Commit graph

9712 commits

Author SHA1 Message Date
Dr. Stephen Henson
f7a2afa652 Move DSA_sign, DSA_verify to dsa_asn1.c and include separate versions of
DSA_SIG_new() and DSA_SIG_free() to remove ASN1 dependencies from DSA_do_sign()
and DSA_do_verify().
2011-01-25 16:55:15 +00:00
Dr. Stephen Henson
245a7eee17 recalculate DSA signature if r or s is zero (FIPS 186-3 requirement) 2011-01-25 16:01:29 +00:00
Dr. Stephen Henson
6e0375d504 revert Makefile change 2011-01-25 12:15:10 +00:00
Dr. Stephen Henson
7d05edd12e PR: 2433
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().
2011-01-24 16:19:52 +00:00
Dr. Stephen Henson
fef1c40bf1 New function EC_KEY_set_affine_coordinates() this performs all the
NIST PKV tests.
2011-01-24 16:07:40 +00:00
Dr. Stephen Henson
a428ac4750 check EC public key isn't point at infinity 2011-01-24 15:04:34 +00:00
Dr. Stephen Henson
0aa1aedbce PR: 1612
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve

Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
2011-01-24 14:41:34 +00:00
Dr. Stephen Henson
dd616752a1 oops, revert mistakenly committed EC changes 2011-01-19 14:42:42 +00:00
Dr. Stephen Henson
198ce9a611 Add additional parameter to dsa_builtin_paramgen to output the generated
seed to: this doesn't introduce any binary compatibility issues as the
function is only used internally.

The seed output is needed for FIPS 140-2 algorithm testing: the functionality
used to be in DSA_generate_parameters_ex() but was removed in OpenSSL 1.0.0
2011-01-19 14:35:53 +00:00
Dr. Stephen Henson
78c4572296 add va_list version of ERR_add_error_data 2011-01-14 15:13:37 +00:00
Dr. Stephen Henson
d3f17e5ed3 stop warning with no-engine 2011-01-13 15:41:58 +00:00
Richard Levitte
ff66ff0a9b PR: 2425
Synchronise VMS build with Unixly build.
2011-01-10 20:55:21 +00:00
Ben Laurie
105d62cbf1 Constify. 2011-01-09 17:50:18 +00:00
Ben Laurie
c13d7c0296 Fix warning. 2011-01-09 17:50:06 +00:00
Dr. Stephen Henson
114f511f17 missed change in ACKNOWLEDGEMENTS file 2011-01-09 13:37:09 +00:00
Dr. Stephen Henson
778b14b72d move some string utilities to buf_str.c to reduce some dependencies (from 0.9.8 branch). 2011-01-09 13:32:57 +00:00
Dr. Stephen Henson
7b1a04519f add X9.31 prime generation routines from 0.9.8 branch 2011-01-09 13:02:14 +00:00
Richard Levitte
5b301b2fe3 PR: 2407
Fix fault include.
Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>
2011-01-06 20:56:02 +00:00
Dr. Stephen Henson
722521594c Don't use decryption_failed alert for TLS v1.1 or later. 2011-01-04 19:39:27 +00:00
Dr. Stephen Henson
a47577164c Since DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failed
alert.
2011-01-04 19:34:20 +00:00
Dr. Stephen Henson
09d84e03e8 oops missed an assert 2011-01-03 12:54:08 +00:00
Dr. Stephen Henson
85881c1d92 PR: 2411
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Fix corner cases in RFC3779 code.
2011-01-03 01:40:53 +00:00
Dr. Stephen Henson
968062b7d3 Fix escaping code for string printing. If *any* escaping is enabled we
must escape the escape character itself (backslash).
2011-01-03 01:31:24 +00:00
Dr. Stephen Henson
e82f75577b PR: 2410
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Use OPENSSL_assert() instead of assert().
2011-01-03 01:22:41 +00:00
Dr. Stephen Henson
88ea810e25 PR: 2413
Submitted by: Michael Bergandi <mbergandi@gmail.com>
Reviewed by: steve

Fix typo in crypto/bio/bss_dgram.c
2011-01-03 01:07:35 +00:00
Dr. Stephen Henson
2b3936e882 avoid verification loops in trusted store when path building 2010-12-25 20:45:59 +00:00
Richard Levitte
c596b2ab5b Part of the IF structure didn't get pasted here...
PR: 2393
2010-12-14 21:44:31 +00:00
Andy Polyakov
c329c6bac7 e_capi.c: rearrange #include-s to improve portability.
PR: 2394
2010-12-14 20:39:17 +00:00
Richard Levitte
b7ef916c38 First attempt at adding the possibility to set the pointer size for the builds on VMS.
PR: 2393
2010-12-14 19:19:04 +00:00
Dr. Stephen Henson
d7d5a55d22 Support routines for ASN1 scanning function, doesn't do much yet. 2010-12-13 18:15:28 +00:00
Andy Polyakov
cc4c230653 e_capi.c: change from ANSI to TCHAR domain. This makes it compilable on
Windows CE/Mobile, yet keeps it normal Windows loop.
PR: 2350
2010-12-12 20:26:09 +00:00
Andy Polyakov
de3bb266f4 apps/x590.c: harmonize usage of STDout and out_err.
PR: 2323
2010-12-12 10:52:56 +00:00
Andy Polyakov
05e4fbf801 bss_file.c: refine UTF8 logic.
PR: 2382
2010-12-11 14:53:14 +00:00
Dr. Stephen Henson
ef3026a325 ignore leading null fields 2010-12-03 19:31:34 +00:00
Dr. Stephen Henson
420ce9eb98 update FAQ 2010-12-02 19:55:56 +00:00
Dr. Stephen Henson
73334e8da1 PR: 2386
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve

Correct SKM_ASN1_SET_OF_d2i macro.
2010-12-02 18:02:29 +00:00
Dr. Stephen Henson
6f413ef406 fix doc typos 2010-12-02 13:44:53 +00:00
Dr. Stephen Henson
85171f83b8 use right version this time in FAQ 2010-12-02 00:08:12 +00:00
Dr. Stephen Henson
a550d351fc update FAQ 2010-12-02 00:01:44 +00:00
Andy Polyakov
cbecd29a27 Configure: make -mno-cygwin optional on mingw platforms.
PR: 2381
2010-11-30 22:18:02 +00:00
Dr. Stephen Henson
09c1dc850c PR: 2385
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve

Zero key->pkey.ptr after it is freed so the structure can be reused.
2010-11-30 19:37:21 +00:00
Richard Levitte
4585fd0734 Better method for creating SSLROOT:.
Make sure to include the path to evptest.txt.
2010-11-29 22:27:15 +00:00
Andy Polyakov
e3c1854b0c TABLE update. 2010-11-29 21:17:54 +00:00
Andy Polyakov
e822c756b6 s390x assembler pack: adapt for -m31 build, see commentary in Configure
for more details.
2010-11-29 20:52:43 +00:00
Dr. Stephen Henson
300b1d76fe apply J-PKAKE fix to HEAD (original by Ben) 2010-11-29 18:32:05 +00:00
Dr. Stephen Henson
ae3fff5034 Some of the MS_STATIC use in crypto/evp is a legacy from the days when
EVP_MD_CTX was much larger: it isn't needed anymore.
2010-11-27 17:37:03 +00:00
Dr. Stephen Henson
d0205686bb PR: 2240
Submitted by: Jack Lloyd <lloyd@randombit.net>, "Mounir IDRASSI" <mounir.idrassi@idrix.net>, steve
Reviewed by: steve

As required by RFC4492 an absent supported points format by a server is
not an error: it should be treated as equivalent to an extension only
containing uncompressed.
2010-11-25 12:27:09 +00:00
Dr. Stephen Henson
290be870d6 using_ecc doesn't just apply to TLSv1 2010-11-25 11:51:31 +00:00
Dr. Stephen Henson
fa71cc7bce fix typo in HMAC redirection, add HMAC INIT tracing 2010-11-24 19:14:59 +00:00
Dr. Stephen Henson
e77906b9fa VERY EXPERIMENTAL HMAC redirection example in OpenSSL ENGINE. Untested at this
stage and probably wont work properly.
2010-11-24 18:32:06 +00:00