mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
8,349 Commits 33 Branches 385 Tags 484 MiB
be86dd85e4
Commit Graph

1209 Commits

Author SHA1 Message Date
Dr. Stephen Henson
ad35cdac74 PR: 1516 
Revert change in 1516 because it breaks Windows build. Use a modified version
of the headers from s_client.c which has used similar functionality without
any problems.
 2007-05-16 12:16:49 +00:00
Ben Laurie
69ab085290 More IGE speedup. 2007-05-13 15:14:38 +00:00
Ben Laurie
5f09d0ecc2 AES IGE mode speedup. 2007-05-13 12:57:59 +00:00
Dr. Stephen Henson
6217896145 Improve error detection when streaming S/MIME. 
Only use streaming when appropriate for detached data in smime utility.
 2007-05-10 17:37:15 +00:00
Andy Polyakov
6ef18c21c9 Bug in apps/dgst.c. 2007-04-30 15:20:10 +00:00
Bodo Möller
96afc1cfd5 Add SEED encryption algorithm. 
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
 2007-04-23 23:48:59 +00:00
Dr. Stephen Henson
9cfc8a9d5c Update smime utility to support streaming for -encrypt and -sign -nodetach 
options. Add new streaming i2d (though strictly speaking it is BER format
when streaming) and PEM functions.

These all process content on the fly without storing it all in memory.
 2007-04-13 01:06:41 +00:00
Dr. Stephen Henson
2022cfe07e New -mac and -macopt options to dgst utility. Reimplement -hmac option in 
terms of new API.
 2007-04-11 17:20:40 +00:00
Dr. Stephen Henson
d952c79a7b New -sigopt option for dgst utility. 2007-04-08 12:47:18 +00:00
Ben Laurie
3dfb6b3353 Yet another resource leak. Coverity ID 123. 2007-04-07 13:20:09 +00:00
Ben Laurie
44907e6064 Free memory. Coverity ID 62. 2007-04-05 15:45:22 +00:00
Ben Laurie
231671b9ff Resource leak. 2007-04-04 16:00:03 +00:00
Ben Laurie
313fce7b61 Don't free a NULL. Coverity ID 112. 2007-04-04 14:59:20 +00:00
Ben Laurie
309fa55bbb Return an error if the serial number is badly formed. (Coverity ID 116). 2007-04-04 14:35:56 +00:00
Ben Laurie
4b8747e440 Die if serial number is invalid. 2007-04-04 13:41:33 +00:00
Richard Levitte
a1d915990b Apply a more modern way to get the definition of select(), except for VMS. 
Submitted by Corinna Vinschen <vinschen@redhat.com>
 2007-03-29 18:34:57 +00:00
Dr. Stephen Henson
9981a51e42 Stage 1 GOST ciphersuite support. 
Submitted by: ran@cryptocom.ru
Reviewed by: steve@openssl.org
 2007-03-23 17:04:05 +00:00
Lutz Jänicke
ee373e7f19 Fix problem with multi line responses in -starttls by using a buffering 
BIO and BIO_gets().
 2007-02-22 17:39:47 +00:00
Lutz Jänicke
8d72476e2b Extend SMTP and IMAP protocol handling to perform the required 
EHLO or CAPABILITY handshake before sending STARTTLS

Submitted by: Goetz Babin-Ebell <goetz@shomitefo.de>
 2007-02-21 18:20:41 +00:00
Dr. Stephen Henson
5d5ca32fa1 Updates from 0.9.8-stable branch. 2007-02-18 18:21:57 +00:00
Richard Levitte
85c6749216 Add STARTTLS support for IMAP and FTP. 
Submitted by Kees Cook <kees@outflux.net>
 2007-02-16 18:12:16 +00:00
Dr. Stephen Henson
52cfa39716 Add -hmac option to dgst from 0.9.7 stable branch. 2007-02-08 19:07:43 +00:00
Nils Larsch
123b23fa95 fix return value of get_cert_chain() 
PR: 1441
 2006-12-27 09:40:52 +00:00
Richard Levitte
8bbf6bcf17 Needed definition of _XOPEN_SOURCE_EXTENDED so DEC C on VMS will see 
the declarations of fd_set, select() and so on.
 2006-12-25 10:54:14 +00:00
Nils Larsch
ec1edeb5fa update pkcs12 help message + manpage 
PR: 1443
Submitted by: Artem Chuprina <ran@cryptocom.ru>
 2006-12-21 20:36:15 +00:00
Nils Larsch
5dfe910023 properly initialize SSL context, check return value 2006-12-13 22:06:37 +00:00
Nils Larsch
10a10fb834 return 0 if 'noout' is used and no error has occurred 
PR: 1435
Submitted by: "Haridharan" <haridharan@gmail.com>
 2006-12-05 20:09:25 +00:00
Nils Larsch
ae93dc13ab add support for whirlpool in apps/speed 
PR: 1338
Submitted by: justin@soze.net
 2006-12-01 21:42:55 +00:00
Nils Larsch
7806f3dd4b replace macros with functions 
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
 2006-11-29 20:54:57 +00:00
Ben Laurie
96ea4ae91c Add RFC 3779 support. 2006-11-27 14:18:05 +00:00
Dr. Stephen Henson
5456583294 Don't add the TS EKU by default in openssl.cnf because it then 
makes certificates genereated by ca, CA.pl etc useless for anything else.
 2006-11-07 14:27:55 +00:00
Nils Larsch
224328e404 fix warning 2006-11-06 20:10:44 +00:00
Andy Polyakov
5b50f99e1e Further mingw build procedure updates. 2006-10-24 22:14:20 +00:00
Andy Polyakov
cbfb39d1be Rudimentary support for cross-compiling. 2006-10-21 13:38:16 +00:00
Dr. Stephen Henson
347ed3b93c Buffer size handling fix for enc. 
PR:1374
 2006-09-22 17:14:22 +00:00
Dr. Stephen Henson
5d20c4fb35 Overhaul of by_dir code to handle dynamic loading of CRLs. 2006-09-17 17:16:28 +00:00
Richard Levitte
5776c3c4c6 According to documentation, including time.h declares select() on 
OpenVMS, and possibly more.

Ref: http://h71000.www7.hp.com/doc/82final/6529/6529pro_019.html#r_select
 2006-08-20 05:54:35 +00:00
Richard Levitte
0c3d346cb7 Correct warnings about signedness. 2006-08-20 05:18:12 +00:00
Dr. Stephen Henson
f6e7d01450 Support for multiple CRLs with same issuer name in X509_STORE. Modify 
verify logic to try to use an unexpired CRL if possible.
 2006-07-25 17:39:38 +00:00
Dr. Stephen Henson
1aa44cc797 Avoid WIN32 warning. 2006-07-21 22:28:48 +00:00
Dr. Stephen Henson
37c8fd0eba Avoid warnings. 2006-07-21 22:26:31 +00:00
Dr. Stephen Henson
b589427941 WIN32 fixes signed/unsigned issues and slightly socket semantics. 2006-07-17 18:52:51 +00:00
Dr. Stephen Henson
454dbbc593 Add -timeout option to ocsp utility. 2006-07-17 13:26:54 +00:00
Dr. Stephen Henson
f253a058d3 There is should be no need to rewind the input stream any more. 
For S/MIME multipart/signed type the signature is calculated on the fly.

For other detached data forms the stream isn't used after the single pass to
calculate signatures.

For non-detached the data is stored in a memory BIO.
 2006-07-13 20:29:55 +00:00
Dr. Stephen Henson
b3c6a33185 In genpkey, also look for algorithm string name in any supplied ENGINE. 2006-07-12 18:00:20 +00:00
Dr. Stephen Henson
105f6a6323 Update some usage messages. 2006-07-10 22:49:08 +00:00
Dr. Stephen Henson
5ba4bf35c5 New functions to enumerate digests and ciphers. 2006-07-09 00:53:45 +00:00
Bodo Möller
b166f13eb5 Call 'print_stuff' even if a handshake failed. 2006-06-15 19:00:34 +00:00
Bodo Möller
6a983d4287 Fix a bug recently introduced when updating this file to use the new 
keygen API: make sure that 'pkey_type' is actually visible to MAIN().
 2006-06-14 01:16:22 +00:00
Bodo Möller
f3dea9a595 Camellia cipher, contributed by NTT 
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
 2006-06-09 15:44:59 +00:00
Dr. Stephen Henson
01b8b3c7d2 Complete EVP_PKEY_ASN1_METHOD ENGINE support. 2006-06-05 11:52:46 +00:00
Dr. Stephen Henson
6f88c6a634 Add missing prototype. Extend engine utility to print public key algorithms. 2006-06-01 12:38:22 +00:00
Richard Levitte
0ed110b969 Because all object files are now in a file, we don't need to mention 
any of them on the linker command line.  Besides, OBJECT_FILE now
represents the last compiled file, and using it here only results in
getting warnings about multiple definitions of the symbols in that
file.
 2006-06-01 10:24:47 +00:00
Dr. Stephen Henson
6657b9c73a Fix warnings. 2006-05-26 13:27:58 +00:00
Dr. Stephen Henson
ba0d04a986 Update pkeyutl to use size_t for pkey functions. 2006-05-26 12:24:49 +00:00
Richard Levitte
3cb9eb30d3 Signed vs. unsigned conflict 2006-05-25 23:40:04 +00:00
Richard Levitte
e0b624e20e There was a problem with too long command lines, so I rebuilt to make 
it work better.
 2006-05-25 23:37:03 +00:00
Dr. Stephen Henson
c27309edcb Allow any supported cipher to be used with smime -encrypt. 2006-05-25 16:53:52 +00:00
Dr. Stephen Henson
216e0d5b91 Fix smime -pk7out. 2006-05-22 13:37:16 +00:00
Dr. Stephen Henson
5531192151 Add -resign and -md options to smime command to support resigning an 
existing structure and using alternative digest for signing.
 2006-05-18 23:44:44 +00:00
Dr. Stephen Henson
a6e7fcd140 Multiple signer support in smime application. 2006-05-18 12:41:28 +00:00
Dr. Stephen Henson
76cf3fcb43 Reformat smime.c utility. 2006-05-18 11:54:16 +00:00
Dr. Stephen Henson
121dd39f9f New option to pkcs12 utility to set alternative MAC digest algorithm. 2006-05-17 18:46:22 +00:00
Dr. Stephen Henson
a263253545 Don't try to print PBE information if it can't be decoded. 2006-05-17 18:24:35 +00:00
Dr. Stephen Henson
8de916bcee Oops... 2006-05-17 12:29:16 +00:00
Dr. Stephen Henson
1631d5f9b9 HMAC OIDs from RFC4231. 2006-05-17 12:27:45 +00:00
Dr. Stephen Henson
98c82b899e Gather keygen options in req and only use them after all other options have 
been processed. This allows any ENGINE changing operations to be processed
first (for example a config file).
 2006-05-16 12:11:14 +00:00
Dr. Stephen Henson
fbf6643607 Bugfix: the NONE string for PBE algorithms wasn't working. 2006-05-15 13:23:15 +00:00
Dr. Stephen Henson
1bd06bd0c4 In interactive mode only config OpenSSL once. 2006-05-12 17:11:58 +00:00
Richard Levitte
98bf13c36b make update 2006-05-12 15:31:28 +00:00
Dr. Stephen Henson
759d8ac6ee Typo. 2006-05-12 00:27:39 +00:00
Dr. Stephen Henson
959e8dfe06 Update 'req' command to use new keygen API. 2006-05-11 21:39:00 +00:00
Dr. Stephen Henson
03919683f9 Add support for default public key digest type ctrl. 2006-05-07 17:09:39 +00:00
Ulf Möller
36e77b1059 Bug fix. 
PR: 1307
Submitted by: Oliver Tappe <zooey@hirschkaefer.de>
 2006-05-01 18:49:26 +00:00
Dr. Stephen Henson
816c2b5a79 Fix from stable branch. 2006-04-28 00:30:49 +00:00
Dr. Stephen Henson
15f80eea31 Fix usage message for pkeyutl. 2006-04-26 15:42:29 +00:00
Dr. Stephen Henson
ee1d9ec019 Remove link between digests and signature algorithms. 
Use cross reference table in ASN1_item_sign(), ASN1_item_verify() to eliminate
the need for algorithm specific code.
 2006-04-19 17:05:59 +00:00
Dr. Stephen Henson
7bf7333d68 If we include winsock2.h then FD_SET wants an unsigned type for an fd. 2006-04-17 12:22:13 +00:00
Dr. Stephen Henson
b010b7c434 Use more flexible method of determining output length, by setting &outlen 
value of the passed output buffer is NULL.

The old method of using EVP_PKEY_size(pkey) isn't flexible enough to cover all
cases where the output length may depend on the operation or the parameters
associated with it.
 2006-04-15 18:50:56 +00:00
Richard Levitte
51aa7bd321 Got sick and tired of duplicating... Too error-prone (i.e. I forget 
to update both...)!
 2006-04-14 19:56:28 +00:00
Dr. Stephen Henson
ffb1ac674c Complete key derivation support. 2006-04-13 20:16:56 +00:00
Dr. Stephen Henson
3be34589e8 Update dependencies. 2006-04-13 13:00:45 +00:00
Dr. Stephen Henson
92511cff48 Change the option setting command line switch to "-pkeyopt" to avoid confusion 
with algorithm parameters.
 2006-04-13 12:38:46 +00:00
Richard Levitte
7b82159865 Synchronise what what's happening with the Unix build 2006-04-13 09:59:52 +00:00
Ulf Möller
fb05e1cdf6 declare as in prototype 
Submitted by: Gisle Vanem
 2006-04-12 19:24:45 +00:00
Dr. Stephen Henson
75ef718820 Support for DSA keygen, fix for genpkey. 2006-04-12 11:14:11 +00:00
Ulf Möller
4700aea951 Add BeOS support. 
PR: 1312
Submitted by: Oliver Tappe <zooey@hirschkaefer.de>
Reviewed by: Ulf Moeller
 2006-04-11 21:34:21 +00:00
Ulf Möller
9555339007 improve make dclean to remove files generated during build 
PR: 1308
Submitted by: Oliver Tappe <zooey@hirschkaefer.de>
Reviewed by: Ulf Moeller
 2006-04-11 20:05:23 +00:00
Dr. Stephen Henson
2fbe371f53 Fix parameter error messages. 2006-04-11 18:30:25 +00:00
Dr. Stephen Henson
15181d7811 Write parameters if -genparam option include. 2006-04-11 18:21:40 +00:00
Dr. Stephen Henson
1edba2110f Add parameter generation option to genpkey. 2006-04-11 18:18:14 +00:00
Dr. Stephen Henson
f5cda4cbb1 Initial keygen support. 2006-04-11 13:28:52 +00:00
Richard Levitte
25dc89eb9b Synchronise with the Unix build 2006-04-10 11:39:49 +00:00
Dr. Stephen Henson
4a3dc3c0e3 Add RSA ctrl for padding mode, add ctrl support in pkeyutl. 2006-04-09 12:42:09 +00:00
Dr. Stephen Henson
a2318e86bd Fix typo. Add EVP_PKEY_CTX control function for later use by command line 
utilities.
 2006-04-09 00:34:00 +00:00
Dr. Stephen Henson
a9164153d1 Reformat pkeyutl.c, add support for verify operation but nothing actually 
supports it (yet).
 2006-04-08 22:25:47 +00:00
Dr. Stephen Henson
8795d38906 Update dependencies. 2006-04-08 13:04:31 +00:00
Dr. Stephen Henson
8cd44e3630 Implement encrypt/decrypt using RSA. 2006-04-08 13:02:04 +00:00
Dr. Stephen Henson
9e4d0f0be2 New utility 'pkeyutl' a general purpose version of 'rsautl'. 2006-04-07 19:33:28 +00:00
Dr. Stephen Henson
53ec8809cf Add an explicit load_config() call so any added algorithms are 
visible.
 2006-04-04 18:47:20 +00:00