Bodo Möller [Fri, 23 Jun 2006 15:21:36 +0000 (15:21 +0000)]
New functions CRYPTO_set_idptr_callback(),
CRYPTO_get_idptr_callback(), CRYPTO_thread_idptr() for a 'void *' type
thread ID, since the 'unsigned long' type of the existing thread ID
does not always work well.
Bodo Möller [Thu, 22 Jun 2006 12:37:28 +0000 (12:37 +0000)]
Change in 0.9.8 branch:
Put ECCdraft ciphersuites back into default build (but disabled
unless specifically requested)
Bodo Möller [Tue, 20 Jun 2006 08:50:42 +0000 (08:50 +0000)]
Remove ECC ciphersuites from 0.9.8 branch (should use 0.9.9 branch)
Bodo Möller [Sun, 18 Jun 2006 22:00:57 +0000 (22:00 +0000)]
Change array representation of binary polynomials to make GF2m part of
the BN library more generally useful.
Submitted by: Douglas Stebila
Bodo Möller [Fri, 16 Jun 2006 01:00:47 +0000 (01:00 +0000)]
another thread-safety fix
Bodo Möller [Thu, 15 Jun 2006 19:58:22 +0000 (19:58 +0000)]
Error messages for client ECC cert verification.
Also, change the default ciphersuite to give some prefererence to
ciphersuites with forwared secrecy (rather than using a random order).
Bodo Möller [Thu, 15 Jun 2006 19:00:34 +0000 (19:00 +0000)]
Call 'print_stuff' even if a handshake failed.
Bodo Möller [Thu, 15 Jun 2006 18:28:00 +0000 (18:28 +0000)]
Fix algorithm handling for ECC ciphersuites: Adapt to recent changes,
and allow more general RSA OIDs for ECC certs with RSA CA sig.
Bodo Möller [Thu, 15 Jun 2006 17:17:06 +0000 (17:17 +0000)]
Fix another new bug in the cipherstring logic.
Bodo Möller [Thu, 15 Jun 2006 16:54:20 +0000 (16:54 +0000)]
Fix another bug introduced yesterday when deleting Fortezza stuff:
make sure 'mask' is initialized in ssl_cipher_get_disabled().
Also simplify code by removing some unused arguments in static functions.
Bodo Möller [Thu, 15 Jun 2006 16:07:10 +0000 (16:07 +0000)]
Oops ... deleted too much in the previous commit when I deleted
the Fortezza stuff
Bodo Möller [Wed, 14 Jun 2006 17:51:46 +0000 (17:51 +0000)]
Disable invalid ciphersuites
Bodo Möller [Wed, 14 Jun 2006 17:40:31 +0000 (17:40 +0000)]
Ciphersuite string bugfixes, and ECC-related (re-)definitions.
Bodo Möller [Wed, 14 Jun 2006 13:58:48 +0000 (13:58 +0000)]
Make sure that AES ciphersuites get priority over Camellia
ciphersuites in the default cipher string.
Bodo Möller [Wed, 14 Jun 2006 08:55:23 +0000 (08:55 +0000)]
Thread-safety fixes
Bodo Möller [Wed, 14 Jun 2006 01:16:22 +0000 (01:16 +0000)]
Fix a bug recently introduced when updating this file to use the new
keygen API: make sure that 'pkey_type' is actually visible to MAIN().
Richard Levitte [Mon, 12 Jun 2006 06:46:18 +0000 (06:46 +0000)]
Keep synchronised with Unix
Bodo Möller [Sun, 11 Jun 2006 01:09:07 +0000 (01:09 +0000)]
Camellia cipher, contributed by NTT
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
Richard Levitte [Sat, 10 Jun 2006 05:38:23 +0000 (05:38 +0000)]
Keep synchronised with the Unix build
Bodo Möller [Fri, 9 Jun 2006 22:29:40 +0000 (22:29 +0000)]
Camellia cipher, contributed by NTT
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
Bodo Möller [Fri, 9 Jun 2006 15:44:59 +0000 (15:44 +0000)]
Camellia cipher, contributed by NTT
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
Dr. Stephen Henson [Tue, 6 Jun 2006 13:27:36 +0000 (13:27 +0000)]
Output MIME parameter micalg according to RFC3851 and RFC4490 instead of hard
coding it to "sha1".
Dr. Stephen Henson [Tue, 6 Jun 2006 12:35:05 +0000 (12:35 +0000)]
Add AES and GOST S/MIME capabilities if algorithms are supported.
Andy Polyakov [Mon, 5 Jun 2006 16:04:09 +0000 (16:04 +0000)]
Fix obvious typo.
Dr. Stephen Henson [Mon, 5 Jun 2006 12:38:22 +0000 (12:38 +0000)]
Clarify comment and add #ifdef.
Dr. Stephen Henson [Mon, 5 Jun 2006 11:52:46 +0000 (11:52 +0000)]
Complete EVP_PKEY_ASN1_METHOD ENGINE support.
Andy Polyakov [Mon, 5 Jun 2006 10:43:41 +0000 (10:43 +0000)]
Sync aes.h with cvs.openssl.org/chngview?cn=15336.
Andy Polyakov [Mon, 5 Jun 2006 10:40:54 +0000 (10:40 +0000)]
Reimplement AES_ofb128_encrypt.
Andy Polyakov [Mon, 5 Jun 2006 10:40:28 +0000 (10:40 +0000)]
Correct logical error in STRICT_ALIGNMENT check and remove copy of
eay licence, as module is practically rewritten from scratch [well,
even original submission was obviously "almost, but not quite,
entirely unlike" any other eay *_cfb.c module, not to mention new
functions].
Andy Polyakov [Mon, 5 Jun 2006 09:42:31 +0000 (09:42 +0000)]
Minor ppc-xlate.pl update.
Andy Polyakov [Mon, 5 Jun 2006 09:37:55 +0000 (09:37 +0000)]
Add sha512-ppc.pl module.
Andy Polyakov [Mon, 5 Jun 2006 09:35:50 +0000 (09:35 +0000)]
Minor sha1-ppc.pl update.
Richard Levitte [Sun, 4 Jun 2006 08:22:25 +0000 (08:22 +0000)]
A few more ENGINE strings that need shortening.
Richard Levitte [Sat, 3 Jun 2006 02:17:49 +0000 (02:17 +0000)]
Synchronise with Unix
Dr. Stephen Henson [Fri, 2 Jun 2006 17:54:47 +0000 (17:54 +0000)]
Make update.
Dr. Stephen Henson [Fri, 2 Jun 2006 17:52:27 +0000 (17:52 +0000)]
Initial public key ASN1 method engine support. Not integrated yet.
Dr. Stephen Henson [Fri, 2 Jun 2006 17:09:17 +0000 (17:09 +0000)]
Automatically free up dynamically allocated public key methods when
and ENGINE is destroyed.
Dr. Stephen Henson [Fri, 2 Jun 2006 13:09:59 +0000 (13:09 +0000)]
Extend default method string to include public key methods.
Add missing prototypes.
Fix engine method lookup.
Dr. Stephen Henson [Fri, 2 Jun 2006 12:37:02 +0000 (12:37 +0000)]
Typo.
Dr. Stephen Henson [Fri, 2 Jun 2006 12:33:39 +0000 (12:33 +0000)]
Add ENGINE support for EVP_PKEY_METHOD including lookups of ENGINE
implementations and functional reference counting when a context
is allocated, free or copied.
Richard Levitte [Thu, 1 Jun 2006 12:50:56 +0000 (12:50 +0000)]
Synchronise with the Unixly build.
Dr. Stephen Henson [Thu, 1 Jun 2006 12:43:39 +0000 (12:43 +0000)]
Fix error code. make update
Dr. Stephen Henson [Thu, 1 Jun 2006 12:38:22 +0000 (12:38 +0000)]
Add missing prototype. Extend engine utility to print public key algorithms.
Dr. Stephen Henson [Thu, 1 Jun 2006 11:38:50 +0000 (11:38 +0000)]
Add engine table for EVP_PKEY_METHOD. Doesn't do much yet.
Richard Levitte [Thu, 1 Jun 2006 10:24:47 +0000 (10:24 +0000)]
Because all object files are now in a file, we don't need to mention
any of them on the linker command line. Besides, OBJECT_FILE now
represents the last compiled file, and using it here only results in
getting warnings about multiple definitions of the symbols in that
file.
Dr. Stephen Henson [Wed, 31 May 2006 17:34:14 +0000 (17:34 +0000)]
New pkey functions for keygen callbacks and retrieving operation type.
Andy Polyakov [Tue, 30 May 2006 07:20:13 +0000 (07:20 +0000)]
Tune up AES CFB. Performance improvement varies from 10% to 50% from
platform to platform. Its absolute value is within few percents
marginal from that of ECB.
Richard Levitte [Sun, 28 May 2006 19:44:27 +0000 (19:44 +0000)]
Use a new signed int ii instead of j (which is unsigned) to handle the
return value from sk_SSL_CIPHER_find().
Richard Levitte [Sun, 28 May 2006 19:39:36 +0000 (19:39 +0000)]
Deal with another name that's longer than 31 characters.
Richard Levitte [Sun, 28 May 2006 19:36:29 +0000 (19:36 +0000)]
rslen is unsigned, so it can never go below 0.
Dr. Stephen Henson [Sun, 28 May 2006 00:49:49 +0000 (00:49 +0000)]
Install openssl.cnf to OPENSSLDIR in mk1mf.pl
Dr. Stephen Henson [Fri, 26 May 2006 17:14:23 +0000 (17:14 +0000)]
Flush p7bio when all data has been copied.
Dr. Stephen Henson [Fri, 26 May 2006 13:27:58 +0000 (13:27 +0000)]
Fix warnings.
Dr. Stephen Henson [Fri, 26 May 2006 12:24:49 +0000 (12:24 +0000)]
Update pkeyutl to use size_t for pkey functions.
Richard Levitte [Thu, 25 May 2006 23:40:04 +0000 (23:40 +0000)]
Signed vs. unsigned conflict
Richard Levitte [Thu, 25 May 2006 23:37:03 +0000 (23:37 +0000)]
There was a problem with too long command lines, so I rebuilt to make
it work better.
Dr. Stephen Henson [Thu, 25 May 2006 16:53:52 +0000 (16:53 +0000)]
Allow any supported cipher to be used with smime -encrypt.
Dr. Stephen Henson [Thu, 25 May 2006 11:44:05 +0000 (11:44 +0000)]
Add prototypes, update Win32 ordinals.
Richard Levitte [Thu, 25 May 2006 10:40:01 +0000 (10:40 +0000)]
Keep in sync with Unix
Dr. Stephen Henson [Thu, 25 May 2006 00:55:00 +0000 (00:55 +0000)]
Update EVP_MD_CTX_copy_ex() to use EVP_PKEY_CTX_dup().
Dr. Stephen Henson [Wed, 24 May 2006 23:49:30 +0000 (23:49 +0000)]
New function to dup EVP_PKEY_CTX. This will be needed to make new signing
functions and EVP_MD_CTX_copy work properly.
Dr. Stephen Henson [Wed, 24 May 2006 17:30:09 +0000 (17:30 +0000)]
New functions for enchanced digest sign/verify.
Dr. Stephen Henson [Wed, 24 May 2006 13:29:32 +0000 (13:29 +0000)]
Fix warnings.
Dr. Stephen Henson [Wed, 24 May 2006 12:33:46 +0000 (12:33 +0000)]
Use size_t for new crypto size parameters.
Dr. Stephen Henson [Mon, 22 May 2006 13:37:16 +0000 (13:37 +0000)]
Fix smime -pk7out.
Dr. Stephen Henson [Mon, 22 May 2006 13:01:01 +0000 (13:01 +0000)]
Add ctrl to EVP_MD and EVP_PKEY_CTX to EVP_MD_CTX. These will be used
for enhanced sign/verify operations.
Andy Polyakov [Sat, 20 May 2006 08:52:34 +0000 (08:52 +0000)]
Tiny up hpux targets.
Dr. Stephen Henson [Thu, 18 May 2006 23:44:44 +0000 (23:44 +0000)]
Add -resign and -md options to smime command to support resigning an
existing structure and using alternative digest for signing.
Dr. Stephen Henson [Thu, 18 May 2006 18:06:03 +0000 (18:06 +0000)]
Code tidy.
Dr. Stephen Henson [Thu, 18 May 2006 17:46:56 +0000 (17:46 +0000)]
Typo.
Dr. Stephen Henson [Thu, 18 May 2006 17:22:31 +0000 (17:22 +0000)]
make update
Dr. Stephen Henson [Thu, 18 May 2006 17:20:23 +0000 (17:20 +0000)]
More S/MIME tidy. Place some common attribute operations in utility
functions.
Dr. Stephen Henson [Thu, 18 May 2006 13:05:20 +0000 (13:05 +0000)]
Remove old digest type hacks for non RSA keys.
Dr. Stephen Henson [Thu, 18 May 2006 12:41:28 +0000 (12:41 +0000)]
Multiple signer support in smime application.
Dr. Stephen Henson [Thu, 18 May 2006 11:54:16 +0000 (11:54 +0000)]
Reformat smime.c utility.
Dr. Stephen Henson [Wed, 17 May 2006 18:46:22 +0000 (18:46 +0000)]
New option to pkcs12 utility to set alternative MAC digest algorithm.
Dr. Stephen Henson [Wed, 17 May 2006 18:24:35 +0000 (18:24 +0000)]
Don't try to print PBE information if it can't be decoded.
Dr. Stephen Henson [Wed, 17 May 2006 18:19:51 +0000 (18:19 +0000)]
PKCS#12 mac key length should equal digest length.
Dr. Stephen Henson [Wed, 17 May 2006 17:17:01 +0000 (17:17 +0000)]
Tidy up of S/MIME code and add new functions which will make is easier
to create S/MIME signed data with multiple signers.
Dr. Stephen Henson [Wed, 17 May 2006 12:47:17 +0000 (12:47 +0000)]
Extended PBES2 function supporting application supplied IV and PRF NID.
Dr. Stephen Henson [Wed, 17 May 2006 12:29:16 +0000 (12:29 +0000)]
Oops...
Dr. Stephen Henson [Wed, 17 May 2006 12:27:45 +0000 (12:27 +0000)]
HMAC OIDs from RFC4231.
Dr. Stephen Henson [Tue, 16 May 2006 12:11:14 +0000 (12:11 +0000)]
Gather keygen options in req and only use them after all other options have
been processed. This allows any ENGINE changing operations to be processed
first (for example a config file).
Dr. Stephen Henson [Mon, 15 May 2006 18:35:13 +0000 (18:35 +0000)]
Add PRF preference ctrl to ciphers.
Dr. Stephen Henson [Mon, 15 May 2006 17:34:36 +0000 (17:34 +0000)]
Change builting PBE to use static table. Add entries for HMAC and MD5, GOST.
Dr. Stephen Henson [Mon, 15 May 2006 13:28:00 +0000 (13:28 +0000)]
Update old **EVIL** PEM_X509_INFO_read_bio() function to correctly assign
private keys.
FIXME: this function should really be rewritten because it is *horrible*.
Dr. Stephen Henson [Mon, 15 May 2006 13:23:15 +0000 (13:23 +0000)]
Bugfix: the NONE string for PBE algorithms wasn't working.
Dr. Stephen Henson [Mon, 15 May 2006 01:26:52 +0000 (01:26 +0000)]
Correctly handle missing DSA parameters.
Dr. Stephen Henson [Mon, 15 May 2006 00:45:10 +0000 (00:45 +0000)]
Add feature to PKCS12_create() if the encryption NID corresponds to a
supported encryption algorithm instead of a PBE NID then use that
algorithm with PBES2.
Dr. Stephen Henson [Sun, 14 May 2006 18:40:53 +0000 (18:40 +0000)]
Extend PBE code to support non default PKCS#5 v2.0 PRFs.
Dr. Stephen Henson [Sun, 14 May 2006 18:35:42 +0000 (18:35 +0000)]
Check for deprecated private key types before PKCS#8 types.
Dr. Stephen Henson [Sun, 14 May 2006 16:50:22 +0000 (16:50 +0000)]
Typo.
Ulf Möller [Sun, 14 May 2006 11:28:00 +0000 (11:28 +0000)]
Add includes in synopsis.
Submitted by: Mike Frysinger <vapier@gentoo.org>
Dr. Stephen Henson [Fri, 12 May 2006 17:11:58 +0000 (17:11 +0000)]
In interactive mode only config OpenSSL once.
Dr. Stephen Henson [Fri, 12 May 2006 16:06:12 +0000 (16:06 +0000)]
Stop warnings about deprecated -mcpu option.
Richard Levitte [Fri, 12 May 2006 15:31:28 +0000 (15:31 +0000)]
make update
Richard Levitte [Fri, 12 May 2006 15:27:52 +0000 (15:27 +0000)]
Someone made a mistake, and some function and reason codes got
duplicate numbers. Renumbering.
Dr. Stephen Henson [Fri, 12 May 2006 00:27:39 +0000 (00:27 +0000)]
Typo.
Dr. Stephen Henson [Thu, 11 May 2006 21:39:00 +0000 (21:39 +0000)]
Update 'req' command to use new keygen API.
Dr. Stephen Henson [Thu, 11 May 2006 21:33:00 +0000 (21:33 +0000)]
New functions to get key types without dereferncing EVP_PKEY.
More error checking for RSA pmeth.