wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5322 commits 20 branches 302 tags 153 MiB
Commit graph

2592 commits

Author SHA1 Message Date
Bodo Möller
56939728b7 ECDH engine support 
Submitted by: Douglas Stebila
 2002-08-09 09:39:11 +00:00
Bodo Möller
e172d60ddb Add ECDH support. 
Additional changes:
 - use EC_GROUP_get_degree() in apps/req.c
 - add ECDSA and ECDH to apps/speed.c
 - adds support for EC curves over binary fields to ECDSA
 - new function EC_KEY_up_ref() in crypto/ec/ec_key.c
 - reorganize crypto/ecdsa/ecdsatest.c
 - add engine support for ECDH
 - fix a few bugs in ECDSA engine support

Submitted by: Douglas Stebila <douglas.stebila@sun.com>
 2002-08-09 08:43:04 +00:00
Bodo Möller
14a7cfb32a use a generic EC_KEY structure (EC keys are not ECDSA specific) 
Submitted by: Nils Larsch
 2002-08-07 10:49:54 +00:00
Bodo Möller
7a8645d171 avoid SIGSEGV 
Submitted by: Nils Larsch, Douglas Stebila
 2002-08-07 07:53:47 +00:00
Bodo Möller
d28735a05b oops, undo previous change (was just for testing) 2002-08-03 18:28:34 +00:00
Bodo Möller
183847747a fix bn_expand2 2002-08-03 18:27:47 +00:00
Bodo Möller
bac6012308 use bn_wexpand instead of bn_expand2 (the latter is not needed here, 
and it does not yet work correctly)

Submitted by: Douglas Stebila
 2002-08-03 17:51:29 +00:00
Dr. Stephen Henson
aaa384ca1a Fix typo 2002-08-02 18:58:33 +00:00
Dr. Stephen Henson
f908226898 Fix the ASN1 sanity check: correct header length 
calculation and check overflow against LONG_MAX.
 2002-08-02 18:48:55 +00:00
Bodo Möller
909abce800 disable Sun divison algorithm by default 2002-08-02 18:26:02 +00:00
Bodo Möller
33d4e690cc fix bn_expand2 2002-08-02 18:23:55 +00:00
Bodo Möller
848c849584 optical changes 2002-08-02 17:25:05 +00:00
Bodo Möller
102c8f47bf typo 2002-08-02 15:28:31 +00:00
Bodo Möller
d3bcbba45c remove obsolete part of comment 2002-08-02 15:13:10 +00:00
Bodo Möller
0903e56196 remove obsoleted disabled code 2002-08-02 15:07:08 +00:00
Bodo Möller
95ecacf8a2 Let BN_rand_range() abort with an error after 100 iterations 
without success.
 2002-08-02 15:02:03 +00:00
Bodo Möller
6fb60a84dd Change BN_mod_sqrt() so that it verifies that the input value is 
really the square of the return value.
 2002-08-02 14:57:53 +00:00
Bodo Möller
5af7d1a3b8 move GF2m tests to the end 2002-08-02 14:49:59 +00:00
Bodo Möller
35b73a1f20 Rename implementations of method functions so that they match 
the new method names where _GF... suffixes have been removed.

Revert changes to ..._{get/set}_Jprojective_coordinates_...:
The current implementation for ECC over binary fields does not use
projective coordinates, and if it did, it would not use Jacobian
projective coordinates; so it's OK to use the ..._GFp prefix for all
this.

Add author attributions to some files so that it doesn't look
as if Sun wrote all of this :-)
 2002-08-02 14:28:37 +00:00
Bodo Möller
84d7e365a0 ec2_smpt.c must be listed in LIBSRC 2002-08-02 13:50:12 +00:00
Bodo Möller
64c3da230f there is no alternative EC_METHOD for curves over GF(2^m) (yet) 2002-08-02 13:43:26 +00:00
Bodo Möller
7793f30e09 add support for elliptic curves over binary fields 
Submitted by: Duglas Stebila <douglas.stebila@sun.com>,
              Sheueling Chang <sheueling.chang@sun.com>

(CHANGES entries by Bodo Moeller)
 2002-08-02 13:42:24 +00:00
Bodo Möller
1dc920c8de Binary field arithmetic contributed by Sun Microsystems. 
The 'OPENSSL_NO_SUN_DIV' default is still subject to change,
so I didn't bother to finish the CHANGES entry yet.

Submitted by: Douglas Stebila <douglas.stebila@sun.com>, Sheueling Chang <sheueling.chang@sun.com>
(CHANGES entry by Bodo Moeller)
 2002-08-02 13:03:55 +00:00
Bodo Möller
16dc1cfb5c Add more WAP/WTLS elliptic curve OIDs. 
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
 2002-08-02 12:28:34 +00:00
Bodo Möller
819ff32dc4 New error code ERR_R_DISABLED 
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
 2002-08-02 12:27:21 +00:00
Bodo Möller
5574e0ed41 get rid of OpenSSLDie 2002-08-02 11:48:15 +00:00
Richard Levitte
ba8fb52183 Certain flag macros were tested with #if instead if #ifdef... 2002-08-02 11:13:37 +00:00
Richard Levitte
456bc309d8 make update 2002-08-01 19:45:54 +00:00
Richard Levitte
44c09667ff Avoid yet another name clash with libdes, and make the declaration consistent 
with the definition.
 2002-08-01 19:30:58 +00:00
Richard Levitte
bd45950f4a OCSP and KRB5 Makefil.ssl should be consistent with all the others 2002-08-01 14:18:52 +00:00
Richard Levitte
0472883cc2 If CRYPTO_realloc() is called with a NULL pointer, have it call 
OPENSSL_malloc().
PR: 187
 2002-08-01 10:08:37 +00:00
Richard Levitte
e70a39830c Make sure to use $(MAKE) everywhere instead of make. 
Part of PR 181
 2002-07-31 13:49:06 +00:00
Richard Levitte
6297bcd74c The version of the shared library should, for now, reflect the version 
of OpenSSL.
Part of PR 181.
 2002-07-31 13:24:26 +00:00
Lutz Jänicke
c046fffa16 OpenSSL Security Advisory [30 July 2002] 
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
 2002-07-30 13:04:04 +00:00
Lutz Jänicke
3aecef7697 "make update" 2002-07-30 12:44:33 +00:00
Bodo Möller
0bee0e6294 Use SEC1 format for EC private keys. 
This is not ECDSA specific, so it's now PEM_STRING_ECPRIVATEKEY etc.

Submitted by: Nils Larsch <nlarsch@compuserve.de>
 2002-07-26 08:41:04 +00:00
Bodo Möller
12593e6f45 Move zeroing from bn_expand_internal() to bn_expand2() so that it 
happens reliably, even if the BIGNUM is already sufficiently large.

[Note that the bn_expand()/bn_wexpand() macros call bn_expand2() only
if the BIGNUM actually has to grow, so this change does not add any
new overhead as currently bn_expand2() is never called directly.]
 2002-07-25 12:12:39 +00:00
Richard Levitte
546405bece Don't clobber loop variable. 
PR: 159
 2002-07-24 14:43:00 +00:00
Richard Levitte
6d9116f83d If DH is disabled, don't define the DH functions. 
Notified by Kim Hellan <KHE@kmd.dk>
 2002-07-22 14:18:11 +00:00
Richard Levitte
7a5ed919ad The first compile of the new merger method for VMS *almost* got 
through.  That's not enough, is it?  :-)
 2002-07-19 11:57:17 +00:00
Richard Levitte
799d7a34cf Two more names that are a little too long for the standard VMS linker. 2002-07-19 11:56:02 +00:00
Richard Levitte
ec9ea6a3c8 Further enhance assembler support on Cygwin and DJGPP. 
Make pod2mantest useable on DOS-based systems.
Part of PR 75, the rest is still under investigation.
 2002-07-18 12:37:59 +00:00
Richard Levitte
ca6dde5d3d Reverse the change with the following log, it needs further investigation: 
Make S/MIME output conform with the mail and MIME standards.
PR: 151
 2002-07-18 10:39:20 +00:00
Richard Levitte
8e6cbcd7c0 Make S/MIME output conform with the mail and MIME standards. 
PR: 151
 2002-07-18 08:47:33 +00:00
Richard Levitte
32bf74e30e OPENSSL_SYS_WIN32 is important so util/mkdef.pl can detect it 2002-07-18 06:34:34 +00:00
Richard Levitte
cd4c36adb8 Add support for shared libraries with OS/2. 
PR: 124
 2002-07-17 13:27:43 +00:00
Richard Levitte
6789b41d86 The default C compiler on MacOS X doesn't like empty object files 2002-07-16 10:46:00 +00:00
Richard Levitte
b23f50e67e Some older code (never committed) wasn't converted to the new format. 
Corrected.
 2002-07-16 08:02:31 +00:00
Richard Levitte
cbecb3ac37 There's an ongoing project to bring some kind of path selection 
mechanism to the ENGINE framework.  This means there there are going
to be new functionality for the DSO part, and ultimately some way of
merging two file specifications together.

This commit places the merging code into the repository.  It's
currently not used anywhere, and hasn't been tested at all.  It may be
full of errors, including syntactical ones.  Those will be fixed as
promptly as possible.
 2002-07-15 15:35:40 +00:00
Bodo Möller
5dbd3efce7 Replace 'ecdsaparam' commandline utility by 'ecparam' 
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.

Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.

Fix ec_asn1.c (take into account the desired conversion form).

'make update'.

Submitted by: Nils Larsch
 2002-07-14 16:54:31 +00:00
Richard Levitte
b57c98df7b In UI_UTIL_read_pw(), we should look at the size parameter, not at BUFSIZ. 
Submitted by Götz Babin-Ebell <babinebell@trustcenter.de>
 2002-07-11 09:12:29 +00:00
Bodo Möller
5c9396e37c remove obsolete comment 2002-07-10 08:39:05 +00:00
Lutz Jänicke
7b63c0fa8c Reorder inclusion of header files: 
des_old.h redefines crypt:
#define crypt(b,s)\
        DES_crypt((b),(s))

This scheme leads to failure, if header files with the OS's true definition
of crypt() are processed _after_ des_old.h was processed. This is e.g. the
case on HP-UX with unistd.h.
As evp.h now again includes des.h (which includes des_old.h), this problem
only came up after this modification.
Solution: move header files (indirectly) including e_os.h before the header
files (indirectly) including evp.h.
Submitted by:
Reviewed by:
PR:
 2002-07-10 07:01:54 +00:00
Bodo Möller
ea4f109c99 AES cipher suites are now official (RFC3268) 2002-07-04 08:51:09 +00:00
Richard Levitte
40c5cae24a Do not define crypt() on OpenBSD. Notified by Bob Beck of OpenBSD. 2002-06-29 22:04:09 +00:00
Richard Levitte
cce9396dc9 opensslconf.h doesn't define what we want, e_os2.h does. 
PR 123
 2002-06-27 17:19:55 +00:00
Richard Levitte
47f3eafb8d Try to avoid double declaration of ERR_load_PEM_strings(). 
PR 71
 2002-06-27 17:06:28 +00:00
Richard Levitte
17085b022c Pass CFLAG to dependency makers, so non-standard system include paths are 
handled properly.
Part of PR 75
 2002-06-27 16:39:25 +00:00
Richard Levitte
4367eb8706 DJGPP has some needed header files that other MSDOS/Windows compilers don't have. 
Part of PR 75
 2002-06-27 16:32:04 +00:00
Richard Levitte
fb96d9d90d When compiling for Windows, make sure we have the windows definitions declared. 
Part of PR 123
 2002-06-27 14:55:52 +00:00
Richard Levitte
e1a32c1807 Use 32-bit sections instead of the default, 16-bit ones. 
Part of PR 123
 2002-06-27 14:54:34 +00:00
Richard Levitte
0df748e7e2 Use bg instead of bag as argument to macros, to avoid clashes with 
structure field names.
PR: 112
 2002-06-27 09:54:07 +00:00
Richard Levitte
4942ef6f0e A number of includes were removed from evp.h some time ago. The reason 
was that they weren't really needed any more for EVP itself.  However,
it seems like soma applications (I know about OpenSSH, but there may
be more) used evp.h as the 'load all' header file, which makes sense
since we try our best to promote the use of EVP instead of the lower
level crypto algorithms.  Therefore, I put the inclusions back so
the application authors don't get too shocked by all the errors they
would otherwise get.

Thanks to Theo de Raadt for making us aware of this.
 2002-06-27 05:03:00 +00:00
Bodo Möller
9ae08a9c04 Make sure buffers are large enough even for weird parameters 
Submitted by: Nils Larsch
 2002-06-26 14:28:41 +00:00
Geoff Thorpe
a6c6874a1a Make sure any ENGINE control commands make local copies of string 
pointers passed to them whenever necessary. Otherwise it is possible the
caller may have overwritten (or deallocated) the original string data
when a later ENGINE operation tries to use the stored values.

Submitted by: Götz Babin-Ebell <babinebell@trustcenter.de>
Reviewed by: Geoff Thorpe
PR: 98
 2002-06-21 02:38:08 +00:00
Lutz Jänicke
a947f2d2b6 <sys/select.h> is included for AIX, when USE_SOCKETS is defined. 
Submitted by: Bernhard Simon <bs@bsws.zid.tuwien.ac.at>
Reviewed by:
PR:
 2002-06-20 20:49:27 +00:00
Lutz Jänicke
da0616cd13 AIX (V3) requires <sys/select.h> (included via e_os.h) for fd_set. 
Submitted by: Bernhard Simon <bs@bsws.zid.tuwien.ac.at>
Reviewed by:
PR:
 2002-06-20 17:32:04 +00:00
Bodo Möller
3f2f3d4264 always include <string.h> (we do this in various other header files, 
so it can't be bad)
 2002-06-18 09:36:02 +00:00
Bodo Möller
c4c2c61e8c always include <string.h> (we do this in various other header files, 
so it can't be bad)

PR: 102
 2002-06-18 09:35:43 +00:00
Bodo Möller
5f3d6f70f6 Implement handling of EC parameter seeds (new functions 
EC_GROUP_set_seed(), EC_GROUP_get0_seed(), EC_GROUP_get_seed_len()).

New functions ECPKParameters_print(), ECPKParameters_print_fp().

Submitted by: Nils Larsch
 2002-06-18 08:38:59 +00:00
Lutz Jänicke
bdb6171334 OpenSSL_add_all_algorithms has been replaced by configuration dependent 
functions and is redirected by macros. Switch it off now, possible removal
later.
 2002-06-16 10:18:25 +00:00
Lutz Jänicke
65ee74fbc7 Some more prototype fixes. 
Use DECLARE macros in asn1* instead of direct declaration.
Submitted by: Goetz Babin-Ebell <babinebell@trustcenter.de>
Reviewed by:
PR: 89
 2002-06-14 19:01:52 +00:00
Richard Levitte
451dc18f10 Add support for DJGPP. 
PR: 75
 2002-06-13 20:42:35 +00:00
Richard Levitte
1ef5026ef9 Making a softlink from crypto/des/asm/perlasm to crypto/perlasm isn't 
strictly necessary, so let's not do that.
 2002-06-13 19:42:37 +00:00
Lutz Jänicke
40889b9cd3 Add missing prototypes. 
Submitted by: Goetz Babin-Ebell <babinebell@trustcenter.de>
PR: 89
 2002-06-13 17:40:27 +00:00
Dr. Stephen Henson
99889b46c9 Fix ext_dat.h extension ordering. 
Reinstate -reqout code.

Avoid coredump in ocsp if setup_verify
fails.

Fix typo in ocsp usage message.
 2002-06-13 12:56:27 +00:00
Lutz Jänicke
82869b3c8d Add OIDs for Secure Electronic Transactions (SET) 
Submitted by: Vadim Fedukovich <vf@unity.net>
Reviewed by: Lutz Jaenicke
PR: 80
 2002-06-13 11:52:56 +00:00
Dr. Stephen Henson
04cc76660a The new ASN1 code automatically allocates 
structures for fields that are not OPTIONAL.

However in the AUTHORITY_INFO_ACCESS case
the 'location' field was set to NULL in
the old code.

So in 0.9.7+ we should free up the field before
overwriting it in v2i_AUTHORITY_INFO_ACCESS.
 2002-06-13 00:43:27 +00:00
Bodo Möller
254ef80db1 simplify asn1_flag 
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
 2002-06-12 14:01:17 +00:00
Ben Laurie
d15711efc6 Handle read errors. 2002-06-11 12:41:37 +00:00
Ben Laurie
25ace3ed25 Fix warnings. 2002-06-11 12:03:51 +00:00
Bodo Möller
012c86ab74 move ECC ASN1 that is not specific to ECDSA into crypto/ec/, 
and make some appropriate changes to the EC library.

Submitted by: Nils Larsch
 2002-06-10 12:41:18 +00:00
Bodo Möller
458c29175e move ECC ASN1 that is not specific to ECDSA into crypto/ec/, 
and make some appropriate changes to the EC library.

Submitted by: Nils Larsch
 2002-06-10 12:18:21 +00:00
Bodo Möller
8a5dbb0a2e fix for 'make update' 2002-06-10 11:46:32 +00:00
Bodo Möller
532203cdb0 remove unnecessary calls to EC_POINT_copy() 2002-06-10 11:02:55 +00:00
Bodo Möller
c6c0e4cb32 fix memory leak 
Submitted by: Nils Larsch
 2002-06-06 10:33:05 +00:00
Lutz Jänicke
0f7b63c834 Make sure that settings are passed back and forth when walking around 
in the tree during build.
Reinstall default PERL settings in Makefiles, as the real reason for the
failure was that the settings were not passed.
 2002-06-06 10:16:59 +00:00
Lutz Jänicke
345731731a New OID for X509 usage: pseudonym 
Submitted by: Michael Bell <michael.bell@rz.hu-berlin.de>
Reviewed by: Lutz Jaenicke
PR: 83
 2002-06-06 07:33:00 +00:00
Richard Levitte
b6fc2386f0 It's not good to have a pointer point at something in an inner block. 
PR: 66
 2002-06-05 13:47:29 +00:00
Richard Levitte
9f353dd662 Check errors when parsing a PKCS8INF PEM FILE, or there will be a core dump on error. 
PR: 77
 2002-06-05 11:58:29 +00:00
Richard Levitte
c8062c3a5e Since there's no continuation, the ; can go as well :-) 2002-06-05 09:08:41 +00:00
Lutz Jänicke
05c08fc708 There is no continuation at this point. 2002-06-05 08:00:36 +00:00
Lutz Jänicke
bb0db9c491 The correct PERL interpreter is passed via commandline. 2002-06-05 07:03:17 +00:00
Richard Levitte
6631a7e7f1 use sstrsep() to get the proper type to aoti(). 
Remove unneeded cast in ustrsep().
PR: 69
 2002-06-03 15:27:46 +00:00
Richard Levitte
78055aa6a5 Add the AES test vectors from NIST document SP800-38A. 2002-05-31 13:13:43 +00:00
Richard Levitte
e6bd5e8a6d Make it possible to give vectors only for decryption or encryption. 2002-05-31 13:12:49 +00:00
Richard Levitte
94f1b50c0f For CFB and OFB modes, always create the encryption key. 2002-05-31 13:11:44 +00:00
Richard Levitte
bd54d55c1d Declare the CFB and OFB modes for AES, and prepare for a declaration 
of CTR mode.
 2002-05-31 13:08:53 +00:00
Richard Levitte
09c70c3261 In CFB mode, the iv is always encrypted. 2002-05-31 13:07:39 +00:00
Richard Levitte
1ed0c6621b Reformat the CFLAG string so it can be made part of a C string. 
Incidently, this works pretty well on the command line as well.
PR: 52
 2002-05-30 18:06:35 +00:00
Richard Levitte
9cdf87f194 Check the return values where memory allocation failures may happen. 
PR: 49
 2002-05-30 16:47:45 +00:00
Richard Levitte
dbdc5d14d3 Correct AES counter mode, which incorrectly incremented the counter before 
using it.
PR: 56
 2002-05-30 14:06:06 +00:00
Bodo Möller
6cbe638294 New functions EC_POINT_point2bn(), EC_POINT_bn2point(), EC_POINT_point2hex(), EC_POINT_hex2point() 
Submitted by: Nils Larsch
 2002-05-30 13:16:03 +00:00
Dr. Stephen Henson
08241a5814 Make i2c_ASN1_BIT_STRING return the correct length. 2002-05-29 23:14:01 +00:00
Richard Levitte
3d27b1fa85 Set DLOPEN_FLAG the same way on NetBSD as on OpenBSD. 
PR: 58, submitted by andrew@cis.uoguelph.ca
 2002-05-29 21:00:08 +00:00
Richard Levitte
02cbedc387 Make sure short aliases are used where required. 2002-05-23 13:52:36 +00:00
Richard Levitte
e5d814d040 Define a short alias for another long EC symbol. 2002-05-23 13:34:38 +00:00
Richard Levitte
b09f4fb271 Make sure ECDSA is built and tested on VMS. 
Avoid loops if linking an application fails.
 2002-05-23 13:33:55 +00:00
Richard Levitte
1f4eada3b4 Make sure ECDSA is built and tested on VMS. 2002-05-23 13:33:08 +00:00
Richard Levitte
b935754cb0 Allow the use of the TCP/IP stack keyword TCPIP and NONE 2002-05-22 11:37:20 +00:00
Richard Levitte
396bc53593 Use OPENSSL_SYS_VMS instead of just VMS 2002-05-22 11:35:45 +00:00
Bodo Möller
7711de24f9 accept NULL in 'free' functions 2002-05-21 08:59:57 +00:00
Dr. Stephen Henson
0fccb00b5b Add missing EVP_CIPHER_CTX_init call. 2002-05-18 23:43:10 +00:00
Bodo Möller
46ffee4792 fix EVP_dsa_sha macro 
Submitted by: Nils Larsch
 2002-05-16 12:51:18 +00:00
Dr. Stephen Henson
544a2aea4b Zero cipher_data in EVP_CIPHER_CTX_cleanup 
Add cleanup calls to evp_test.c

Allow reuse of cipher contexts by removing
automatic cleanup in EVP_*Final().
 2002-05-15 18:49:25 +00:00
Bodo Möller
60e5f36d27 make b_print.c consistent with the rest of OpenSSL: 
disable assert() except for debug builds
 2002-05-14 19:40:58 +00:00
Dr. Stephen Henson
e9ba69631b EVP_SealFinal should return a value. 2002-05-11 17:37:08 +00:00
Dr. Stephen Henson
dc014d43af Fallback to normal multiply if n2 == 8 and dna or dnb is not zero 
in bn_mul_recursive.

This is (hopefully) what was triggering bignum errors on 64 bit
platforms and causing the BN_mod_mul test to fail.
 2002-05-10 22:18:13 +00:00
Dr. Stephen Henson
2f9cf160e4 Avoid gcc warning: BN_DEC_CONV when SIXTY_FOUR_BIT is defined is unsigned. 2002-05-10 22:07:37 +00:00
Richard Levitte
06bed64317 Make the huge buffer smaller, so the size becomes reasonable for small-stack environments. 
Notified by Verdon Walker <VWalker@novell.com>
 2002-05-09 20:14:00 +00:00
Richard Levitte
c559759265 One place where VMS wasn't changed to OPENSSL_SYS_VMS... 2002-05-09 18:27:06 +00:00
Richard Levitte
b4000e8ad8 Move an assert() to avoid core dumps when a static buffer hasn't been given. 
Notified by Verdon Walker <VWalker@novell.com>
 2002-05-09 18:19:21 +00:00
Bodo Möller
b6db386ffd Change internals of the EC library so that the functions 
EC_GROUP_{set_generator,get_generator,get_order,get_cofactor} are
implemented directly in crypto/ec/ec_lib.c and not dispatched to
methods.

Also fix EC_GROUP_copy to copy the NID.
 2002-05-08 11:54:24 +00:00
Bodo Möller
279fe3b1c5 in SignerInfo, use ecdsa-with-SHA1 OID for ECDSA (not ecPublicKey) 
Submitted by: Nils Larsch
 2002-05-07 15:14:12 +00:00
Bodo Möller
2c8d0dccfc improve wNAF generation 2002-05-05 23:45:09 +00:00
Richard Levitte
294bd1e2f3 Make sure that date is run under the C locale, so dates are given in the 
default format.
PR: 16
 2002-05-02 08:05:46 +00:00
Richard Levitte
d4294c8984 Synchronise with 0.9.7-stable. 2002-04-29 10:19:19 +00:00
Bodo Möller
8df61b5011 Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not 
encoded as NULL) with id-dsa-with-sha1.

Submitted by: Nils Larsch
 2002-04-26 08:28:34 +00:00
Lutz Jänicke
f1e6643751 Add generationQualifier OID (proposed by Fiel Cabral). 2002-04-25 18:03:13 +00:00
Richard Levitte
35c2b3a9ac Uhmmm, if we use && after having tested for the presence of the certificate, 
we just *might* stand a certain chance of actually getting it written
to file...
 2002-04-23 13:15:08 +00:00
Lutz Jänicke
af9675e75a ERR_file_name is no longer being used. 2002-04-22 13:54:50 +00:00
Richard Levitte
45932ad508 The callback must have (void) as argument list. 
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
 2002-04-20 10:22:42 +00:00
Richard Levitte
ce94682ce1 No point constifying an int. 
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
 2002-04-20 10:22:01 +00:00
Richard Levitte
2d7ab7e9ea Do not free p if it hasn't been used yet. 
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
 2002-04-20 10:19:20 +00:00
Lutz Jänicke
d5d007abe3 Optimize: better shortcut evaluation ("Howard Chu" <hyc@highlandsun.com>). 2002-04-18 11:54:06 +00:00
Bodo Möller
dde3e83129 'version' is not optional in the encoding 
Submitted by: Nils Larsch
 2002-04-17 11:35:52 +00:00
Bodo Möller
8f182fdc69 'version' is not optional in the encoding 
Submitted by: Nils Larsch
 2002-04-17 11:31:20 +00:00
Lutz Jänicke
ea7fc0311c Use the "mail" short name according to RFC2798 (Michael Bell 
<michael.bell@rz.hu-berlin.de>).
 2002-04-15 13:30:41 +00:00
Lutz Jänicke
30911232c1 Some more OID enhancements. 2002-04-15 10:41:38 +00:00
Lutz Jänicke
2940a1298e Fix CRLF problem in BASE64 decode. 2002-04-15 09:55:40 +00:00
Bodo Möller
f916052eab remove disabled code 2002-04-14 13:28:17 +00:00
Bodo Möller
b975183c41 ECDSA representation bugfixes 
Submitted by: Nils Larsch
 2002-04-12 08:57:01 +00:00
Richard Levitte
083100e2ab Check error code from a2d_ASN1_OBJECT(). 2002-04-11 22:13:58 +00:00
Richard Levitte
241d2ba1da Change the date to XX xxx XXXX in development versions. 2002-04-11 21:51:40 +00:00
Bodo Möller
d0561b5c2d fix ECDSA handling 
Submitted by: Nils Larsch
 2002-04-09 12:01:21 +00:00
Lutz Jänicke
0ae1661ba2 Apply OID fixes for elliptic curves as supplied by 
Nils Larsch <nlarsch@compuserve.de>.
 2002-04-08 15:49:53 +00:00
Richard Levitte
a18894d159 make update (libeay.num has been edited to match 0.9.7-stable) 2002-04-06 19:16:12 +00:00
Lutz Jänicke
4825092bbe Fix buggy object definitions (Svenning Sorensen <sss@sss.dnsalias.net>). 2002-04-04 17:48:37 +00:00
Richard Levitte
bbd79bdf03 Forgot one of the casts 2002-04-03 15:01:28 +00:00
Richard Levitte
a096e9b719 Cast the pointers to the BIGNUM data to unsigned long *. This would be 
harmful if we didn't also pass the exact number of bytes of that data
 2002-04-03 14:47:38 +00:00
Richard Levitte
ddab25a90d Fix of mixup bwtween SOMAXCONN and SO_MAXCONN. 
Furthermore, make SO_MAXCONN the first choice, since that's the standard
(as far as I know).
 2002-03-29 23:48:55 +00:00
Lutz Jänicke
ffbe98b763 Make short names of objects RFC2256-compliant. 2002-03-26 17:18:48 +00:00
Richard Levitte
d7a9bb0a2a A forgotten file 2002-03-26 16:42:38 +00:00
Richard Levitte
0d81c69b8e Add the possibility to enable olde des support, not just disable it, for future support. Redocument 2002-03-26 14:28:04 +00:00
Richard Levitte
401cd0af0f Add the mapping of des_random_seed() for 0.9.6 compatibility. 
Make sure DES_cblock is defined at all times (meaning one shouldn't include
openssl/des_old.h directly any more).
 2002-03-26 13:59:22 +00:00
Richard Levitte
c7b41e67f0 Correct the mapping for des_read_pw() 2002-03-26 13:54:15 +00:00
Richard Levitte
003144a8e8 Make the change to strong keys in the string to key(s) functions experimental in the main trunk as well 2002-03-26 12:44:35 +00:00
Bodo Möller
af1cb47e65 fix warnings 
Submitted by: Nils Larsch
 2002-03-25 23:41:32 +00:00
Bodo Möller
e8e7fbdb16 fix memory leak 
Submitted by: Nils Larsch
 2002-03-25 23:18:11 +00:00
Bodo Möller
d5c21afd4b add missing declaration 
Submitted by: Nils Larsch
 2002-03-25 23:15:21 +00:00
Bodo Möller
85b7b80434 fix conditational compilation for OPENSSL_NO_... 2002-03-22 11:02:13 +00:00
Richard Levitte
fe0f662310 Merge changes from 0.9.7-stable 2002-03-22 10:51:41 +00:00
Richard Levitte
90453438ff Merge changes from 0.9.7-stable 2002-03-22 10:32:23 +00:00
Richard Levitte
2e63f3b733 Merge in DES changed from 0.9.7-stable. 2002-03-22 02:49:46 +00:00
Lutz Jänicke
be3d90de02 Remove superflous (and buggy) statement <justin.fletcher@ntlworld.com>. 2002-03-21 19:08:35 +00:00
Bodo Möller
82652aaf17 fix DH_generate_parameters for general 'generator' 2002-03-20 16:04:04 +00:00
Bodo Möller
17d6bb8158 New function EC_GROUP_check_discriminant(). 
Restructure implementation of EC_GROUP_check().

Submitted by: Nils Larsch
 2002-03-20 10:18:07 +00:00
Bodo Möller
99d5b23023 Fix typo. 
Submitted by: Nils Larsch
 2002-03-19 09:51:31 +00:00
Bodo Möller
af28dd6c75 Fix bugs and typos. 
Add some WTLS curves.
New function EC_GROUP_check() (this will probably
be implemented differently soon).

Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
 2002-03-18 13:10:45 +00:00
Bodo Möller
e79ec456be fix #include position 
Submitted by: Nils Larsch
 2002-03-18 13:05:20 +00:00
Dr. Stephen Henson
3e268d2717 Ensure EVP_CipherInit() uses the correct encode/decode parameter if 
enc == -1

[Reported by Markus Friedl <markus@openbsd.org>]

Fix typo in dh_lib.c (use of DSAerr instead of DHerr).
 2002-03-16 23:20:05 +00:00
Dr. Stephen Henson
de941e289e Initialize cipher context in KRB5 
("D. Russell" <russelld@aol.net>)

Allow HMAC functions to use an alternative ENGINE.
 2002-03-14 18:22:23 +00:00
Bodo Möller
1d28453529 add OIDs for WAP/TLS curves 2002-03-14 13:18:57 +00:00
Bodo Möller
690ecff795 Fixes for 'no-hw' combined with 'no-SOME_CIPHER'. 
Fix dsaparam usage output.

Submitted by: Nils Larsch
 2002-03-14 09:52:03 +00:00
Dr. Stephen Henson
0b4c91c0fc Fix various warnings when compiling with KRB5 code. 2002-03-12 02:59:37 +00:00
Dr. Stephen Henson
bf6a9e66d6 Make ciphers and digests obtain an ENGINE functional reference 
if impl is explicitly supplied.
 2002-03-09 18:58:05 +00:00
Dr. Stephen Henson
0c372b94f7 Make {RSA,DSA,DH}_new_method obtain and release an ENGINE 
functional reference in all cases.
 2002-03-09 18:25:03 +00:00
Bodo Möller
4882171df5 EC curve stuff 
Submitted by: Nils Larsch
 2002-03-08 11:10:40 +00:00
Richard Levitte
931627e6a0 Synchronise the AEP engine in all branches. For 0.9.6-stable [engine], implement software fallback 2002-03-07 19:38:59 +00:00
Richard Levitte
274a2c9970 When closing, do not use close(). Also, if the closing call fails, do 
not return immediately since that leaves a locked lock.
 2002-03-07 17:13:30 +00:00
Richard Levitte
006fcc22a8 Change des_old.c to use types prefixed with _ossl_old_des_. 2002-03-07 15:41:36 +00:00
Bodo Möller
709c51c424 fix spacing 2002-03-07 12:21:31 +00:00
Bodo Möller
9bc448546e Add more curves. 
Submitted by: Nils Larsch

Remove unnecessary 'const'.
 2002-03-07 12:14:03 +00:00
Dr. Stephen Henson
0dc092334b ENGINE module additions. 
Add "init" command to control ENGINE
initialization.

Call ENGINE_finish on initialized ENGINEs on exit.

Reorder shutdown in apps.c: modules should be shut
down first.

Add test private key loader to openssl ENGINE: this
just loads a private key in PEM format.

Fix print format for dh length parameter.
 2002-03-06 14:15:13 +00:00
Bodo Möller
36c194638e add SECG OIDs 
Submitted by: Nils Larsch
 2002-03-06 13:47:32 +00:00
Bodo Möller
45fb737950 reference counting for EC_GROUP structures is not needed (at the 
moment at least), so remove it
 2002-03-06 09:46:17 +00:00
Bodo Möller
8ecf5104b3 typo 2002-03-05 14:58:53 +00:00
Dr. Stephen Henson
2c2f9e2cc3 Make sure the type accessed by the LONG and ZLONG ASN1 type 
is really a long, to avoid problems on platforms where
sizeof(int) != sizeof(long).
 2002-03-05 13:48:51 +00:00
Bodo Möller
2d9b1b3ffa more X9.62 OIDs 
Submitted by: Nils Larsch <nla@trustcenter.de>
 2002-03-05 12:39:19 +00:00
Bodo Möller
f070480275 disable '#ifdef DEBUG' code 2002-03-05 12:37:35 +00:00
Richard Levitte
49f1597de2 Provide a pre 0.9.7 compatibility mapping if 
OPENSSL_DES_PRE_0_9_7_COMPATIBILITY is defined.  NOT AT ALL TESTED YET!
Add a comment as to the libdes compatibility.
 2002-03-05 11:26:03 +00:00
Richard Levitte
a08ee55e2d Typo. In DCL, the continuation character is a dash at the end of the 
line, which I forgot when spliting one.
 2002-03-04 18:07:59 +00:00
Richard Levitte
3bac6d9479 Rename des_SPtrans to DES_SPtrans to differentiate from libdes and avoid certain linkage clashes. 2002-03-04 16:08:13 +00:00
Dr. Stephen Henson
c8cd7d9e0f Fix warnings about signed/unsigned mismatch and global 
shadowing (random, index) in hw_4758_cca.c
 2002-03-03 17:08:20 +00:00
Richard Levitte
4bf4bc784f make update 2002-02-28 20:29:20 +00:00
Bodo Möller
16b0384bd2 use ERR_peek_last_error() instead of ERR_peek_error() to ignore 
any other errors that may be left in the error queue

Submitted by: Jeffrey Altman
 2002-02-28 14:05:13 +00:00
Richard Levitte
87ebdd8a71 VMS addaptation, including a few more long names that needed hacking. 2002-02-28 13:17:40 +00:00
Richard Levitte
7d68189d8a Make sure aep_close_connection() is declared and has a prototype that's 
consistent with the rest of the AEP functions
 2002-02-28 12:58:43 +00:00
Richard Levitte
26414ee013 Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated 2002-02-28 12:42:19 +00:00
Richard Levitte
5c62f68e14 Updated AEP engine, submitted by Diarmuid O'Neill <Diarmuid.ONeill@aep.ie> 2002-02-28 11:36:38 +00:00
Bodo Möller
59dbdb51dc disable '#ifdef DEBUG' sections 2002-02-28 10:51:56 +00:00
Geoff Thorpe
92d1bc09cb This adds a new ENGINE to support IBM 4758 cards, contributed by Maurice 
Gittens.
 2002-02-27 22:55:28 +00:00
Dr. Stephen Henson
b12540520d Always init ctx_tmp in PKCS7_dataFinal since it is always cleaned up. 2002-02-26 19:33:24 +00:00
Richard Levitte
0d7b9b8b7e make update, after moving around symbols in libeay.num to match 
0.9.7-stable.
 2002-02-26 14:41:29 +00:00
Dr. Stephen Henson
4a3e6bce79 Make the engine config module always add dynamic ENGINEs 
to the list using dynamic_path. This stops ENGINEs which
don't supply any default algorithms being automatically
freed (because they have no references) and allows them
to be accessed by id.

Alternative dynamic loading behaviour can be achieved by
issuing the dynamic ENGINE ctrls separately in the config file.
 2002-02-24 16:20:50 +00:00
Dr. Stephen Henson
a3829cb720 Updates from stable branch. 2002-02-23 13:50:29 +00:00
Dr. Stephen Henson
e84be9b495 New OPENSSL_LOAD_CONF define to load openssl.cnf 
when OpenSSL_add_all_algorithms() is called.
 2002-02-23 01:00:44 +00:00
Dr. Stephen Henson
3208ff58ca make errors 2002-02-22 21:17:31 +00:00
Dr. Stephen Henson
6707d22a40 Update from stable branch. 2002-02-22 14:07:35 +00:00
Dr. Stephen Henson
3647bee263 Config code updates. 
CONF_modules_unload() now calls CONF_modules_finish()
automatically.

Default use of section openssl_conf moved to
CONF_modules_load()

Load config file in several openssl utilities.

Most utilities now load modules from the config file,
though in a few (such as version) this isn't done
because it couldn't be used for anything.

In the case of ca and req the config file used is
the same as the utility itself: that is the -config
command line option can be used to specify an
alternative file.
 2002-02-22 14:01:21 +00:00
Bodo Möller
3e563bcea7 disable '#ifdef DEBUG' sections 2002-02-21 13:07:44 +00:00
Dr. Stephen Henson
92f91ff48b Config file updates from stable branch 2002-02-21 00:54:54 +00:00
Richard Levitte
5b7848a345 Add comfy aliases for AES in CBC mode. 2002-02-20 17:59:49 +00:00
Richard Levitte
915c6a21ba Stop assuming the IV is 8 bytes long, use the real size instead. 
This is especially important for AES that has a 16 bytes IV.
 2002-02-20 17:55:08 +00:00
Richard Levitte
236be53269 gcc figures that the format specifier %2x means unsigned int, so let's 
make n unsigned.
 2002-02-20 13:50:36 +00:00
Richard Levitte
1fc1bd382b Instead of casting a lvalue, let's constify meth. 2002-02-20 13:49:17 +00:00
Bodo Möller
3613e6fc57 simplifications 
Submitted by: Nils Larsch
 2002-02-20 13:08:17 +00:00
Richard Levitte
f19759a182 Instead of just checking for OpenVMS, check if DEC C is used, since it's as 
picky on all platforms
 2002-02-20 12:01:24 +00:00
Bodo Möller
d009bcbfb6 bugfix: allocate sufficiently large buffer 
Submitted by: Nils Larsch
 2002-02-20 11:59:42 +00:00
Richard Levitte
4b71f63ac0 Comparing a pointer (data) with 0 using > is incorrect. The changed 
comparison doesn't look right, but at least it compiles.  It would be nice
if the one who knows what this is supposed to do changed it to do it correctly
 2002-02-20 11:57:33 +00:00
Richard Levitte
3adb8c3854 With Compaq make, it seems like # inside an action becomes part of the command, not a comment at all 2002-02-20 11:43:40 +00:00
Geoff Thorpe
5b2d6ff07e make update 2002-02-20 08:33:55 +00:00
Richard Levitte
a6cd870784 The AES modes OFB and CFB are defined with 128 feedback bits. This 
deviates from the "standard" 64 bits of feedback that all other
algorithms are using.  Therefore, let's redo certain EVP macros to
accept different amounts of feedback bits for these modes.

Also, change e_aes.c to provide all usually available modes for AES.
CTR isn't included yet.
 2002-02-16 12:39:07 +00:00
Richard Levitte
97879bcd57 Add the modes OFB128, CFB128 and CTR128 to AES. 
Submitted by Stephen Sprunk <stephen@sprunk.org>
 2002-02-16 12:20:34 +00:00
Richard Levitte
ab1dee1efc Adjust the NID names for the AES modes OFB and CFB to contain the number 
of feedback bits
 2002-02-16 12:15:30 +00:00
Richard Levitte
e072aa535d The macro IMPLEMENT_ASN1_FUNCTIONS_const already contains an ending ;, 
so do not add one after the expansion, since ANSI C doesn't allow ;;
at this level (or at least, so tells me gcc).
 2002-02-16 12:03:25 +00:00
Richard Levitte
48f9859d2a Local time' shadows the global function time()'. Rename the local 
variable to `tim' (and, as a matter of consequence, `time_d' to `tim_d').
 2002-02-16 12:01:13 +00:00
Richard Levitte
48b5083ca0 Missing #endif 2002-02-16 11:58:16 +00:00
Bodo Möller
e65991f977 fix indentation 2002-02-14 16:08:55 +00:00
Richard Levitte
3e83e686ba Add the configuration target VxWorks. 2002-02-14 15:37:38 +00:00
Bodo Möller
8f06b00373 make it possible to disable memory checking for timings 2002-02-14 14:41:13 +00:00
Bodo Möller
6cc3700314 don't call OPENSSL_config(), this does not make any sense during "make test" 2002-02-14 13:51:20 +00:00
Richard Levitte
cc1489d2f2 Make sure memset() is defined by including string.h 
Notified by Oscar Jacobsson <oscar@jacobsson.org>
 2002-02-14 13:51:04 +00:00
Richard Levitte
016029c69f For some reason, getting the topmost error was done the same way as 
getting the bottommost one.  I hope I understood correctly how this
should be done.  It seems to work when running evp_test in an
environment where it can't find openssl.cnf.
 2002-02-14 13:45:26 +00:00
Bodo Möller
d8309efc72 EC_GROUP_get_group_by_name() is now called EC_GROUP_new_by_name() 2002-02-14 10:23:20 +00:00
Ben Laurie
f43acc8a50 Fix warnings. 2002-02-14 09:59:35 +00:00
Bodo Möller
4d94ae00d5 ECDSA support 
Submitted by: Nils Larsch <nla@trustcenter.de>
 2002-02-13 18:21:51 +00:00
Bodo Möller
60d8bae30d some modifications to named curve support 2002-02-13 17:57:52 +00:00
Richard Levitte
0caec9e8f8 Modify the main trunk version to 0.9.8-dev. 
0.9.7 now lives in the branch OpenSSL_0_9_7-stable.
 2002-02-13 17:46:38 +00:00
Bodo Möller
4f85a2e21e new locks 2002-02-13 17:25:27 +00:00
Bodo Möller
945e15a253 add support for named curves 
Submitted by: Nils Larsch <nla@trustcenter.de>
 2002-02-13 17:22:59 +00:00
Richard Levitte
81269a81ee Remove an unused variable. 2002-02-07 21:55:22 +00:00
Richard Levitte
3537525e00 Oops, do not unlock CRYPTO_LOCK_DYNLOCK when we locked 
CRYPTO_LOCK_RAND...
 2002-02-07 21:49:21 +00:00
Richard Levitte
d38f3ad1ee I forgot to include the aep and sureware vendor header files. 2002-02-07 21:43:05 +00:00
Richard Levitte
e083f91497 Because AEP and we used the same AEP_R_ prefix for error reasons, 
lets change our prefix to AEPHK_R_.  Otherwise, we get very mysterious
errors because we happen to redefine AEP_R_OK and AEP_R_GENERAL_ERROR.
 2002-02-07 21:12:08 +00:00
Richard Levitte
ba2cad19cf Add aep and sureware implementations and clean up some error reasons 
that were never part of the engine framework.

The aep and sureware implementations are taken directly from 0.9.6c
[engine] and have been modified to fit the newer engine framework and
to be possible to build shared libraries of.

The aep implementation has gone through quite a bunch of tests and is
cleaned up (there were some misunderstandings in it about how to use
locks).

The sureware hasn't been tested at all in this incarnation and is
basically a quick hack to get it to compile properly.
 2002-02-07 20:44:14 +00:00
Richard Levitte
db0a1efcc9 Certain reasons aren't really part of the engine framework, so let's 
make them ubsec-specific in the ubsec implementation.
 2002-02-07 20:37:55 +00:00
Richard Levitte
9074521458 Generate the individual engines' error strings and macros 
automatically.
 2002-02-07 20:02:49 +00:00
Richard Levitte
de2f6e4dae 'make update' 2002-02-05 17:34:58 +00:00
Richard Levitte
44bdb056d4 With the changed des_old API, let's complete the work by renaming the 
functions in ui_compat.  This gave reason to rework that part more
thoroughly, so here are the changes made:

1. Add DES_read_password() and DES_read_2passwords() with the same
   functionality as the corresponding old des_ functions, as a
   convenience to the users.
2. Add UI_UTIL_read_pw_string() and UI_UTIL_read_pw() with the
   functionality from des_read_pw_string() and des_read_pw(), again as
   a concenience to the users.
3. Rename des_read_password(), des_read_2passwords(),
   des_read_pw_string() and des_read_pw() by changing des_ to
   _ossl_old_des_, and add the usual mapping macros.
4. Move the implementation of des_read_password() and
   des_read_2passwords() to the des directory, since they are tightly
   tied to DES anyway.

This change was inspired by a patch from Assar Westerlund <assar@sics.se>:

There are some functions that didn't get the kick-away-old-des-and-
replace-des-with-DES action.  Here's a patch that adds DES_ and des_
(in des_old.h) versions of des_read_pw_string et al.  This patch
includes some of the first des_old.h semi-colon macro fixes that I've
already sent.
 2002-02-05 17:15:18 +00:00