Dr. Stephen Henson [Wed, 23 Jul 2003 00:10:43 +0000 (00:10 +0000)]
Avoid clashes with Win32 names in WinCrypt.h
Bodo Möller [Tue, 22 Jul 2003 12:34:21 +0000 (12:34 +0000)]
updates for draft-ietf-tls-ecc-03.txt
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
Bodo Möller [Tue, 22 Jul 2003 10:39:10 +0000 (10:39 +0000)]
add test for secp160r1
add code for kP+lQ timings
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
Reviewed by: Bodo Moeller
Bodo Möller [Mon, 21 Jul 2003 15:17:46 +0000 (15:17 +0000)]
tolerate extra data at end of client hello for SSL 3.0
PR: 659
Bodo Möller [Mon, 21 Jul 2003 15:08:01 +0000 (15:08 +0000)]
fix: 0.9.7 is based on 0.9.6h, not on 0.9.6k
typo in 0.9.6k section
Bodo Möller [Mon, 21 Jul 2003 13:43:28 +0000 (13:43 +0000)]
new function EC_GROUP_cmp() (used by EVP_PKEY_cmp())
Submitted by: Nils Larsch
Bodo Möller [Mon, 21 Jul 2003 13:40:02 +0000 (13:40 +0000)]
manpages for 'openssl ec' and 'openssl ecparam'
Submitted by: Nils Larsch
Richard Levitte [Thu, 10 Jul 2003 08:49:03 +0000 (08:49 +0000)]
A document that has a very rough description of the X509
functionality. This is mostly so there's a way to get from the
crypto.html page to the function descriptions.
Richard Levitte [Fri, 4 Jul 2003 15:45:04 +0000 (15:45 +0000)]
Replace CCITT with ITU-T. Keep CCITT around as an alias.
make update
PR: 80
Richard Levitte [Fri, 4 Jul 2003 11:41:13 +0000 (11:41 +0000)]
Make sure openssl.pc is readable by everyone.
PR: 654
Richard Levitte [Fri, 4 Jul 2003 11:37:50 +0000 (11:37 +0000)]
The counter is big-endian. Since it comes as an array of char,
there's absolutely no need to special-case it on little-endian
machines.
Notified by Thierry Boivin <Thierry.Boivin@celsecat.com>
Richard Levitte [Thu, 3 Jul 2003 20:50:44 +0000 (20:50 +0000)]
Oops, I forgot to replace 'counter' with 'ivec' when used...
Richard Levitte [Thu, 3 Jul 2003 20:45:09 +0000 (20:45 +0000)]
Add -issuer_hash and make -subject_hash the default way to get the
subject hash, with -hash a synonym kept around for backward
compatibility reasons.
PR: 650
Richard Levitte [Thu, 3 Jul 2003 07:46:52 +0000 (07:46 +0000)]
The convenience argumetn for -nameopt and -certopt is ca_default, not
default_ca.
PR: 653
Richard Levitte [Thu, 3 Jul 2003 06:42:43 +0000 (06:42 +0000)]
The 'counter' is really the IV.
Richard Levitte [Thu, 3 Jul 2003 06:41:30 +0000 (06:41 +0000)]
Change AES-CTR to increment the IV by 1 instead of 2^64.
Lutz Jänicke [Thu, 26 Jun 2003 14:03:03 +0000 (14:03 +0000)]
Clarify wording of verify_callback() behaviour.
Richard Levitte [Thu, 26 Jun 2003 11:58:02 +0000 (11:58 +0000)]
Only remove old files if they exist. [Maing32].
Notified by Michael Gerdau <mgd@technosis.de>
Richard Levitte [Thu, 26 Jun 2003 11:52:23 +0000 (11:52 +0000)]
Nils Larsch told me I could remove that variable entirely.
Richard Levitte [Thu, 26 Jun 2003 10:27:11 +0000 (10:27 +0000)]
make update
Richard Levitte [Thu, 26 Jun 2003 10:26:42 +0000 (10:26 +0000)]
Implement missing functions.
Have the f parameter to _ctrl functions have the prototype (*)(void)
rather than (*)(), for the sake of C++ compilers.
Disable unimplemented functionality.
Richard Levitte [Thu, 26 Jun 2003 10:23:00 +0000 (10:23 +0000)]
"Remove" unused variable
Richard Levitte [Thu, 26 Jun 2003 07:10:10 +0000 (07:10 +0000)]
Conform with the standard prototype for engine control functions.
Richard Levitte [Thu, 26 Jun 2003 07:05:19 +0000 (07:05 +0000)]
Scan through the engines directory as well.
Richard Levitte [Thu, 26 Jun 2003 07:03:49 +0000 (07:03 +0000)]
The definition of dynamic_ctrl() should change along with the
declaration :-).
Bodo Möller [Wed, 25 Jun 2003 21:35:05 +0000 (21:35 +0000)]
implement PKCS #8 / SEC1 private key format for ECC
Submitted by: Nils Larsch
Dr. Stephen Henson [Tue, 24 Jun 2003 17:11:44 +0000 (17:11 +0000)]
Return EOF when an S/MIME part have been read.
Richard Levitte [Fri, 20 Jun 2003 00:57:18 +0000 (00:57 +0000)]
Make sure the compiler knows we run with pedantic settings.
Richard Levitte [Thu, 19 Jun 2003 23:00:50 +0000 (23:00 +0000)]
make update
Richard Levitte [Thu, 19 Jun 2003 19:04:13 +0000 (19:04 +0000)]
Document the last change.
PR: 587
Richard Levitte [Thu, 19 Jun 2003 19:01:05 +0000 (19:01 +0000)]
Prepare for changes in the 0.9.6 branch
Richard Levitte [Thu, 19 Jun 2003 18:59:27 +0000 (18:59 +0000)]
Prepare for changes in the 0.9.6 branch
Richard Levitte [Thu, 19 Jun 2003 18:55:50 +0000 (18:55 +0000)]
We set the export flag for 512 *bit* keys, not 512 *byte* ones.
PR: 587
Richard Levitte [Thu, 19 Jun 2003 17:52:57 +0000 (17:52 +0000)]
Add documentation for the new crlnumber configuration option.
Richard Levitte [Thu, 19 Jun 2003 17:50:37 +0000 (17:50 +0000)]
Typo.
Richard Levitte [Thu, 19 Jun 2003 17:40:16 +0000 (17:40 +0000)]
Implement CRL numbers.
Contributed in whole by Laurent Genier <Laurent.Genier@intrinsec.com>
PR: 644
Richard Levitte [Thu, 19 Jun 2003 16:57:38 +0000 (16:57 +0000)]
dynamic_ctrl() didn't have exactly the same prototype as defined by
ENGINE_CTRL_FUNC_PTR.
Richard Levitte [Thu, 19 Jun 2003 16:56:48 +0000 (16:56 +0000)]
Unsigned vs. signed fixed.
Richard Levitte [Thu, 19 Jun 2003 16:56:19 +0000 (16:56 +0000)]
EXIT() should mainly be exit(n), not return(n). OPENSSL_EXIT() will
take care of returning if necessary.
Richard Levitte [Wed, 18 Jun 2003 07:14:52 +0000 (07:14 +0000)]
Add the application data type to the README.
Richard Levitte [Wed, 18 Jun 2003 07:12:28 +0000 (07:12 +0000)]
Missing string and potential memory leaks.
Notified by Goetz Babin-Ebell <goetz@shomitefo.de>
Richard Levitte [Thu, 12 Jun 2003 21:32:54 +0000 (21:32 +0000)]
Slightly better check of attributes. Now, mem_list_next can actually stop when the searched for key doesn't have it's attributes within the range of the checked key.
Richard Levitte [Thu, 12 Jun 2003 18:13:27 +0000 (18:13 +0000)]
Beautify
Richard Levitte [Thu, 12 Jun 2003 01:04:05 +0000 (01:04 +0000)]
Typo.
PR: 584
Richard Levitte [Thu, 12 Jun 2003 00:57:25 +0000 (00:57 +0000)]
Do not try to use non-existent gmtime_r() on SunOS4.
PR: 585
Richard Levitte [Thu, 12 Jun 2003 00:56:27 +0000 (00:56 +0000)]
Make sure ssize_t is defined on SunOS4.
PR: 585
Richard Levitte [Thu, 12 Jun 2003 00:51:54 +0000 (00:51 +0000)]
Make sure DSO-dlfcn works properly on SunOS4.
PR: 585
Richard Levitte [Wed, 11 Jun 2003 22:45:53 +0000 (22:45 +0000)]
Typo.
PR: 593
Richard Levitte [Wed, 11 Jun 2003 22:42:28 +0000 (22:42 +0000)]
Add the possibility to have symbols loaded globally with DSO.
Richard Levitte [Wed, 11 Jun 2003 22:27:19 +0000 (22:27 +0000)]
make update
Richard Levitte [Wed, 11 Jun 2003 22:26:02 +0000 (22:26 +0000)]
Avoid warnings saying that the format takes a void*.
Richard Levitte [Wed, 11 Jun 2003 21:47:21 +0000 (21:47 +0000)]
Remove unused variable
Richard Levitte [Wed, 11 Jun 2003 21:22:30 +0000 (21:22 +0000)]
Add an entry for X509_TRUST_OBJECT_SIGN in trstandard[].
PR: 617
Richard Levitte [Wed, 11 Jun 2003 20:51:49 +0000 (20:51 +0000)]
Add documentation for ERR_set_mark() and ERR_pop_to_mark().
Richard Levitte [Wed, 11 Jun 2003 20:49:58 +0000 (20:49 +0000)]
Add functionality to set marks on the error stack and to pop all errors to the next mark.
Richard Levitte [Wed, 11 Jun 2003 19:44:37 +0000 (19:44 +0000)]
Handle des_modes.pod properly.
PR: 634
Richard Levitte [Wed, 11 Jun 2003 18:43:45 +0000 (18:43 +0000)]
Make sure to NUL-terminate the string on end-of-file (and error)
PR: 643
Richard Levitte [Wed, 11 Jun 2003 04:46:08 +0000 (04:46 +0000)]
Add crypto/store to the directories to look through.
Richard Levitte [Tue, 10 Jun 2003 04:42:38 +0000 (04:42 +0000)]
Document the AES_cbc_encrypt() change
Richard Levitte [Tue, 10 Jun 2003 04:11:42 +0000 (04:11 +0000)]
The output from AES_cbc_encrypt() should be exact multiple blocks when encrypting
Richard Levitte [Mon, 9 Jun 2003 07:56:18 +0000 (07:56 +0000)]
Typo
Geoff Thorpe [Fri, 6 Jun 2003 17:51:34 +0000 (17:51 +0000)]
This memset() in the ubsec ENGINE is a bug. Zeroing out the result array
should not be necessary in any case, but more importantly the result and
input BIGNUMs could be the same, in which case this is clearly a problem.
Submitted by: Jonathan Hersch
Reviewed by: Joe Orton
Approved by: Geoff Thorpe
Richard Levitte [Wed, 4 Jun 2003 09:13:19 +0000 (09:13 +0000)]
Make sure the sigaction structure and fileno function are properly declared with an ANSI compiler on Solaris (and possibly others).
Richard Levitte [Wed, 4 Jun 2003 09:11:44 +0000 (09:11 +0000)]
Remove extra ;
Richard Levitte [Wed, 4 Jun 2003 09:11:15 +0000 (09:11 +0000)]
Make sure the function definitions match their declaration.
Richard Levitte [Wed, 4 Jun 2003 09:10:43 +0000 (09:10 +0000)]
Make sure that size_t matches size_t.
Richard Levitte [Wed, 4 Jun 2003 09:10:11 +0000 (09:10 +0000)]
Make sure debug-solaris-sparcv9-gcc is consistent with solaris-sparcv9-gcc.
Dr. Stephen Henson [Wed, 4 Jun 2003 00:40:05 +0000 (00:40 +0000)]
Really get X509_CRL_CHECK_ALL right this time...
Lutz Jänicke [Tue, 3 Jun 2003 09:59:44 +0000 (09:59 +0000)]
Clarify return value of SSL_connect() and SSL_accept() in case of the
WANT_READ and WANT_WRITE conditions.
Dr. Stephen Henson [Tue, 3 Jun 2003 00:16:47 +0000 (00:16 +0000)]
Update CHANGES to reflect base64 fix added to 0.9.7
Dr. Stephen Henson [Mon, 2 Jun 2003 17:53:42 +0000 (17:53 +0000)]
Only count 'LF' as EOL in pk7_mime.c, this avoids incorrect
results if CR+LF straddles the line buffer.
Dr. Stephen Henson [Mon, 2 Jun 2003 01:12:01 +0000 (01:12 +0000)]
Stop checking for CRLF when start of buffer is reached.
Add rest of long line fix which got missed before
Dr. Stephen Henson [Sun, 1 Jun 2003 20:51:58 +0000 (20:51 +0000)]
Various S/MIME bug and compatibility fixes.
Lutz Jänicke [Fri, 30 May 2003 07:45:07 +0000 (07:45 +0000)]
Clarify ordering of certificates when using certificate chains
Richard Levitte [Thu, 29 May 2003 22:22:30 +0000 (22:22 +0000)]
Include openssl/e_os.h so OPENSSL_SYSNAME_ULTRASPARC and other configuration
macros get properly defined.
Richard Levitte [Thu, 29 May 2003 22:20:47 +0000 (22:20 +0000)]
Have ASFLAGS be defined the same way as CFLAGS
Richard Levitte [Thu, 29 May 2003 20:59:38 +0000 (20:59 +0000)]
PR: 630
Avoid looking outside the key_data array.
Lutz Jänicke [Wed, 28 May 2003 20:24:57 +0000 (20:24 +0000)]
Add minimum POP3 STLS hack to s_client.c (as was provided for STARTTLS before)
Submitted by: dg@sunet.ru (Daniel Ginsburg)
PR: #613
Lutz Jänicke [Wed, 28 May 2003 19:56:46 +0000 (19:56 +0000)]
Move header file inclusion to prevent irritation of users forgetting to
call "make depend" after enabling or disabling ciphers...
Submitted by: Tal Mozes <talm@cyber-ark.com>
PR: #628
Dr. Stephen Henson [Wed, 28 May 2003 17:28:11 +0000 (17:28 +0000)]
PR: 627
Allocate certificatePolicies correctly if CPS field is absent.
Fix various memory leaks in certificatePolicies.
Dr. Stephen Henson [Wed, 28 May 2003 16:57:08 +0000 (16:57 +0000)]
PR: 631
Submitted by: Doug Sauder <dws+001@hunnysoft.com>
Fix bug in X509V3_get_d2i() when idx in not NULL.
Richard Levitte [Wed, 28 May 2003 10:34:29 +0000 (10:34 +0000)]
Make sure to compare unsigned against unsigned.
Richard Levitte [Fri, 23 May 2003 09:08:59 +0000 (09:08 +0000)]
Brackets are now allowed, after a small hack in the processing of the
docs-on-web.
Richard Levitte [Wed, 21 May 2003 14:29:13 +0000 (14:29 +0000)]
Fix sign bugs.
PR: 621
Richard Levitte [Wed, 21 May 2003 14:21:26 +0000 (14:21 +0000)]
Correct signedness
Richard Levitte [Wed, 21 May 2003 08:40:06 +0000 (08:40 +0000)]
Make sure EC_window_bits_for_scalar_size() returns a size_t
Richard Levitte [Wed, 21 May 2003 06:50:51 +0000 (06:50 +0000)]
I have no idea how I cut away that piece of text...
Richard Levitte [Tue, 20 May 2003 09:00:59 +0000 (09:00 +0000)]
I don't remember what my thinking was with str_compat.h. Maybe it'll
come back to me...
Richard Levitte [Tue, 20 May 2003 08:59:37 +0000 (08:59 +0000)]
make update
Richard Levitte [Tue, 20 May 2003 08:50:18 +0000 (08:50 +0000)]
Misspelled functions.
Richard Levitte [Tue, 20 May 2003 08:49:12 +0000 (08:49 +0000)]
Some misspelled function names.
Richard Levitte [Mon, 19 May 2003 23:06:09 +0000 (23:06 +0000)]
Make the function STORE_new_engine() public.
Richard Levitte [Mon, 19 May 2003 23:03:43 +0000 (23:03 +0000)]
Remove certain functions
Dr. Stephen Henson [Mon, 19 May 2003 21:28:49 +0000 (21:28 +0000)]
The square brackets in BIO_s_bio.pod for some
reason cause wml to bomb out with the error
message:
** Slice:Error: Some slices were not closed:
** WML:Break: Error in Pass 9 (rc=1).
** WMK:Error: Error in WML (rc=256)
As a workaround delete them for now.
Dr. Stephen Henson [Sun, 18 May 2003 23:10:46 +0000 (23:10 +0000)]
Fix docs.
Dr. Stephen Henson [Wed, 7 May 2003 23:20:58 +0000 (23:20 +0000)]
Add correct DN entry for serialNumber.
Richard Levitte [Wed, 7 May 2003 21:17:30 +0000 (21:17 +0000)]
Define the two authentication parameter types for passphrase and
Kerberos 5 authentications.
Richard Levitte [Wed, 7 May 2003 21:06:15 +0000 (21:06 +0000)]
Add the possibility to hand execution parameters (for example
authentication material) to the STORE functions.
Suggested by Götz Babin-Ebell <babin-ebell@trustcenter.de>.
Richard Levitte [Wed, 7 May 2003 12:02:31 +0000 (12:02 +0000)]
/usr/lib/pkgconfig/openssl.pc was never installed in the RPM.
Notified by Bennett Todd <bet@rahul.net>.
Richard Levitte [Wed, 7 May 2003 11:38:10 +0000 (11:38 +0000)]
DO NOT constify RSA* in RSA_sign() and RSA_verify(), since there are function
called downstream that need it to be non-const. The fact that the RSA_METHOD
functions take the RSA* as a const doesn't matter, it just expresses that
*they* won't touch it.
PR: 602