Commit graph

325 commits

Author SHA1 Message Date
Dr. Stephen Henson
59a941e4a4 Ensure EVP_CipherInit() uses the correct encode/decode parameter if
enc == -1

[Reported by Markus Friedl <markus@openbsd.org>]

Fix typo in dh_lib.c (use of DSAerr instead of DHerr).
2002-03-16 23:19:25 +00:00
Dr. Stephen Henson
b74dfe6e8e Initialize cipher context in KRB5
("D. Russell" <russelld@aol.net>)

Allow HMAC functions to use an alternative ENGINE.
2002-03-14 18:16:49 +00:00
Bodo Möller
d80f6e0f8c Fixes for 'no-hw' combined with 'no-SOME_CIPHER'.
Fix dsaparam usage output.

Submitted by: Nils Larsch (for 0.9.8-dev; backported to 0.9.7-dev)
2002-03-14 09:53:30 +00:00
Dr. Stephen Henson
c77bd28775 Make ciphers and digests obtain an ENGINE functional reference
if impl is explicitly supplied.
2002-03-09 18:56:38 +00:00
Richard Levitte
1ec1d17e16 VMS addaptation, including a few more long names that needed hacking. 2002-02-28 13:18:47 +00:00
Richard Levitte
421d474332 Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated 2002-02-28 12:44:05 +00:00
Richard Levitte
3d59821134 make update 2002-02-26 14:37:25 +00:00
Dr. Stephen Henson
344b3b5ce1 OPENSSL_LOAD_CONF define as in main trunk 2002-02-23 02:09:29 +00:00
cvs2svn
63dc69fef6 This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_7-stable'.
2002-02-23 01:00:45 +00:00
Dr. Stephen Henson
e84be9b495 New OPENSSL_LOAD_CONF define to load openssl.cnf
when OpenSSL_add_all_algorithms() is called.
2002-02-23 01:00:44 +00:00
Richard Levitte
b0701709c1 Add comfy aliases for AES in CBC mode. 2002-02-20 18:00:23 +00:00
Richard Levitte
5b7848a345 Add comfy aliases for AES in CBC mode. 2002-02-20 17:59:49 +00:00
Richard Levitte
a76a29f233 Merge in recent changes from the main trunk. 2002-02-20 17:53:17 +00:00
Richard Levitte
236be53269 gcc figures that the format specifier %2x means unsigned int, so let's
make n unsigned.
2002-02-20 13:50:36 +00:00
Richard Levitte
3d7ba69a05 The AES modes OFB and CFB are defined with 128 feedback bits. This
deviates from the "standard" 64 bits of feedback that all other
algorithms are using.  Therefore, let's redo certain EVP macros to
accept different amounts of feedback bits for these modes.

Also, change e_aes.c to provide all usually available modes for AES.
CTR isn't included yet.
2002-02-16 12:39:58 +00:00
Richard Levitte
a6cd870784 The AES modes OFB and CFB are defined with 128 feedback bits. This
deviates from the "standard" 64 bits of feedback that all other
algorithms are using.  Therefore, let's redo certain EVP macros to
accept different amounts of feedback bits for these modes.

Also, change e_aes.c to provide all usually available modes for AES.
CTR isn't included yet.
2002-02-16 12:39:07 +00:00
Dr. Stephen Henson
19cc0f0ab4 Only initialize cipher ctx if cipher is not NULL. 2002-02-15 01:01:36 +00:00
Bodo Möller
aa1f5b3581 don't call OPENSSL_config(), this does not make any sense during "make test" 2002-02-14 13:52:11 +00:00
Bodo Möller
6cc3700314 don't call OPENSSL_config(), this does not make any sense during "make test" 2002-02-14 13:51:20 +00:00
Bodo Möller
4d94ae00d5 ECDSA support
Submitted by: Nils Larsch <nla@trustcenter.de>
2002-02-13 18:21:51 +00:00
Richard Levitte
de2f6e4dae 'make update' 2002-02-05 17:34:58 +00:00
Lutz Jänicke
2a81428489 Remove blanks at begin of empty lines irritating epv_test.c 2002-01-26 15:24:38 +00:00
Geoff Thorpe
f1c2a9de45 The 'type' parameter, an EVP_MD pointer, represents the type of digest
required as well as a default implementation (when no ENGINE provides a
replacement implementation). This change makes sure the correct
implementation's "init()" handler is used rather than assuming 'type'.
2002-01-25 03:13:50 +00:00
Richard Levitte
52b66a622d Keep the NIST AES vectors that were there previously. 2002-01-24 18:09:50 +00:00
Richard Levitte
fe19c448f0 make update
libeay.num got tweaked so the old des symbols would retain their
positions.
2002-01-24 12:31:54 +00:00
Richard Levitte
7389c848d4 Use FIPS-197 vectors for AES. The NIST vectors were constructed by
reencrypting or redecrypting the ciphertext 10000 times, which of
course gives higly different results.
2002-01-21 17:55:38 +00:00
Richard Levitte
4d393410f3 Add more of the NIST test vectors for AES.
For some reason, they give incorrect results with the OpenSSL
implementation.  I wonder why...
2002-01-21 16:09:45 +00:00
Ben Laurie
9dd5ae6553 Constification, add config to /dev/crypto. 2002-01-18 16:51:05 +00:00
Bodo Möller
e5d6528a12 fix EVP_CIPHER_mode macro
Submitted by: "Dan S. Camper" <dan@bti.net>
2002-01-04 13:04:45 +00:00
Richard Levitte
6f9079fd50 Because Rijndael is more known as AES, use crypto/aes instead of
crypto/rijndael.  Additionally, I applied the AES integration patch
from Stephen Sprunk <stephen@sprunk.org> and fiddled it to work
properly with the normal EVP constructs (and incidently work the same
way as all other symmetric cipher implementations).

This results in an API that looks a lot like the rest of the OpenSSL
cipher suite.
2002-01-02 16:55:35 +00:00
Richard Levitte
c938563a81 The block size may be something other than 8! 2002-01-02 16:51:17 +00:00
Richard Levitte
40928698bb When RSA or DSA are disabled, do not include the stuff that's specific
to them.
2002-01-02 12:45:51 +00:00
Bodo Möller
4d7072f4b5 remove redundant ERR_load_... declarations 2001-12-17 19:22:23 +00:00
Ben Laurie
ff3fa48fc7 Improve back compatibility. 2001-12-09 21:53:31 +00:00
Dr. Stephen Henson
6a0dec9584 Make EVP_SealInit() return the correct value. 2001-12-01 23:09:38 +00:00
Dr. Stephen Henson
b83eddc578 Win32 fixes. 2001-11-06 13:40:27 +00:00
Richard Levitte
c2e4f17c1a Due to an increasing number of clashes between modern OpenSSL and
libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_.  Compatibility routines are provided and declared by including
openssl/des_old.h.  Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.

The compatibility functions will be removed in some future release, at
the latest in version 1.0.
2001-10-24 21:21:12 +00:00
Dr. Stephen Henson
581f1c8494 Modify EVP cipher behaviour in a similar way
to digests to retain compatibility.
2001-10-17 00:37:12 +00:00
Dr. Stephen Henson
20d2186c87 Retain compatibility of EVP_DigestInit() and EVP_DigestFinal()
with existing code.

Modify library to use digest *_ex() functions.
2001-10-16 01:24:29 +00:00
Richard Levitte
67d0738aba In certain cases, no encoding has been set up for the b64 filter. In
such cases, a flush should *not* attempt to finalise the encoding, as
the EVP_ENCODE_CTX structure will only be filled with garbage.  For
the same reason, do the same check when a wpending is performed.
2001-10-11 19:38:40 +00:00
Richard Levitte
dd5e774664 Add support for md4WithRSAEncryption. 2001-10-10 21:37:45 +00:00
Geoff Thorpe
cf98440178 evp_test.c and evptests.txt both need to be linked in the test/ directory
however for different reasons. This separation should prevent the win32
build from interpreting evptests.txt as source code.
2001-10-09 01:38:31 +00:00
Geoff Thorpe
c500d44735 Change some EVP prototypes to use "cipher" rather than "type" as a variable
name. The implementations already use this anyway.
2001-10-08 17:25:42 +00:00
Geoff Thorpe
18eda73234 EVP_EncryptInit_ex() and EVP_DecryptInit_ex() had been defined in evp.h but
not implemented. (Bug reported by Martin Szotkowski)

This also changes the non-"_ex" versions to defer directly to
EVP_CipherInit_ex() rather than EVP_CipherInit() to avoid an unecessary
level of indirection.
2001-10-08 17:24:10 +00:00
Richard Levitte
f8000b9345 'make update' 2001-10-04 07:49:09 +00:00
Richard Levitte
2aa9043ad3 Because there's chances we clash with the system's types.h, rename our
types.h to ossl_typ.h.
2001-10-04 07:32:46 +00:00
Dr. Stephen Henson
1a095560f7 Use the maximum block length for the extra size in the encrypt
BIO buffer instead of hard coding it as 8.
2001-10-03 12:47:03 +00:00
Dr. Stephen Henson
f329b8d73b Make EVP_DecryptUpdate work again. 2001-10-02 16:19:49 +00:00
Dr. Stephen Henson
de822715b2 Constify EVP_SealInit, EVP_OpenInit 2001-09-28 01:47:36 +00:00
Ben Laurie
0fea7ed4a4 Don't clean up stuff twice. 2001-09-26 15:15:03 +00:00
Geoff Thorpe
11a57c7be5 This changes EVP's cipher and digest code to hook via the ENGINE support.
See crypto/engine/README for details.

- it also removes openbsd_hw.c from the build (that functionality is
  going to be available in the openbsd ENGINE in a upcoming commit)

- evp_test has had the extra initialisation added so it will use (if
  possible) any ENGINEs supporting the algorithms required.
2001-09-25 21:37:02 +00:00
Geoff Thorpe
cb78486d97 This commits changes to various parts of libcrypto required by the recent
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGINE. Previously their use of
"method" pointers was replaced by use of ENGINE references. See
crypto/engine/README for details.

Also, remove the ENGINE iterations from evp_test - even when the
cipher/digest code is committed in, this functionality would require a
different set of API calls.
2001-09-25 20:23:40 +00:00
Dr. Stephen Henson
591ccf586d Fix AES CBC mode EVP_CIPHER structures: the IV length is always
16.
2001-09-25 13:49:58 +00:00
Geoff Thorpe
e059b19ddb Add a SHA1 test to evptests.txt - only the MD5 hash algorithm was being
tested previously.
2001-09-14 18:21:36 +00:00
Geoff Thorpe
997a54c981 'evp_test' needs to initialise and cleanup EVP_CIPHER_CTX structures. Also,
fix a typo and add cleanup operations. This also switches on memory leak
checking (which is how the rest was found).
2001-09-14 18:20:44 +00:00
Bodo Möller
5a85385387 typo 2001-09-10 16:57:06 +00:00
Bodo Möller
5e54b4f364 Get rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case
distinction (which does not work well because if CRYPTO_MDEBUG is
defined at library compile time, it is not necessarily defined at
application compile time; and memory debugging now can be reconfigured
at run-time anyway).  To get the intended semantics, we could just use
the EVP_DigestInit_dbg unconditionally (which uses the caller's
__FILE__ and __LINE__ for memory leak debugging), but this would make
memory debugging inconsistent.  Instead, callers can use
CRYPTO_push_info() to track down memory leaks.
2001-09-10 15:00:30 +00:00
Bodo Möller
5ba372b17c Get rid of hazardous EVP_DigestInit_dbg/EVP_DigestInit case
distinction (which does not work well because if CRYPTO_MDEBUG is
defined at library compile time, it is not necessarily defined at
application compile time; and memory debugging now can be reconfigured
at run-time anyway).  To get the intended semantics, we could just use
the EVP_DigestInit_dbg unconditionally (which uses the caller's
__FILE__ and __LINE__ for memory leak debugging), but this would make
memory debugging inconsistent.  Instead, callers can use
CRYPTO_push_info() to track down memory leaks.

Also fix indentation, and add OpenSSL copyright.
2001-09-10 14:59:17 +00:00
Ben Laurie
e8330cf5ac Add a cleanup function for MDs. 2001-09-07 12:03:24 +00:00
Geoff Thorpe
e815d3015e Change DH_up() -> DH_up_ref() 2001-09-05 17:02:35 +00:00
Ulf Möller
5b46eee0f5 strsep implementation to allow the file to compile on non-BSD systems
Submitted by: "Brian Havard" <brianh@kheldar.apana.org.au>
2001-09-04 22:19:06 +00:00
Bodo Möller
6ac4e8bd6e Rename recently introduced functions for improved code clarity:
[DR]SA_up  =>  [DR]SA_up_ref
2001-09-03 13:40:07 +00:00
Bodo Möller
931a23a5a5 rearrange #includes because trying to include <crypto/cryptodev.h>
is a bad idea if OPENSSL_OPENBSD_DEV_CRYPTO is not defined
2001-09-03 12:37:13 +00:00
Ben Laurie
2618893114 Make MD functions take EVP_MD_CTX * instead of void *, add copy() function. 2001-09-02 20:05:27 +00:00
Geoff Thorpe
e19ea55783 Only OPENSSL_free() non-NULL pointers. 2001-09-01 18:37:17 +00:00
Ulf Möller
8716dbea40 undo, didn't work 2001-09-01 05:59:27 +00:00
Ulf Möller
e9bc66c84f *** empty log message *** 2001-09-01 05:30:45 +00:00
Ulf Möller
c078798c60 strsep implementation to allow the file to compile on non-BSD systems
Submitted by: "Brian Havard" <brianh@kheldar.apana.org.au>
2001-09-01 05:05:32 +00:00
Ben Laurie
1f3b65801b Fix SSL memory leak. 2001-08-28 13:45:41 +00:00
Ben Laurie
4897dc4056 Test digests. 2001-08-26 17:09:31 +00:00
Ben Laurie
35e33f0e52 Add digests. 2001-08-26 17:09:00 +00:00
Geoff Thorpe
78435364ec Changes crypto/evp/ and ssl/ code from directly incrementing reference
counts in DH, DSA, and RSA structures. Instead they use the new "***_up()"
functions that handle this.
2001-08-25 17:28:23 +00:00
Ben Laurie
c41ab9ade5 More tests. 2001-08-22 16:09:57 +00:00
Ben Laurie
82b2230527 Add RC4 support to OpenBSD. 2001-08-18 16:04:36 +00:00
Ben Laurie
a8a004987c Add AES tests. 2001-08-18 16:02:52 +00:00
Ben Laurie
0e36019977 Add EVP test program. 2001-08-18 13:53:01 +00:00
Ben Laurie
354c3ace73 Add first cut symmetric crypto support. 2001-08-18 10:22:54 +00:00
Ben Laurie
f0446ca8d7 Move CIPHER_CTX cleanups to _Final routines instead of _Init, which avoids
problems with leaks and uninitialised structures.
2001-08-11 11:32:54 +00:00
Bodo Möller
e51d1321fc More typedef'd struct names as search targets 2001-08-06 11:57:08 +00:00
Bodo Möller
b9fdb3eb99 Reinsert typedef'ed names for structs to help those trying to read the
sourcecode (including fgrep)
2001-08-06 11:49:31 +00:00
Ben Laurie
d66ace9da5 Start to reduce some of the header bloat. 2001-08-05 18:02:16 +00:00
Ben Laurie
db75357110 Fix memory leak. 2001-08-05 16:13:49 +00:00
Ben Laurie
0713f8abe6 Parameter correction for CIOFSESSION. 2001-08-04 12:16:56 +00:00
Ben Laurie
93d9121a77 Remove extra whitespace. Sorry. 2001-08-03 21:09:21 +00:00
Ben Laurie
92dad6cc84 Reinstate accidentally deleted code. 2001-08-03 19:00:43 +00:00
Ben Laurie
61454a9f8c Get rid of the stuff we, err, got rid of. 2001-08-03 18:52:50 +00:00
Ben Laurie
bb2297a41d Header bloat reduction for EVP_PKEY. 2001-08-03 18:48:35 +00:00
Ben Laurie
1ba01caaa3 Make /dev/crypto work with new EVP structures. 2001-08-03 11:54:37 +00:00
Richard Levitte
710e5d5639 make update 2001-07-31 17:07:24 +00:00
Richard Levitte
dbfc0f8c2b Vade retro C++ comments!
(Latin for "comments", anyone?)
2001-07-31 09:15:52 +00:00
Ben Laurie
05bbf78afd Remove //. 2001-07-31 06:47:23 +00:00
Ben Laurie
dbad169019 Really add the EVP and all of the DES changes. 2001-07-30 23:57:25 +00:00
Ben Laurie
0e06354402 ANSIfication. 2001-07-30 15:33:46 +00:00
Dr. Stephen Henson
dc706cd35f Make sure *outl is always initialized in EVP_EncryptUpdate(). 2001-07-27 02:24:47 +00:00
Richard Levitte
47c3448a97 Not all platforms have the OpenBSD crypto device. 2001-07-21 11:54:24 +00:00
Ben Laurie
c518ade1fd Clean up EVP macros, rename DES EDE3 modes correctly, temporary support for
OpenBSD /dev/crypto (this will be revamped later when the appropriate machinery
is available).
2001-07-21 10:24:07 +00:00
Ben Laurie
c148d70978 A better compromise between encrypt and decrypt (but why isn't it as fast
for encrypt?).
2001-07-09 21:00:36 +00:00
Ben Laurie
7b6055d1af Handle the common case first (where input size is a multiple of block size).
Worth around 5% for encrypt. Slows down decrypt slightly, but I expect to
regain that later.
2001-07-08 19:42:10 +00:00
Ben Laurie
f31b12503e Use & instead of % - worth about 4% for 8 byte blocks. 2001-07-08 17:27:32 +00:00
Dr. Stephen Henson
323f289c48 Change all calls to low level digest routines in the library and
applications to use EVP. Add missing calls to HMAC_cleanup() and
don't assume HMAC_CTX can be copied using memcpy().

Note: this is almost identical to the patch submitted to openssl-dev
by Verdon Walker <VWalker@novell.com> except some redundant
EVP_add_digest_()/EVP_cleanup() calls were removed and some changes
made to avoid compiler warnings.
2001-06-19 22:30:40 +00:00