Commit graph

187 commits

Author SHA1 Message Date
Nils Larsch
e2f0d879b1 fix typo in sbgp names
PR: 1194
2005-09-02 21:22:08 +00:00
Dr. Stephen Henson
15d95d5f92 OID database had a NULL entry for NID 666. Add a real OID in its place. 2005-06-22 17:24:32 +00:00
Andy Polyakov
4b27a9feb3 Backport SHA-[224|256|384|512] from HEAD to FIPS. 2005-05-07 17:21:34 +00:00
Dr. Stephen Henson
342b7e0458 Rebuild error codes. 2005-04-12 13:47:58 +00:00
Richard Levitte
93aeac64ce Merge RFC3820 source into mainstream 0.9.7-stable. 2005-04-11 15:03:37 +00:00
Richard Levitte
9addd9b6fb Add emacs cache files to .cvsignore. 2005-04-11 14:18:14 +00:00
Andy Polyakov
2cf68c0b1a Avoid re-build avalanches with HP-UX make. 2005-03-12 09:13:15 +00:00
Richard Levitte
37ece6156a make update 2004-12-13 22:48:01 +00:00
Dr. Stephen Henson
da8534693c Add lots of checks for memory allocation failure, error codes to indicate
failure and freeing up memory if a failure occurs.

PR:620
2004-12-05 01:04:44 +00:00
Dr. Stephen Henson
2e1366366e Add two OIDs, make update 2004-12-01 17:55:07 +00:00
Richard Levitte
a2617f727d Don't use $(EXHEADER) directly in for loops, as most shells will break
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:53:31 +00:00
Ben Laurie
3642f632d3 Pull FIPS back into stable. 2004-05-11 12:46:24 +00:00
Richard Levitte
faa9c5cbdc Fix Perl problems on sparc64.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:13:16 +00:00
Richard Levitte
cc056d6395 Use sh explicitely to run point.sh
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:00:24 +00:00
Richard Levitte
394178c94c Use BUF_strlcpy() instead of strcpy().
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:40:57 +00:00
Richard Levitte
4ed9388e5d A new branch for FIPS-related changes has been created with the name
OpenSSL-fips-0_9_7-stable.

Since the 0.9.7-stable branch is supposed to be in freeze and should
only contain bug corrections, this change removes the FIPS changes
from that branch.
2003-08-11 09:37:17 +00:00
Dr. Stephen Henson
6b063f32d9 Make the EFB NIDs have empty OIDs aliased to the real EFB OID. 2003-08-01 17:06:48 +00:00
Ben Laurie
c5f070d5d5 Whoops, forgot FIPS DES, also add EVPs for DES CFB1 and 8. 2003-07-30 18:30:18 +00:00
Ben Laurie
f3b2ea53e2 AES CFB8. 2003-07-29 17:05:16 +00:00
Ben Laurie
c473d53898 The rest of the keysizes for CFB1, working AES AVS test for CFB1. 2003-07-29 13:24:27 +00:00
Ben Laurie
e2ced802b4 Add support for partial CFB modes, make tests work, update dependencies. 2003-07-28 15:08:00 +00:00
Bodo Möller
5da8738fea "!Cname surname" has now become redundant ... 2003-01-13 15:55:52 +00:00
Bodo Möller
f9f6c92c52 undo part of a recent change: it's "surname", not "surName"
(see X.520 aka ISO/IEC 9594-6)
2003-01-13 15:51:33 +00:00
Richard Levitte
2ef9e7efe6 Keep the internal lowercase 'surname', for programmer's sake. 2002-12-20 09:39:42 +00:00
Richard Levitte
449598e723 Be consistent with capitalisation of object names. 2002-12-20 09:24:24 +00:00
Richard Levitte
5201cb5acb Be consistent with capitalisation of object names. 2002-12-20 09:18:21 +00:00
Richard Levitte
af3ec1e24e make update 2002-11-15 11:22:25 +00:00
Richard Levitte
f275683ae8 A few more Microsoft OIDs added 2002-11-15 11:18:22 +00:00
Ben Laurie
9831d941ca Many security improvements (CHATS) and a warning fix. 2002-11-12 13:23:40 +00:00
Richard Levitte
ff90d659e6 Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:21:33 +00:00
Dr. Stephen Henson
f84acec8ea Fix typo in OBJ_txt2obj which incorrectly passed the content
length, instead of the encoding length to d2i_ASN1_OBJECT.

This wasn't visible before becuse ASN1_get_object() used
to read past the length of the supplied buffer.
2002-08-14 00:50:35 +00:00
Lutz Jänicke
bca9dc2a51 OpenSSL Security Advisory [30 July 2002]
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Submitted by:
Reviewed by:
PR:
2002-07-30 11:21:19 +00:00
Richard Levitte
ca55c617e5 Pass CFLAG to dependency makers, so non-standard system include paths are
handled properly.
Part of PR 75
2002-06-27 16:44:52 +00:00
Lutz Jänicke
5cfd3419c6 Add OIDs for Secure Electronic Transactions (SET)
Submitted by: Vadim Fedukovich <vf@unity.net>
Reviewed by: Lutz Jaenicke
PR: 80
2002-06-13 11:51:31 +00:00
Lutz Jänicke
3b66e34e74 Make sure that settings are passed back and forth when walking around
in the tree during build.
Reinstall default PERL settings in Makefiles, as the real reason for the
failure was that the settings were not passed.
Submitted by:
Reviewed by:
PR:
2002-06-06 10:14:16 +00:00
Lutz Jänicke
2250f475fc New OID for X509 usage: pseudonym
Submitted by: Michael Bell <michael.bell@rz.hu-berlin.de>
Reviewed by: Lutz Jaenicke
PR: 83
2002-06-06 07:30:45 +00:00
Lutz Jänicke
5795665a7d The correct PERL interpreter is passed via commandline.
Submitted by:
Reviewed by:
PR:
2002-06-05 07:01:39 +00:00
Richard Levitte
c4ac954c59 Check the return values where memory allocation failures may happen.
PR: 49
2002-05-30 16:50:38 +00:00
Lutz Jänicke
4cea95a547 Added generationQualifier OID (proposed by Fiel Cabral).
Submitted by:
Reviewed by:
PR:
2002-04-25 18:00:13 +00:00
Lutz Jänicke
365c6e4661 Optimize: better shortcut evaluation ("Howard Chu" <hyc@highlandsun.com>).
Submitted by:
Reviewed by:
PR:
2002-04-18 11:53:35 +00:00
Lutz Jänicke
e9caaa4ad9 Use the "mail" short name according to RFC2798 (Michael Bell
<michael.bell@rz.hu-berlin.de>).
Submitted by:
Reviewed by:
PR:
2002-04-15 13:28:53 +00:00
Lutz Jänicke
a6198b9ed1 Some more OID enhancements.
Submitted by:
Reviewed by:
PR:
2002-04-15 10:38:37 +00:00
Richard Levitte
7b907f0bb5 Check error code from a2d_ASN1_OBJECT(). 2002-04-11 22:14:10 +00:00
Richard Levitte
248252682c make update 2002-04-06 19:15:27 +00:00
Lutz Jänicke
ce34d0ac09 Fix buggy object definitions (Svenning Sorensen <sss@sss.dnsalias.net>).
Submitted by:
Reviewed by:
PR:
2002-04-04 17:49:39 +00:00
Lutz Jänicke
75b9c0044c Make short names of objects RFC2256-compliant.
Submitted by:
Reviewed by:
PR:
2002-03-26 17:15:32 +00:00
Richard Levitte
ab519c8262 Adjust the NID names for the AES modes OFB and CFB to contain the number
of feedback bits
2002-02-16 12:16:43 +00:00
Bodo Möller
4d7072f4b5 remove redundant ERR_load_... declarations 2001-12-17 19:22:23 +00:00
Richard Levitte
d4704d5245 UID was never a lable for uniqueIdentifier. However, LDAP and certain
RFCs concerning X.500 directories use UID as a shorter name for the
attribute type userId, which is defined by CCITT and available through
RFCs 1274 and 2247.

Unfortunately, if some applications have used the name "UID" for the
uniqueIdentifier attribute type, they will produce incorrect results.
However, I found it better to follow the standards that are out there
rather than having our own incompatible one.
2001-12-04 11:01:17 +00:00
Bodo Möller
c3fbf5d9a8 Fix: 2.5.29 is "id-ce", not "ld-ce" (sort of a typo in objects.h).
Fix (?): Delete 'ip-pda 6' (id-pda-pseudonym) because it does not exist
in RFC 3039.

Also change Perl scripts to put auto-generation warning in the
first lines of the file.
2001-12-03 13:47:22 +00:00