mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-09 05:51:54 +08:00
Code Issues Packages Projects Releases Wiki Activity
5,438 Commits 34 Branches 385 Tags 509 MiB
96f7065f63
Commit Graph

305 Commits

Author SHA1 Message Date
Dr. Stephen Henson
59ae8c9419 EVP_DecryptInit() should call EVP_CipherInit() not EVP_CipherInit_ex(). 2003-01-17 00:48:47 +00:00
Richard Levitte
c00cee00fd FreeBSD has /dev/crypto as well. 
PR: 462
 2003-01-16 18:29:30 +00:00
Richard Levitte
5e42f9ab46 make update 2002-12-29 01:38:15 +00:00
Richard Levitte
7acf00a633 Finally get rid of all the algorithm inclusions that were done from 
evp.h.

Application authors BEWARE!  If you have had the habit to count on
evp.h to provide all those lower-level algorithm functions, you need
to think again!  Please change your programs NOW, or you will be sorry
when 0.9.8 gets release (it's quite some time away...).
 2002-12-29 01:37:35 +00:00
Richard Levitte
3dda0dd2a2 Some compilers are quite picky about non-void functions that don't return 
anything.
 2002-12-06 08:50:06 +00:00
Richard Levitte
848f735ae4 EXIT() needs to be in a function that returns int. 2002-12-01 01:23:35 +00:00
Richard Levitte
43d601641f A few more memset()s converted to OPENSSL_cleanse(). 
I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343
 2002-11-29 11:30:45 +00:00
Richard Levitte
55f78baf32 Have all tests use EXIT() to exit rather than exit(), since the latter doesn't 
always give the expected result on some platforms.
 2002-11-28 18:54:30 +00:00
Richard Levitte
4579924b7e Cleanse memory using the new OPENSSL_cleanse() function. 
I've covered all the memset()s I felt safe modifying, but may have missed some.
 2002-11-28 08:04:36 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Bodo Möller
8ee4845b65 'broken' PKCS #8 format does not apply to ECDSA 
Submitted by: Nils Larsch
 2002-10-28 14:13:38 +00:00
Richard Levitte
001ab3abad Use double dashes so makedepend doesn't misunderstand the flags we 
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
 2002-10-09 13:25:12 +00:00
Richard Levitte
293d5082c7 The OpenBSD project has replaced the first implementation of the /dev/crypto 
engine with something they claim is better.  I have nothing to compare to,
and I assume they know what they're talking about.  The interesting part with
this one is that it's loaded by default on OpenBSD systems.
This change was originally introduced in OpenBSD's tracking of OpenSSL.
 2002-10-02 00:19:33 +00:00
Bodo Möller
64376cd8ff 'EC' vs. 'ECDSA' 
Submitted by: Nils Larsch
 2002-08-16 11:19:07 +00:00
Dr. Stephen Henson
3f6db7f518 Fix block_size field for CFB and OFB modes: it should be 1. 2002-08-16 01:53:24 +00:00
Bodo Möller
5488bb6197 get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead) 
Submitted by: Nils Larsch
 2002-08-12 08:47:41 +00:00
Bodo Möller
74cc4903ef make update 2002-08-09 12:16:15 +00:00
Bodo Möller
14a7cfb32a use a generic EC_KEY structure (EC keys are not ECDSA specific) 
Submitted by: Nils Larsch
 2002-08-07 10:49:54 +00:00
Lutz Jänicke
3aecef7697 "make update" 2002-07-30 12:44:33 +00:00
Bodo Möller
5dbd3efce7 Replace 'ecdsaparam' commandline utility by 'ecparam' 
(the same keys can be used for ECC schemes other than ECDSA)
and add some new options.

Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS"
in 'PEM' format.

Fix ec_asn1.c (take into account the desired conversion form).

'make update'.

Submitted by: Nils Larsch
 2002-07-14 16:54:31 +00:00
Lutz Jänicke
7b63c0fa8c Reorder inclusion of header files: 
des_old.h redefines crypt:
#define crypt(b,s)\
        DES_crypt((b),(s))

This scheme leads to failure, if header files with the OS's true definition
of crypt() are processed _after_ des_old.h was processed. This is e.g. the
case on HP-UX with unistd.h.
As evp.h now again includes des.h (which includes des_old.h), this problem
only came up after this modification.
Solution: move header files (indirectly) including e_os.h before the header
files (indirectly) including evp.h.
Submitted by:
Reviewed by:
PR:
 2002-07-10 07:01:54 +00:00
Richard Levitte
17085b022c Pass CFLAG to dependency makers, so non-standard system include paths are 
handled properly.
Part of PR 75
 2002-06-27 16:39:25 +00:00
Richard Levitte
4942ef6f0e A number of includes were removed from evp.h some time ago. The reason 
was that they weren't really needed any more for EVP itself.  However,
it seems like soma applications (I know about OpenSSH, but there may
be more) used evp.h as the 'load all' header file, which makes sense
since we try our best to promote the use of EVP instead of the lower
level crypto algorithms.  Therefore, I put the inclusions back so
the application authors don't get too shocked by all the errors they
would otherwise get.

Thanks to Theo de Raadt for making us aware of this.
 2002-06-27 05:03:00 +00:00
Lutz Jänicke
bdb6171334 OpenSSL_add_all_algorithms has been replaced by configuration dependent 
functions and is redirected by macros. Switch it off now, possible removal
later.
 2002-06-16 10:18:25 +00:00
Lutz Jänicke
65ee74fbc7 Some more prototype fixes. 
Use DECLARE macros in asn1* instead of direct declaration.
Submitted by: Goetz Babin-Ebell <babinebell@trustcenter.de>
Reviewed by:
PR: 89
 2002-06-14 19:01:52 +00:00
Richard Levitte
6631a7e7f1 use sstrsep() to get the proper type to aoti(). 
Remove unneeded cast in ustrsep().
PR: 69
 2002-06-03 15:27:46 +00:00
Richard Levitte
78055aa6a5 Add the AES test vectors from NIST document SP800-38A. 2002-05-31 13:13:43 +00:00
Richard Levitte
e6bd5e8a6d Make it possible to give vectors only for decryption or encryption. 2002-05-31 13:12:49 +00:00
Richard Levitte
94f1b50c0f For CFB and OFB modes, always create the encryption key. 2002-05-31 13:11:44 +00:00
Richard Levitte
bd54d55c1d Declare the CFB and OFB modes for AES, and prepare for a declaration 
of CTR mode.
 2002-05-31 13:08:53 +00:00
Richard Levitte
9cdf87f194 Check the return values where memory allocation failures may happen. 
PR: 49
 2002-05-30 16:47:45 +00:00
Bodo Möller
46ffee4792 fix EVP_dsa_sha macro 
Submitted by: Nils Larsch
 2002-05-16 12:51:18 +00:00
Dr. Stephen Henson
544a2aea4b Zero cipher_data in EVP_CIPHER_CTX_cleanup 
Add cleanup calls to evp_test.c

Allow reuse of cipher contexts by removing
automatic cleanup in EVP_*Final().
 2002-05-15 18:49:25 +00:00
Dr. Stephen Henson
e9ba69631b EVP_SealFinal should return a value. 2002-05-11 17:37:08 +00:00
Lutz Jänicke
2940a1298e Fix CRLF problem in BASE64 decode. 2002-04-15 09:55:40 +00:00
Bodo Möller
d0561b5c2d fix ECDSA handling 
Submitted by: Nils Larsch
 2002-04-09 12:01:21 +00:00
Dr. Stephen Henson
3e268d2717 Ensure EVP_CipherInit() uses the correct encode/decode parameter if 
enc == -1

[Reported by Markus Friedl <markus@openbsd.org>]

Fix typo in dh_lib.c (use of DSAerr instead of DHerr).
 2002-03-16 23:20:05 +00:00
Dr. Stephen Henson
de941e289e Initialize cipher context in KRB5 
("D. Russell" <russelld@aol.net>)

Allow HMAC functions to use an alternative ENGINE.
 2002-03-14 18:22:23 +00:00
Bodo Möller
690ecff795 Fixes for 'no-hw' combined with 'no-SOME_CIPHER'. 
Fix dsaparam usage output.

Submitted by: Nils Larsch
 2002-03-14 09:52:03 +00:00
Dr. Stephen Henson
bf6a9e66d6 Make ciphers and digests obtain an ENGINE functional reference 
if impl is explicitly supplied.
 2002-03-09 18:58:05 +00:00
Richard Levitte
87ebdd8a71 VMS addaptation, including a few more long names that needed hacking. 2002-02-28 13:17:40 +00:00
Richard Levitte
26414ee013 Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated 2002-02-28 12:42:19 +00:00
Richard Levitte
0d7b9b8b7e make update, after moving around symbols in libeay.num to match 
0.9.7-stable.
 2002-02-26 14:41:29 +00:00
Dr. Stephen Henson
a3829cb720 Updates from stable branch. 2002-02-23 13:50:29 +00:00
Dr. Stephen Henson
e84be9b495 New OPENSSL_LOAD_CONF define to load openssl.cnf 
when OpenSSL_add_all_algorithms() is called.
 2002-02-23 01:00:44 +00:00
Richard Levitte
5b7848a345 Add comfy aliases for AES in CBC mode. 2002-02-20 17:59:49 +00:00
Richard Levitte
236be53269 gcc figures that the format specifier %2x means unsigned int, so let's 
make n unsigned.
 2002-02-20 13:50:36 +00:00
Richard Levitte
a6cd870784 The AES modes OFB and CFB are defined with 128 feedback bits. This 
deviates from the "standard" 64 bits of feedback that all other
algorithms are using.  Therefore, let's redo certain EVP macros to
accept different amounts of feedback bits for these modes.

Also, change e_aes.c to provide all usually available modes for AES.
CTR isn't included yet.
 2002-02-16 12:39:07 +00:00
Bodo Möller
6cc3700314 don't call OPENSSL_config(), this does not make any sense during "make test" 2002-02-14 13:51:20 +00:00
Bodo Möller
4d94ae00d5 ECDSA support 
Submitted by: Nils Larsch <nla@trustcenter.de>
 2002-02-13 18:21:51 +00:00