Commit graph

435 commits

Author SHA1 Message Date
Ben Laurie
b5855b2f32 Add prototypes. 2005-04-22 23:57:46 +00:00
Richard Levitte
7c671508bd Avoid compiler complaint about mismatched function signatures
(void * != RSA *)
2005-04-20 10:02:16 +00:00
Dr. Stephen Henson
29dc350813 Rebuild error codes. 2005-04-12 16:15:22 +00:00
Richard Levitte
4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Nils Larsch
70f34a5841 some const fixes and cleanup 2005-04-05 10:29:43 +00:00
Ben Laurie
73705abc34 If input is bad, we still need to clear the buffer. 2005-04-03 16:38:22 +00:00
Ben Laurie
41a15c4f0f Give everything prototypes (well, everything that's actually used). 2005-03-31 09:26:39 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Nils Larsch
41e455bfc4 test, remove unnecessary const cast 2005-03-22 17:55:18 +00:00
Bodo Möller
9f6715d4bb "make depend". This takes into account the algorithms that are now
disabled by default (MDC2 and RC5), which until now were skipped
by "make links" and yet supposedly required by some of the Makefiles,
meaning that the recent snapshots failed to compile.

Problem reported by Nils Larsch.
2005-03-13 19:49:47 +00:00
Dr. Stephen Henson
a0e7c8eede Add lots of checks for memory allocation failure, error codes to indicate
failure and freeing up memory if a failure occurs.

PR:620
2004-12-05 01:03:15 +00:00
Richard Levitte
a2ac429da2 Don't use $(EXHEADER) directly in for loops, as most shells will break
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Andy Polyakov
2b247cf81f OPENSSL_ia32cap final touches. Note that OPENSSL_ia32cap is no longer a
symbol, but a macro expanded as (*(OPENSSL_ia32cap_loc())). The latter
is the only one to be exported to application.
2004-08-29 16:36:05 +00:00
Andy Polyakov
746fc2526f Fix compiler warnings in crypto/evp/bio_ok.c as pointed out by Geoff. 2004-08-29 16:19:27 +00:00
Dr. Stephen Henson
c128bb0fa2 Don't ignore return value of EVP_DigestInit_ex() in md BIOs and dgst utility. 2004-08-05 18:09:50 +00:00
Andy Polyakov
14e21f863a Add framework for yet another assembler module dubbed "cpuid." Idea
is to have a placeholder to small routines, which can be written only
in assembler. In IA-32 case this includes processor capability
identification and access to Time-Stamp Counter. As discussed earlier
OPENSSL_ia32cap is introduced to control recently added SSE2 code
pathes (see docs/crypto/OPENSSL_ia32cap.pod). For the moment the
code is operational on ELF platforms only. I haven't checked it yet,
but I have all reasons to believe that Windows build should fail to
link too. I'll be looking into it shortly...
2004-07-26 20:18:55 +00:00
Andy Polyakov
0f71b77d5c Make bio_ok.c Microsoft compiler savvy. 2004-07-25 20:13:30 +00:00
Andy Polyakov
3205db2bfe Make bio_ok.c 64-bit savvy. 2004-07-25 19:37:41 +00:00
Richard Levitte
5906e8d5fe I think it could be a good thing to know what went wrong with the tests... 2004-07-12 12:25:54 +00:00
Dr. Stephen Henson
c39c32dd65 PKCS#8 fixes from stable branch. 2004-07-04 16:44:52 +00:00
Andy Polyakov
31c2ac1cdc EVP bindings to new SHA algorithms. 2004-05-31 13:14:08 +00:00
Geoff Thorpe
9c52d2cc75 After the latest round of header-hacking, regenerate the dependencies in
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
2004-05-17 19:26:06 +00:00
Geoff Thorpe
0f814687b9 Deprecate the recursive includes of bn.h from various API headers (asn1.h,
dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are
already declared in ossl_typ.h. Add explicit includes for bn.h in those C
files that need access to structure internals or API functions+macros.
2004-05-17 19:14:22 +00:00
Geoff Thorpe
7771b6c5b5 This file implements various functions that have since been redefined as
macros. I'm removing this from the NO_DEPRECATED build.
2004-05-15 18:26:15 +00:00
Andy Polyakov
9e0aad9fd6 size_t-fication of message digest APIs. We should size_t-fy more APIs... 2004-05-15 11:29:55 +00:00
Richard Levitte
1c7a0e2856 Reimplement old functions, so older software that link to libcrypto
don't crash and burn.
2004-05-14 17:56:30 +00:00
Geoff Thorpe
c57bc2dc51 make update 2004-04-19 18:33:41 +00:00
Geoff Thorpe
60a938c6bc (oops) Apologies all, that last header-cleanup commit was from the wrong
tree. This further reduces header interdependencies, and makes some
associated cleanups.
2004-04-19 18:09:28 +00:00
Geoff Thorpe
3a87a9b9db Reduce header interdependencies, initially in engine.h (the rest of the
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
2004-04-19 17:46:04 +00:00
Richard Levitte
ab23d5ffda Add symbol hacks for some long names.
make update
2004-03-29 08:13:49 +00:00
Dr. Stephen Henson
216659eb87 Enhance EVP code to generate random symmetric keys of the
appropriate form, for example correct DES parity.

Update S/MIME code and EVP_SealInit to use new functions.

PR: 700
2004-03-28 17:38:00 +00:00
Richard Levitte
875a644a90 Constify d2i, s2i, c2i and r2i functions and other associated
functions and macros.

This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const.  Those will be removed when this change has been
properly reviewed.
2004-03-15 23:15:26 +00:00
Dr. Stephen Henson
d4575825f1 Add flag to avoid continuous
memory allocate when calling EVP_MD_CTX_copy_ex().

Without this HMAC is several times slower than
< 0.9.7.
2004-02-01 13:39:51 +00:00
Richard Levitte
8d1ebe0bd1 Add the missing parts for DES CFB1 and CFB8.
Add the corresponding AES parts while I'm at it.
make update
2004-01-28 19:05:35 +00:00
Andy Polyakov
8c6336b0aa CFB DES sync-up with FIPS branch. 2004-01-27 21:47:35 +00:00
Richard Levitte
112341031b Correct documentation typos.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 15:04:54 +00:00
Richard Levitte
79b42e7654 Use sh explicitely to run point.sh
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:59:07 +00:00
Richard Levitte
d420ac2c7d Use BUF_strlcpy() instead of strcpy().
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:40:17 +00:00
Richard Levitte
2fe9ab8e20 It was pointed out to me that if the requested size is 0, we shouldn't
ty to allocate anything at all.  This will allow eNULL to still work.

PR: 751
Notified by: Lutz Jaenicke
2003-12-01 13:25:37 +00:00
Richard Levitte
1145e03870 Check that OPENSSL_malloc() really returned some memory.
PR: 751
Notified by: meder@mcs.anl.gov
Reviewed by: Lutz Jaenicke, Richard Levitte
2003-12-01 12:11:55 +00:00
Geoff Thorpe
2754597013 A general spring-cleaning (in autumn) to fix up signed/unsigned warnings.
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
2003-10-29 20:24:15 +00:00
Richard Levitte
5b6e7c8c65 Inclusion of openssl/engine.h should always be wrapped with a check that
OPENSSL_NO_ENGINE is not defined.
2003-08-04 10:12:36 +00:00
Bodo Möller
ada0e717fa new function EC_GROUP_cmp() (used by EVP_PKEY_cmp())
Submitted by: Nils Larsch
2003-07-21 13:43:28 +00:00
Richard Levitte
eb3d68c454 Nils Larsch told me I could remove that variable entirely. 2003-06-26 11:52:23 +00:00
Richard Levitte
d55141ed7a "Remove" unused variable 2003-06-26 10:23:00 +00:00
Bodo Möller
0fbffe7a71 implement PKCS #8 / SEC1 private key format for ECC
Submitted by: Nils Larsch
2003-06-25 21:35:05 +00:00
Richard Levitte
d1465bac90 make update 2003-05-01 04:10:32 +00:00
Richard Levitte
1a0c1f9052 make update 2003-04-10 20:11:09 +00:00
Richard Levitte
43eb3b0130 We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form
of unneeded includes of openssl/engine.h.
2003-04-08 06:00:05 +00:00
Richard Levitte
7b36590b17 What was I smoking? EVP_PKEY_cmp() should return with 0 if
EVP_PKEY_cmp_parameters() returned 0, otherwise it should
go on processing the public key component.  Thia has nothing
to do with the proper handling of EC parameters or not.
2003-04-07 10:15:32 +00:00
Richard Levitte
a8b728445c Correct a typo.
Have EVP_PKEY_cmp() call EVP_PKEY_cmp_parameters(), and make a note
about the lack of parameter comparison for EC.
2003-04-07 10:09:44 +00:00
Richard Levitte
af0f0f3e8f Constify 2003-04-06 15:31:18 +00:00
Richard Levitte
8d570498a2 Do not call ENGINE_setup_bsd_cryptodev() when OPENSSL_NO_ENGINE is defined.
PR: 564
2003-04-05 21:21:26 +00:00
Richard Levitte
e6526fbf4d Add functionality to help making self-signed certificate. 2003-04-03 22:27:24 +00:00
Richard Levitte
be9bec9bc7 Make sure we get the definition of OPENSSL_NO_RSA. 2003-03-20 23:34:28 +00:00
Richard Levitte
9c35452842 Make sure we get the definition of OPENSSL_NO_HMAC and OPENSSL_NO_SHA. 2003-03-20 23:34:08 +00:00
Richard Levitte
69104cdf34 Make sure we get the definition of OPENSSL_NO_SHA. 2003-03-20 23:32:16 +00:00
Richard Levitte
dfefdb41f7 Make sure we get the definition of OPENSSL_NO_RIPEMD. 2003-03-20 23:31:56 +00:00
Richard Levitte
cd6ab56da0 Make sure we get the definition of OPENSSL_NO_MDC2. 2003-03-20 23:31:44 +00:00
Richard Levitte
c988c9b839 Make sure we get the definition of OPENSSL_NO_MD5. 2003-03-20 23:31:34 +00:00
Richard Levitte
bff8e1dddb Make sure we get the definition of OPENSSL_NO_MD4. 2003-03-20 23:31:24 +00:00
Richard Levitte
641e6ef2cb Make sure we get the definition of OPENSSL_NO_MD2. 2003-03-20 23:30:04 +00:00
Richard Levitte
9e9e8cb6a8 Make sure we get the definition of OPENSSL_NO_DES. 2003-03-20 23:29:38 +00:00
Richard Levitte
f118514501 Make sure we get the definition of OPENSSL_NO_RC5. 2003-03-20 23:29:26 +00:00
Richard Levitte
39c4b7092c Make sure we get the definition of OPENSSL_NO_RC4. 2003-03-20 23:29:17 +00:00
Richard Levitte
c7e7fc3ee4 Make sure we get the definition of OPENSSL_NO_RC2. 2003-03-20 23:29:06 +00:00
Richard Levitte
786b0075d5 Make sure we get the definition of OPENSSL_NO_IDEA. 2003-03-20 23:28:55 +00:00
Richard Levitte
fb10590910 Make sure we get the definition of OPENSSL_NO_CAST. 2003-03-20 23:28:27 +00:00
Richard Levitte
abf21308d2 Make sure we get the definition of OPENSSL_NO_BF. 2003-03-20 23:28:16 +00:00
Richard Levitte
8c84b677e2 Make sure we get the definition of OPENSSL_NO_AES. 2003-03-20 23:28:03 +00:00
Dr. Stephen Henson
90e8a3102b Fixes for EVP_DigestInit_ex() and OPENSSL_NO_ENGINE. 2003-03-12 02:31:40 +00:00
Dr. Stephen Henson
b8dc9693a7 Encryption BIOs misbehave when used with non blocking I/O.
Two fixes:

1. If BIO_write() fails inside enc_write() it should return the
   total number of bytes successfully written.

2. If BIO_write() fails during BIO_flush() it should return immediately
   with the error code: previously it would fall through to the final
   encrypt, corrupting the buffer.
2003-02-27 14:07:59 +00:00
Bodo Möller
5c9a9c9c33 include OpenSSL license (in addition to EAY license) 2003-02-24 17:15:28 +00:00
Ulf Möller
b4f43344d5 Copy rather than symlink the test data.
This is needed because Windows doesn't support symlinks.

The Cygwin/MinGW build now passes "make test".
2003-02-22 22:19:48 +00:00
Dr. Stephen Henson
5562cfaca4 Base64 bio fixes. The base64 bio was seriously broken
when reading from a non blocking BIO.

It would incorrectly interpret retries as EOF, incorrectly
buffer initial data and have no buffering at all after initial
data (data would be sent one byte at a time to EVP_DecodeUpdate).
2003-02-22 02:12:52 +00:00
Dr. Stephen Henson
5672e3a321 Fix bug in base64 bios during write an non blocking I/O:
if the write fails when flushing the buffer return the
value to the application so it can retry.
2003-02-20 13:37:48 +00:00
Bodo Möller
37c660ff9b implement fast point multiplication with precomputation
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
2003-02-06 19:25:12 +00:00
Ben Laurie
33cc07f79a Fix warning. 2003-02-01 20:55:29 +00:00
Richard Levitte
5fe11c7533 The OPENSSL_NO_ENGINE has small problem: it changes certain structures. That's
bad, so let's not check OPENSSL_NO_ENGINE in those places.  Fortunately, all
the header files where the problem existed include ossl_typ.h, which makes
a 'forward declaration' of the ENGINE type.
2003-01-30 18:52:46 +00:00
Richard Levitte
0b13e9f055 Add the possibility to build without the ENGINE framework.
PR: 287
2003-01-30 17:39:26 +00:00
Dr. Stephen Henson
59ae8c9419 EVP_DecryptInit() should call EVP_CipherInit() not EVP_CipherInit_ex(). 2003-01-17 00:48:47 +00:00
Richard Levitte
c00cee00fd FreeBSD has /dev/crypto as well.
PR: 462
2003-01-16 18:29:30 +00:00
Richard Levitte
5e42f9ab46 make update 2002-12-29 01:38:15 +00:00
Richard Levitte
7acf00a633 Finally get rid of all the algorithm inclusions that were done from
evp.h.

Application authors BEWARE!  If you have had the habit to count on
evp.h to provide all those lower-level algorithm functions, you need
to think again!  Please change your programs NOW, or you will be sorry
when 0.9.8 gets release (it's quite some time away...).
2002-12-29 01:37:35 +00:00
Richard Levitte
3dda0dd2a2 Some compilers are quite picky about non-void functions that don't return
anything.
2002-12-06 08:50:06 +00:00
Richard Levitte
848f735ae4 EXIT() needs to be in a function that returns int. 2002-12-01 01:23:35 +00:00
Richard Levitte
43d601641f A few more memset()s converted to OPENSSL_cleanse().
I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343
2002-11-29 11:30:45 +00:00
Richard Levitte
55f78baf32 Have all tests use EXIT() to exit rather than exit(), since the latter doesn't
always give the expected result on some platforms.
2002-11-28 18:54:30 +00:00
Richard Levitte
4579924b7e Cleanse memory using the new OPENSSL_cleanse() function.
I've covered all the memset()s I felt safe modifying, but may have missed some.
2002-11-28 08:04:36 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Bodo Möller
8ee4845b65 'broken' PKCS #8 format does not apply to ECDSA
Submitted by: Nils Larsch
2002-10-28 14:13:38 +00:00
Richard Levitte
001ab3abad Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:25:12 +00:00
Richard Levitte
293d5082c7 The OpenBSD project has replaced the first implementation of the /dev/crypto
engine with something they claim is better.  I have nothing to compare to,
and I assume they know what they're talking about.  The interesting part with
this one is that it's loaded by default on OpenBSD systems.
This change was originally introduced in OpenBSD's tracking of OpenSSL.
2002-10-02 00:19:33 +00:00
Bodo Möller
64376cd8ff 'EC' vs. 'ECDSA'
Submitted by: Nils Larsch
2002-08-16 11:19:07 +00:00
Dr. Stephen Henson
3f6db7f518 Fix block_size field for CFB and OFB modes: it should be 1. 2002-08-16 01:53:24 +00:00
Bodo Möller
5488bb6197 get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)
Submitted by: Nils Larsch
2002-08-12 08:47:41 +00:00
Bodo Möller
74cc4903ef make update 2002-08-09 12:16:15 +00:00
Bodo Möller
14a7cfb32a use a generic EC_KEY structure (EC keys are not ECDSA specific)
Submitted by: Nils Larsch
2002-08-07 10:49:54 +00:00
Lutz Jänicke
3aecef7697 "make update" 2002-07-30 12:44:33 +00:00
Bodo Möller
5dbd3efce7 Replace 'ecdsaparam' commandline utility by 'ecparam'
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.

Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.

Fix ec_asn1.c (take into account the desired conversion form).

'make update'.

Submitted by: Nils Larsch
2002-07-14 16:54:31 +00:00