Möller
76f8a1f51d update an entry on EVP changes 2002-06-26 14:21:16 +00:00
Geoff Thorpe
a6c6874a1a Make sure any ENGINE control commands make local copies of string
pointers passed to them whenever necessary. Otherwise it is possible the
caller may have overwritten (or deallocated) the original string data
when a later ENGINE operation tries to use the stored values.

Submitted by: Götz Babin-Ebell <babinebell@trustcenter.de>
Reviewed by: Geoff Thorpe
PR: 98
2002-06-21 02:38:08 +00:00
Bodo Möller
5f3d6f70f6 Implement handling of EC parameter seeds (new functions
EC_GROUP_set_seed(), EC_GROUP_get0_seed(), EC_GROUP_get_seed_len()).

New functions ECPKParameters_print(), ECPKParameters_print_fp().

Submitted by: Nils Larsch
2002-06-18 08:38:59 +00:00
Bodo Möller
c21506ba02 New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC
vulnerability workaround (included in SSL_OP_ALL).

PR: #90
2002-06-14 12:21:11 +00:00
Lutz Jänicke
e1f7ea25d2 Make change uniqueIdentifier -> x500UniqueIdentifier clearly visible.
Submitted by:
Reviewed by:
PR: 82
2002-06-12 20:46:38 +00:00
Bodo Möller
b8e0e12399 typo 2002-06-12 14:19:01 +00:00
Bodo Möller
254ef80db1 simplify asn1_flag
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
2002-06-12 14:01:17 +00:00
Ben Laurie
d15711efc6 Handle read errors. 2002-06-11 12:41:37 +00:00
Bodo Möller
458c29175e move ECC ASN1 that is not specific to ECDSA into crypto/ec/,
and make some appropriate changes to the EC library.

Submitted by: Nils Larsch
2002-06-10 12:18:21 +00:00
Richard Levitte
fbb56e5b1d Document the AES changes. 2002-05-31 13:16:10 +00:00
Bodo Möller
6cbe638294 New functions EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex(), EC_POINT_hex2point()
Submitted by: Nils Larsch
2002-05-30 13:16:03 +00:00
Bodo Möller
46ffee4792 fix EVP_dsa_sha macro
Submitted by: Nils Larsch
2002-05-16 12:51:18 +00:00
Dr. Stephen Henson
544a2aea4b Zero cipher_data in EVP_CIPHER_CTX_cleanup
Add cleanup calls to evp_test.c

Allow reuse of cipher contexts by removing
automatic cleanup in EVP_*Final().
2002-05-15 18:49:25 +00:00
Dr. Stephen Henson
dc014d43af Fallback to normal multiply if n2 == 8 and dna or dnb is not zero
in bn_mul_recursive.

This is (hopefully) what was triggering bignum errors on 64 bit
platforms and causing the BN_mod_mul test to fail.
2002-05-10 22:18:13 +00:00