cast their type-specific STACK into a real STACK and call the underlying
sk_*** function. The problem is that if the STACK_OF(..) parameter being
passed in has a "const *" qualifier, it is discarded by the cast.
I'm currently implementing a fix for this but in the mean-time, this is
one case I noticed (a few type-specific sk_**_num() functions pass in
const type-specific stacks). If there are other errors in the code where
consts are being discarded, we will similarly not notice them. yuck.
Change EVP_SealInit() and EVP_OpenInit() to
handle cipher parameters.
Make it possible to set RC2 and RC5 params.
Make RC2 ASN1 code use the effective key bits
and not the key length.
TODO: document how new API works.
Declare ciphers in terms of macros. This reduces
the amount of code and places each block cipher EVP
definition in a single file instead of being spread
over 4 files.
Declare ciphers in terms of macros. This reduces
the amount of code and places each block cipher EVP
definition in a single file instead of being spread
over 4 files.
original idea of "handle" was that it represented a functional reference
to an ENGINE (rather than just a pointer), but on reflection I think
this now looks a little more readable.
There's no trace of it being implemented and it doesn't seem to have been
intended given that it is prototyped with a BIO yet there was a BIO-
specific version added in at the same time.
already been done for RSA. The others (DSA + RAND) will probably follow
in the near future too, but DH is easiest to test with RSA because one
can just force the use of the EDH cipher-suites.
than (RSA_METHOD *) required a couple of functions to change shape. I
didn't really pick the best shape to change RSA_set_method into though. :-)
There's nothing really appropriate to return from RSA_set_method; the
temptation to return an "old handle" fails when you consider that the
caller might ignore the return value and so botch up the reference
counting, this wasn't an issue before because there was no reference
counting.
Change functions like EVP_EncryptUpdate() so they now return a
value. These normally have software only implementations
which cannot fail so this was acceptable. However ciphers
can be implemented in hardware and these could return errors.
enhance and tidy up the EVP interface.
This patch adds initial support for variable length ciphers
and changes S/MIME code to use this.
Some other library functions need modifying to support use
of modified cipher parameters.
Also need to change all the cipher functions that should
return error codes, but currenly don't.
And of course it needs extensive testing...
This was a bad idea in the first place, in particular it would have made
it trickier to implement error-handling, particularly when shutting down
third-party shared libraries etc.
patches that Geoff had in a patch file in his play directory.
NOTE for openssl-cvs: THIS IS A CVS BRANCH (BRANCH_engine). IT IS
NOT FOR THE FAINTHEARTED TO PLAY WITH. The code works as it is, but
it's not at all sure it ends up in the OpenSSL distributio in this
form, so do not get dependent on it!
Those rsyncing the repository are considered warned!
