Richard Levitte [Sun, 21 Mar 2004 22:36:27 +0000 (22:36 +0000)]
Make sure fd is defined where it should.
PR: 849
Geoff Thorpe [Wed, 17 Mar 2004 18:30:47 +0000 (18:30 +0000)]
Note my bignum hijinx in case app maintainers are using CHANGES for their
porting efforts. Also, add Richard's name to the prior change.
Geoff Thorpe [Wed, 17 Mar 2004 17:36:54 +0000 (17:36 +0000)]
Variety of belt-tightenings in the bignum code. (Please help test this!)
- Remove some unnecessary "+1"-like fudges. Sizes should be handled
exactly, as enlarging size parameters causes needless bloat and may just
make bugs less likely rather than fixing them: bn_expand() macro,
bn_expand_internal(), and BN_sqr().
- Deprecate bn_dup_expand() - it's new since 0.9.7, unused, and not that
useful.
- Remove unnecessary zeroing of unused bytes in bn_expand2().
- Rewrite BN_set_word() - it should be much simpler, the previous
complexities probably date from old mismatched type issues.
- Add missing bn_check_top() macros in bn_word.c
- Improve some degenerate case handling in BN_[add|sub]_word(), add
comments, and avoid a bignum expansion if an overflow isn't possible.
Dr. Stephen Henson [Tue, 16 Mar 2004 13:51:11 +0000 (13:51 +0000)]
Avoid warnings.
Richard Levitte [Mon, 15 Mar 2004 23:15:26 +0000 (23:15 +0000)]
Constify d2i, s2i, c2i and r2i functions and other associated
functions and macros.
This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const. Those will be removed when this change has been
properly reviewed.
Richard Levitte [Mon, 15 Mar 2004 23:02:55 +0000 (23:02 +0000)]
It was just pointed out to me that it's better to cast to double...
Richard Levitte [Mon, 15 Mar 2004 22:37:08 +0000 (22:37 +0000)]
Make sure that the last argument to RAND_add() is a float, or some
compilers may complain.
Richard Levitte [Mon, 15 Mar 2004 22:33:19 +0000 (22:33 +0000)]
Make sure we use unsigned constants, or come compilers may complain.
Geoff Thorpe [Sat, 13 Mar 2004 23:57:20 +0000 (23:57 +0000)]
Convert openssl code not to assume the deprecated form of BN_zero().
Remove certain redundant BN_zero() initialisations, because BN_CTX_get(),
BN_init(), [etc] already initialise to zero.
Correct error checking in bn_sqr.c, and be less wishy-wash about how/why
the result's 'top' value is set (note also, 'max' is always > 0 at this
point).
Geoff Thorpe [Sat, 13 Mar 2004 23:04:15 +0000 (23:04 +0000)]
The efforts to eliminate the dual-representation of zero and to ensure
bignums are passed in and out of functions and APIs in a consistent form
has highlighted that zero-valued bignums don't need any allocated word
data. The use of BN_set_word() to initialise a bignum to zero causes
needless allocation and gives it a return value that must be checked. This
change converts BN_zero() to a self-contained macro that has no
return/expression value and does not cause any expansion of bignum data.
Note, it would be tempting to rewrite the deprecated version as a
success-valued comma expression, such as;
#define BN_zero(a) ((a)->top = (a)->neg = 0, 1)
However, this evaluates 'a' twice and would confuse initialisation loops
(eg. while(..) { BN_zero(bn++) } ). As such, the deprecated version
continues to use BN_set_word().
Geoff Thorpe [Sat, 13 Mar 2004 22:10:15 +0000 (22:10 +0000)]
Document a change I'd already made, and at the same time, correct the
change to work properly; BN_zero() should set 'neg' to zero as well as
'top' to match the behaviour of BN_new().
Andy Polyakov [Fri, 12 Mar 2004 21:52:54 +0000 (21:52 +0000)]
IRIX 6.x shared build fix-up.
For reference. Note that both cc and gcc support -Wl flag, but we can't
use -Wl,-[not]all with both drivers, because cc rearranges options
passed through -Wl. We can't use -Wl,-all,libcrypto.a,-notall with cc
either, because it refuses to start with "no input" error.
Geoff Thorpe [Wed, 10 Mar 2004 01:20:26 +0000 (01:20 +0000)]
static
Geoff Thorpe [Tue, 9 Mar 2004 03:53:40 +0000 (03:53 +0000)]
Minimise the amount of code dependent on BN_DEBUG_RAND. In particular,
redefine bn_clear_top2max() to be a NOP in the non-debugging case, and
remove some unnecessary usages in bn_nist.c.
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe, Ulf Möller
Geoff Thorpe [Tue, 9 Mar 2004 03:47:35 +0000 (03:47 +0000)]
More changes coming out of the bignum auditing. BN_CTX_get() should ideally
return a "zero" bignum as BN_new() does - so reset 'top'. During
BN_CTX_end(), released bignums should be consistent so enforce this in
debug builds. Also, reduce the number of wasted BN_clear_free() calls from
BN_CTX_end() (typically by 75% or so).
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe, Ulf Möller
Dr. Stephen Henson [Mon, 8 Mar 2004 18:15:32 +0000 (18:15 +0000)]
Fix policy constraints syntax.
Dr. Stephen Henson [Mon, 8 Mar 2004 13:56:31 +0000 (13:56 +0000)]
Support for inhibitAnyPolicy extension.
Ulf Möller [Sat, 6 Mar 2004 08:43:36 +0000 (08:43 +0000)]
typo
Dr. Stephen Henson [Fri, 5 Mar 2004 23:47:56 +0000 (23:47 +0000)]
Cleanup ASN1 OID module when it exits.
Dr. Stephen Henson [Fri, 5 Mar 2004 23:46:29 +0000 (23:46 +0000)]
Call autoconfig code in pkcs7 utility.
Dr. Stephen Henson [Fri, 5 Mar 2004 23:39:42 +0000 (23:39 +0000)]
Memory leak fix.
Dr. Stephen Henson [Fri, 5 Mar 2004 17:16:35 +0000 (17:16 +0000)]
Various X509 fixes. Disable broken certificate workarounds
when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in
CRL issuer certificates. Reject CRLs with unhandled (any)
critical extensions.
Dr. Stephen Henson [Thu, 4 Mar 2004 21:44:39 +0000 (21:44 +0000)]
Typos.
Reported by: Jose Castejon-Amenedo <Jose.Castejon-Amenedo@hp.com>
Richard Levitte [Thu, 4 Mar 2004 07:47:40 +0000 (07:47 +0000)]
Make our page with pointers to binary distributions visible in the FAQ
Dr. Stephen Henson [Tue, 2 Mar 2004 13:39:23 +0000 (13:39 +0000)]
Indent some of the code examples.
Dr. Stephen Henson [Tue, 2 Mar 2004 13:31:32 +0000 (13:31 +0000)]
Config docs.
Dr. Stephen Henson [Tue, 2 Mar 2004 01:01:11 +0000 (01:01 +0000)]
Documentation of the KISS autoconfig functions.
Dr. Stephen Henson [Mon, 1 Mar 2004 19:15:24 +0000 (19:15 +0000)]
More autoconfig docs.
Richard Levitte [Mon, 1 Mar 2004 14:58:22 +0000 (14:58 +0000)]
Avoid a memory leak in OCSP_parse_url().
Notified by Paul Siegel <psiegel@corestreet.com>
Dr. Stephen Henson [Mon, 1 Mar 2004 01:04:40 +0000 (01:04 +0000)]
Initial docs for the OpenSSL library configuration via openssl.cnf
Geoff Thorpe [Fri, 27 Feb 2004 23:03:23 +0000 (23:03 +0000)]
Add ECDSA documentation.
Submitted by: Nils Larsch
Richard Levitte [Fri, 27 Feb 2004 02:24:49 +0000 (02:24 +0000)]
AES is spelled AES, not ASE. Oops...
Richard Levitte [Thu, 26 Feb 2004 22:07:45 +0000 (22:07 +0000)]
Make sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also.
PR: 833
Richard Levitte [Thu, 26 Feb 2004 21:44:41 +0000 (21:44 +0000)]
Document the AES options for 'openssl smime'.
PR: 834
Geoff Thorpe [Sun, 22 Feb 2004 19:32:53 +0000 (19:32 +0000)]
A cleanup of the ecs_ossl.c code and some (doxygen) comments for ecdsa.h
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
Geoff Thorpe [Sun, 22 Feb 2004 19:30:41 +0000 (19:30 +0000)]
When adding positive elements, we can use BN_uadd() instead of BN_add().
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
Dr. Stephen Henson [Thu, 19 Feb 2004 18:16:38 +0000 (18:16 +0000)]
Use an OCTET STRING for the encoding of an OCSP nonce value.
The old raw format can't be handled by some implementations
and updates to RFC2560 will make this mandatory.
Geoff Thorpe [Tue, 10 Feb 2004 18:46:10 +0000 (18:46 +0000)]
minor signed/unsigned warning fixes
Dr. Stephen Henson [Sun, 8 Feb 2004 13:30:04 +0000 (13:30 +0000)]
Fix handling of -offset and -length in asn1parse tool.
If -offset exceeds -length of data available exit with an error.
Don't read past end of total data available when -offset supplied.
If -length exceeds total available truncate it.
Andy Polyakov [Sat, 7 Feb 2004 09:51:28 +0000 (09:51 +0000)]
Typo in crypto/bn/asm/x86_64.c, bn_div_words().
PR: 821
Dr. Stephen Henson [Sun, 1 Feb 2004 13:39:51 +0000 (13:39 +0000)]
Add flag to avoid continuous
memory allocate when calling EVP_MD_CTX_copy_ex().
Without this HMAC is several times slower than
< 0.9.7.
Andy Polyakov [Fri, 30 Jan 2004 05:41:23 +0000 (05:41 +0000)]
Typo in PA-RISC 2 rules in crypto/bn/Makefile.ssl
Andy Polyakov [Thu, 29 Jan 2004 22:16:08 +0000 (22:16 +0000)]
HP/UX PA-RISC 2 targets update.
Richard Levitte [Thu, 29 Jan 2004 11:24:32 +0000 (11:24 +0000)]
Remove typos
Richard Levitte [Thu, 29 Jan 2004 10:56:18 +0000 (10:56 +0000)]
-Wtraditional was a little too much...
Richard Levitte [Thu, 29 Jan 2004 02:55:43 +0000 (02:55 +0000)]
Typo
Richard Levitte [Thu, 29 Jan 2004 00:05:09 +0000 (00:05 +0000)]
In the development branch, it feels quite all right to warn on a lot
more stuff.
Richard Levitte [Wed, 28 Jan 2004 19:07:41 +0000 (19:07 +0000)]
make update
Richard Levitte [Wed, 28 Jan 2004 19:05:35 +0000 (19:05 +0000)]
Add the missing parts for DES CFB1 and CFB8.
Add the corresponding AES parts while I'm at it.
make update
Richard Levitte [Wed, 28 Jan 2004 18:38:33 +0000 (18:38 +0000)]
make update
Richard Levitte [Wed, 28 Jan 2004 08:48:11 +0000 (08:48 +0000)]
Unsigned vs. signed problem removed
Andy Polyakov [Tue, 27 Jan 2004 22:06:48 +0000 (22:06 +0000)]
#undef _POSIX_C_SOURCE in ui_openssl.c ruined IRIX builds. Comment on why
_POSIX_C_SOURCE needed in first place.
Andy Polyakov [Tue, 27 Jan 2004 21:47:35 +0000 (21:47 +0000)]
CFB DES sync-up with FIPS branch.
Richard Levitte [Tue, 27 Jan 2004 01:16:38 +0000 (01:16 +0000)]
Avoid signed vs. unsigned warnings (which are treated like errors on
Windows).
Richard Levitte [Mon, 26 Jan 2004 23:45:32 +0000 (23:45 +0000)]
S_IFBLK and S_IFCHR may not exist in some places (like Windows), so
let's check for those macros, and if they aren't defined, let's assume
there aren't Unixly devices on this platform.
Andy Polyakov [Sun, 25 Jan 2004 10:53:43 +0000 (10:53 +0000)]
Even though C specification explicitly says that constant type "stretches"
automatically to accomodate the value, some compilers fail to do so. Most
notably 0x0123456789ABCDEF should come out as long long in 32-bit context,
but HP compiler truncates it to 32-bit value. Which in turn breaks GF(2^m)
arithmetics in hpux-parisc2-cc build. Therefore this fix...
Andy Polyakov [Sat, 24 Jan 2004 16:51:59 +0000 (16:51 +0000)]
Fix declaration inconsistency in ecparam.c.
Andy Polyakov [Sat, 24 Jan 2004 16:31:21 +0000 (16:31 +0000)]
Get rid of bogus warning when compiling with Sun vendor compiler.
Richard Levitte [Sat, 24 Jan 2004 01:16:02 +0000 (01:16 +0000)]
We're passed p, so let's use p instead of making assumptions.
Richard Levitte [Thu, 22 Jan 2004 22:36:46 +0000 (22:36 +0000)]
Typo...
Dr. Stephen Henson [Wed, 21 Jan 2004 13:08:11 +0000 (13:08 +0000)]
Replace expired certificate.
Andy Polyakov [Wed, 21 Jan 2004 08:17:08 +0000 (08:17 +0000)]
SHA-1 assembler tune-up for Intel P4
Richard Levitte [Sat, 10 Jan 2004 18:04:38 +0000 (18:04 +0000)]
Adding a slash between the directoryt and the file is a problem with
VMS. The C RTL can handle it well if the "directory" is a logical
name with no colon, therefore ending being 'logname/file'. However,
if the given logical names actually has a colon, or if you use a full
VMS-syntax directory, you end up with 'logname:/file' or
'dev:[dir1.dir2]/file', and that isn't handled in any good way.
So, on VMS, we need to check if the directory string ends with a
separator (one of ':', ']' or '>' (< and > can be used instead [ and
])), and handle that by not inserting anything between the directory
spec and the file name. In all other cases, it's assumed the
directory spec is a logical name, so we need to place a colon between
it and the file.
Notified by Kevin Greaney <kevin.greaney@hp.com>.
Lutz Jänicke [Thu, 8 Jan 2004 07:46:37 +0000 (07:46 +0000)]
Cover all DSA setups when running tests
PR: #748
Submitted by: Kirill Kochetkov <kochet@ixbt.com>
Lutz Jänicke [Thu, 8 Jan 2004 07:38:15 +0000 (07:38 +0000)]
Updates to s_time manual page
PR: #570
Submitted by: Martin Witzel <MWITZEL@de.ibm.com>
Lutz Jänicke [Sun, 4 Jan 2004 18:59:14 +0000 (18:59 +0000)]
Add s_time manual page
Submitted by: "Martin Witzel" <MWITZEL@de.ibm.com>
PR: #570
Lutz Jänicke [Sun, 4 Jan 2004 18:05:50 +0000 (18:05 +0000)]
Update URI
Submitted by: Gertjan van Oosten <gertjan@West.NL>
PR: #804
Lutz Jänicke [Sun, 4 Jan 2004 17:53:21 +0000 (17:53 +0000)]
unintptr_t and <inttypes.h> are not strictly portable with respect to
ANSI C 89.
Undo change to maintain compatibility.
Richard Levitte [Sat, 27 Dec 2003 16:13:18 +0000 (16:13 +0000)]
Fix Perl problems on sparc64.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
Richard Levitte [Sat, 27 Dec 2003 16:10:30 +0000 (16:10 +0000)]
Avoid including cryptlib.h, it's not really needed.
Check if IDEA is being built or not.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
Richard Levitte [Sat, 27 Dec 2003 16:07:20 +0000 (16:07 +0000)]
Only use environment variables if uid and gid are the same as euid and egid.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
Richard Levitte [Sat, 27 Dec 2003 16:02:22 +0000 (16:02 +0000)]
Check if a random "file" is really a device file, and treat it
specially if it is.
Add a few OpenBSD-specific cases.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
Richard Levitte [Sat, 27 Dec 2003 15:04:54 +0000 (15:04 +0000)]
Correct documentation typos.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
Richard Levitte [Sat, 27 Dec 2003 15:02:56 +0000 (15:02 +0000)]
OpenBSD-internal changes.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
Richard Levitte [Sat, 27 Dec 2003 14:59:07 +0000 (14:59 +0000)]
Use sh explicitely to run point.sh
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
Richard Levitte [Sat, 27 Dec 2003 14:54:48 +0000 (14:54 +0000)]
Include strings.h so strcasecmp() and strncasecmp() get properly declared.
Richard Levitte [Sat, 27 Dec 2003 14:40:17 +0000 (14:40 +0000)]
Use BUF_strlcpy() instead of strcpy().
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
Richard Levitte [Sat, 27 Dec 2003 14:26:14 +0000 (14:26 +0000)]
Add a newline at the end of the last line.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
Dr. Stephen Henson [Sat, 20 Dec 2003 22:48:21 +0000 (22:48 +0000)]
Typos.
Richard Levitte [Thu, 11 Dec 2003 18:01:03 +0000 (18:01 +0000)]
To figure out if we're going outside the buffer, use the size of the buffer,
not the size of the integer used to index in said buffer.
PR: 794
Notified by: Rhett Garber <rhett_garber@hp.com>
Richard Levitte [Wed, 10 Dec 2003 14:31:55 +0000 (14:31 +0000)]
Document that you need to include x509.h (to get [i2d|d2i]_RSA_PUBKEY()).
Correct the typo PUKEY...
Richard Levitte [Wed, 10 Dec 2003 13:57:51 +0000 (13:57 +0000)]
Document that you need to include x509.h (to get [i2d|d2i]_DSA_PUBKEY()).
Correct the typo PUKEY...
Ulf Möller [Sat, 6 Dec 2003 11:55:46 +0000 (11:55 +0000)]
Add "dif" variable to clean up the loop implementations.
Submitted by: Nils Larsch
Ulf Möller [Sat, 6 Dec 2003 11:41:22 +0000 (11:41 +0000)]
Skip a curve with generator of non-prime order.
Submitted by: Nils Larsch
Ulf Möller [Sat, 6 Dec 2003 11:39:37 +0000 (11:39 +0000)]
Avoid segfault if ret==0.
Submitted by: Nils Larsch
Lutz Jänicke [Wed, 3 Dec 2003 16:29:41 +0000 (16:29 +0000)]
Restructure make targets to allow parallel make.
Submitted by: Witold Filipczyk <witekfl@poczta.gazeta.pl>
PR: #513
Geoff Thorpe [Tue, 2 Dec 2003 20:01:30 +0000 (20:01 +0000)]
Incremental cleanups to bn_lib.c.
- Add missing bn_check_top() calls and relocate some others
- Use BN_is_zero() where appropriate
- Remove assert()s that bn_check_top() is already covering
- Simplify the code in places (esp. bn_expand2())
- Only keep ambiguous zero handling if BN_STRICT isn't defined
- Remove some white-space and make some other aesthetic tweaks
Geoff Thorpe [Tue, 2 Dec 2003 03:28:24 +0000 (03:28 +0000)]
Use the BN_is_odd() macro in place of code that (inconsistently) does much
the same thing.
Also, I have some stuff on the back-burner related to some BN_CTX notes
from Peter Gutmann about his cryptlib hacks to the bignum code. The BN_CTX
comments are there to remind me of some relevant points in the code.
Geoff Thorpe [Tue, 2 Dec 2003 03:16:56 +0000 (03:16 +0000)]
BN_FLG_FREE is of extremely dubious usefulness, and is only referred to
once in the source (where it is set for the benefit of no other code
whatsoever). I've deprecated the declaration in the header and likewise
made the use of the flag conditional in bn_lib.c. Note, this change also
NULLs the 'd' pointer in a BIGNUM when it is reset but not deallocated.
Geoff Thorpe [Mon, 1 Dec 2003 23:13:17 +0000 (23:13 +0000)]
Declare the static BIGNUM "BN_value_one()" more carefully.
Geoff Thorpe [Mon, 1 Dec 2003 23:11:45 +0000 (23:11 +0000)]
Add missing bn_check_top()s to bn_kron.c, remove some miscellaneous
white-space, and include extra headers to satisfy debugging builds.
Geoff Thorpe [Mon, 1 Dec 2003 23:10:21 +0000 (23:10 +0000)]
Add missing bn_check_top()s to bn_gf2m.c and remove some miscellaneous
white-space.
Geoff Thorpe [Mon, 1 Dec 2003 22:11:08 +0000 (22:11 +0000)]
The bn_set_max() macro is only "used" by the bn_set_[low|high]() macros
which, in turn, are used nowhere at all. This is a good thing because
bn_set_max() would currently generate code that wouldn't compile (BIGNUM
has no 'max' element).
The only apparent use for bn_set_[low|high] would be for implementing
windowing algorithms, and all of openssl's seem to use bn_***_words()
helpers instead (including the BN_div() that Nils fixed recently, which had
been using independently-coded versions of what these unused macros are
intended for). I'm therefore consigning these macros to cvs oblivion in the
name of readability.
Geoff Thorpe [Mon, 1 Dec 2003 21:59:40 +0000 (21:59 +0000)]
bn_fix_top() exists for compatibility's sake and is mapped to
bn_correct_top() or bn_check_top() depending on debug settings. For
internal source, all bn_fix_top()s should be converted one way or the other
depending on whether the use of bn_correct_top() is justified.
For BN_div_recp(), these cases should not require correction if the other
bignum functions are doing their jobs properly, so convert to
bn_check_top().
Richard Levitte [Mon, 1 Dec 2003 13:25:37 +0000 (13:25 +0000)]
It was pointed out to me that if the requested size is 0, we shouldn't
ty to allocate anything at all. This will allow eNULL to still work.
PR: 751
Notified by: Lutz Jaenicke
Richard Levitte [Mon, 1 Dec 2003 12:11:55 +0000 (12:11 +0000)]
Check that OPENSSL_malloc() really returned some memory.
PR: 751
Notified by: meder@mcs.anl.gov
Reviewed by: Lutz Jaenicke, Richard Levitte
Richard Levitte [Mon, 1 Dec 2003 12:06:15 +0000 (12:06 +0000)]
CRYPTO_malloc(), CRYPTO_realloc() and variants of them should return NULL
if the give size is 0.
This is a thought that came up in PR 751.
Lutz Jänicke [Mon, 1 Dec 2003 08:12:47 +0000 (08:12 +0000)]
Some more ASFLAGS settings required
PR: #735
Submitted by: Tim Rice <tim@multitalents.net>
Geoff Thorpe [Sun, 30 Nov 2003 23:29:27 +0000 (23:29 +0000)]
Add more debugging to my Configure target, and "make update" to incorporate
this and a few other changes.
Geoff Thorpe [Sun, 30 Nov 2003 22:23:12 +0000 (22:23 +0000)]
If BN_STRICT is defined, don't accept an ambiguous representation of zero
(ie. where top may be zero, or it may be one if the corresponding word is
set to zero). Note, this only affects the macros in bn.h, there are probably
similar corrections required in some c files.
Also, clarify the audit-related macros at the top of the header. Mental
note: I must not forget to clean all this out before 0.9.8 is released ...