Dmitry Belyavsky
31001f8131
Add new GOST OIDs
...
Add new OIDs for latest GOST updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-17 15:34:30 +01:00
Rich Salz
ce7e647bc2
Add $! to errors, use script basename.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-06-23 08:39:52 -04:00
Dr. Stephen Henson
0fb9990480
return correct NID for undefined object
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-06-08 21:44:56 +01:00
Annie Yousar
591b7aef05
RT3230: Better test for C identifier
...
objects.pl only looked for a space to see if the name could be
used as a C identifier. Improve the test to match the real C
rules.
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-06-02 17:16:54 -04:00
Richard Levitte
0f539dc1a2
Fix the update target and remove duplicate file updates
...
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in. This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.
This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-22 18:44:33 +02:00
Dr. Stephen Henson
96b96d6c45
Add scrypt OID from draft-josefsson-scrypt-kdf-03
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-21 12:48:02 +01:00
Richard Levitte
a3aadb2d9c
make depend
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:38:31 +02:00
Richard Levitte
b39fc56061
Identify and move common internal libcrypto header files
...
There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and adapt the
affected source code and Makefiles.
The header files that got moved are:
crypto/cryptolib.h
crypto/md32_common.h
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:21:40 +02:00
Hanno Böck
2b8dc08b74
Call of memcmp with null pointers in obj_cmp()
...
The function obj_cmp() (file crypto/objects/obj_dat.c) can in some
situations call memcmp() with a null pointer and a zero length.
This is invalid behaviour. When compiling openssl with undefined
behaviour sanitizer (add -fsanitize=undefined to compile flags) this
can be seen. One example that triggers this behaviour is the pkcs7
command (but there are others, e.g. I've seen it with the timestamp
function):
apps/openssl pkcs7 -in test/testp7.pem
What happens is that obj_cmp takes objects of the type ASN1_OBJECT and
passes their ->data pointer to memcmp. Zero-sized ASN1_OBJECT
structures can have a null pointer as data.
RT#3816
Signed-off-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-13 15:23:57 +01:00
Gunnar Kudrjavets
56d88027f0
Fix the heap corruption in libeay32!OBJ_add_object.
...
Original 'sizeof(ADDED_OBJ)' was replaced with 'sizeof(*ao)'. However,
they return different sizes. Therefore as the result heap gets corrupted
and at some point later debug version of malloc() detects the corruption.
On x86 we can observe that as follows:
sizeof(*ao) == 4
sizeof(*ao[0]) == sizeof(ADDED_OBJ) == 8
Issue reproduces with either enabling CRT debug heap or Application
Verifier's full-page heap.
Basic debugging data from the moment the corruption is first detected:
0:000:x86> |
. 0 id: 283c create name: openssl.exe
0:000:x86> kcn
#
00 MSVCR120D!_heap_alloc_dbg_impl
01 MSVCR120D!_nh_malloc_dbg_impl
02 MSVCR120D!_nh_malloc_dbg
03 MSVCR120D!malloc
04 LIBEAY32!default_malloc_ex
05 LIBEAY32!CRYPTO_malloc
06 LIBEAY32!lh_insert
07 LIBEAY32!OBJ_add_object
08 LIBEAY32!OBJ_create
09 openssl!add_oid_section
0a openssl!req_main
0b openssl!do_cmd
0c openssl!main
0d openssl!__tmainCRTStartup
0e openssl!mainCRTStartup
0f KERNEL32!BaseThreadInitThunk
10 ntdll_77d60000!__RtlUserThreadStart
11 ntdll_77d60000!_RtlUserThreadStart
Signed-off-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-13 09:23:23 +01:00
Rich Salz
75ebbd9aa4
Use p==NULL not !p (in if statements, mainly)
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-11 10:06:38 -04:00
Rich Salz
45ebd73128
Make sig_app, sigx_app static
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-06 16:49:10 -04:00
Richard Levitte
12048657a9
ZLIB compression deserves a better comment
...
What could be better than to refer to the RFC that defines it?
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-05-06 02:07:58 +02:00
Richard Levitte
2ed42bf639
make update
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-05-05 21:49:51 +02:00
Richard Levitte
3c161d081e
Remove the last traces of the fake RLE compression
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-05-05 21:48:43 +02:00
Rich Salz
b4faea50c3
Use safer sizeof variant in malloc
...
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-04 15:00:13 -04:00
Rich Salz
8332f91cc0
fix various typo's
...
https://github.com/openssl/openssl/pull/176 (CHANGES)
https://rt.openssl.org/Ticket/Display.html?id=3545 (objects.txt)
https://rt.openssl.org/Ticket/Display.html?id=3796 (verify.pod)
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-03 08:50:34 -04:00
Dr. Stephen Henson
b6eb9827a6
Add OSSL_NELEM macro.
...
Add OSSL_NELEM macro to e_os.h to determine the number of elements in an
array.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-03 12:53:08 +01:00
Rich Salz
efa7dd6444
free NULL cleanup 11
...
Don't check for NULL before calling free functions. This gets:
ERR_STATE_free
ENGINE_free
DSO_free
CMAC_CTX_free
COMP_CTX_free
CONF_free
NCONF_free NCONF_free_data _CONF_free_data
A sk_free use within OBJ_sigid_free
TS_TST_INFO_free (rest of TS_ API was okay)
Doc update for UI_free (all uses were fine)
X509V3_conf_free
X509V3_section_free
X509V3_string_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:15:18 -04:00
Rich Salz
b548a1f11c
free null cleanup finale
...
Don't check for NULL before calling OPENSSL_free
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:02:07 -04:00
Rich Salz
23a1d5e97c
free NULL cleanup 7
...
This gets BN_.*free:
BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free
BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free
Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd
dead code in engines/e_ubsec.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 21:37:06 -04:00
Rich Salz
b196e7d936
remove malloc casts
...
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 15:28:14 -04:00
Viktor Dukhovni
61986d32f3
Code style: space after 'if'
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-16 13:44:59 -04:00
Richard Levitte
a80e33b991
Remove EXHEADER, TEST, APPS, links:, install: and uninstall: where relevant
...
With no more symlinks, there's no need for those variables, or the links
target. This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.
Also, removed METHTEST from test/Makefile. It looks like an old test that's
forgotten...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Richard Levitte
dee502be89
Stop symlinking, move files to intended directory
...
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.
Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.
Originally-by: Geoff Thorpe <geoff@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Dr. Stephen Henson
9837bfbfc7
make depend
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 14:15:00 +00:00
Dr. Stephen Henson
2e43027757
make ASN1_OBJECT opaque
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 17:35:58 +00:00
Matt Caswell
918bb86529
Unchecked malloc fixes
...
Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error
paths as I spotted them along the way.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-03-05 09:09:57 +00:00
Rich Salz
c81f425eaa
RT937: Enable pilotAttributeType uniqueIdentifier
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-12 14:38:31 -05:00
Andy Polyakov
c79e17731f
Add more Camellia OIDs.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-02-11 20:28:47 +01:00
Andy Polyakov
849037169d
Bring objects.pl output even closer to new format.
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-02-09 15:59:09 +01:00
Andy Polyakov
7ce3862319
Harmonize objects.pl output with new format.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-02-09 09:53:24 +01:00
Rich Salz
5b18d3025c
util/mkstack.pl now generates entire safestack.h
...
The mkstack.pl script now generates the entire safestack.h file.
It generates output that follows the coding style.
Also, removed all instances of the obsolete IMPLEMENT_STACK_OF
macro.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-02-06 10:47:53 -05:00
Dr. Stephen Henson
6922ddee1b
Make objxref.pl output in correct format
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-02-04 03:50:09 +00:00
Rich Salz
a00ae6c46e
OPENSSL_NO_xxx cleanup: many removals
...
The following compile options (#ifdef's) are removed:
OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY
OPENSSL_NO_EVP OPENSSL_NO_FIPS_ERR OPENSSL_NO_HASH_COMP
OPENSSL_NO_LHASH OPENSSL_NO_OBJECT OPENSSL_NO_SPEED OPENSSL_NO_STACK
OPENSSL_NO_X509 OPENSSL_NO_X509_VERIFY
This diff is big because of updating the indents on preprocessor lines.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 10:06:22 -05:00
Rich Salz
68b00c2372
ifdef cleanup part 3: OPENSSL_SYSNAME
...
Rename OPENSSL_SYSNAME_xxx to OPENSSL_SYS_xxx
Remove MS_STATIC; it's a relic from platforms <32 bits.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-23 11:58:26 -05:00
Matt Caswell
0f113f3ee4
Run util/openssl-format-source -v -c .
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
3a83462dfe
Further comment amendments to preserve formatting prior to source reformat
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-06 15:45:25 +00:00
Tim Hudson
1d97c84351
mark all block comments that need format preserving so that
...
indent will not alter them when reformatting comments
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-12-30 22:10:26 +00:00
Dr. Stephen Henson
f072785eb4
Remove fipscanister build functionality from makefiles.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 13:23:45 +00:00
Matt Caswell
e6b336efa3
Add EVP support for OCB mode
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 10:28:34 +00:00
Rich Salz
8cfe08b4ec
Remove all .cvsignore files
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-11-28 18:32:43 -05:00
Dr. Stephen Henson
55f7fb8848
Fix cross reference table generator.
...
If the hash or public key algorithm is "undef" the signature type
will receive special handling and shouldn't be included in the
cross reference table.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-11-13 13:34:42 +00:00
Emilia Kasper
0042fb5fd1
Fix OID handling:
...
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.
CVE-2014-3508
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-06 20:36:41 +01:00
Andy Polyakov
d11c70b2c2
Please Clang's sanitizer, addendum.
2014-07-08 23:06:59 +02:00
Dr. Stephen Henson
abac8e0e08
Rebuild OID table.
2014-06-27 14:35:07 +01:00
Dr. Stephen Henson
95791bf941
Fix OID encoding for one component.
...
OIDs with one component don't have an encoding.
PR#2556 (Bug#1)
2014-06-27 14:35:07 +01:00
Rob Stradling
52f71f8181
CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration.
2014-02-26 15:33:11 +00:00
Rob Stradling
dcfe8df148
Show the contents of the RFC6962 Signed Certificate Timestamp List Certificate/OCSP Extensions.
...
Add the RFC6962 OIDs to the objects table.
2014-02-14 23:24:35 +00:00
Dr. Stephen Henson
7f5fd314c0
Sync OID numbers with 1.0.2 branch.
2013-10-15 11:33:30 +01:00
Veres Lajos
478b50cf67
misspellings fixes by https://github.com/vlajos/misspell_fixer
2013-09-05 21:39:42 +01:00
Dr. Stephen Henson
6af440ced4
Add new OIDs from RFC5753
...
Add OIDs for KDF schemes from RFC5753 and add cross references for
each type and the appropriate digest to use.
2013-07-17 21:45:00 +01:00
Dr. Stephen Henson
e423c360fd
Add new OID to pSpecified from PKCS#1
2013-06-21 21:33:00 +01:00
Andy Polyakov
8a97a33063
Add AES-SHA256 stitch.
2013-05-13 22:49:58 +02:00
Ben Laurie
08e5536445
Fix some clang warnings.
2013-01-13 21:04:39 +00:00
Andy Polyakov
71fa3bc5ec
objxref.pl: improve portability.
2012-04-22 21:18:30 +00:00
Dr. Stephen Henson
b36bab7812
PR: 2239
...
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>
Add Brainpool curves from RFC5639.
Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
2012-04-22 13:06:51 +00:00
Dr. Stephen Henson
b333905011
incomplete provisional OAEP CMS decrypt support
2012-01-02 18:25:37 +00:00
Dr. Stephen Henson
afb14cda8c
Initial experimental support for X9.42 DH parameter format to handle
...
RFC5114 parameters and X9.42 DH public and private keys.
2011-12-07 00:32:34 +00:00
Dr. Stephen Henson
66bb328e11
? crypto/aes/aes-armv4.S
...
? crypto/aes/aesni-sha1-x86_64.s
? crypto/aes/aesni-x86_64.s
? crypto/aes/foo.pl
? crypto/aes/vpaes-x86_64.s
? crypto/bn/.bn_lib.c.swp
? crypto/bn/armv4-gf2m.S
? crypto/bn/diffs
? crypto/bn/modexp512-x86_64.s
? crypto/bn/x86_64-gf2m.s
? crypto/bn/x86_64-mont5.s
? crypto/ec/bc.txt
? crypto/ec/diffs
? crypto/modes/a.out
? crypto/modes/diffs
? crypto/modes/ghash-armv4.S
? crypto/modes/ghash-x86_64.s
? crypto/modes/op.h
? crypto/modes/tst.c
? crypto/modes/x.h
? crypto/objects/.obj_xref.txt.swp
? crypto/rand/diffs
? crypto/sha/sha-512
? crypto/sha/sha1-armv4-large.S
? crypto/sha/sha256-armv4.S
? crypto/sha/sha512-armv4.S
Index: crypto/objects/obj_xref.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/objects/obj_xref.c,v
retrieving revision 1.9
diff -u -r1.9 obj_xref.c
--- crypto/objects/obj_xref.c 5 Nov 2008 18:38:58 -0000 1.9
+++ crypto/objects/obj_xref.c 6 Oct 2011 20:30:21 -0000
@@ -110,8 +110,10 @@
#endif
if (rv == NULL)
return 0;
- *pdig_nid = rv->hash_id;
- *ppkey_nid = rv->pkey_id;
+ if (pdig_nid)
+ *pdig_nid = rv->hash_id;
+ if (ppkey_nid)
+ *ppkey_nid = rv->pkey_id;
return 1;
}
@@ -144,7 +146,8 @@
#endif
if (rv == NULL)
return 0;
- *psignid = (*rv)->sign_id;
+ if (psignid)
+ *psignid = (*rv)->sign_id;
return 1;
}
Index: crypto/x509/x509type.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/x509/x509type.c,v
retrieving revision 1.10
diff -u -r1.10 x509type.c
--- crypto/x509/x509type.c 26 Oct 2007 12:06:33 -0000 1.10
+++ crypto/x509/x509type.c 6 Oct 2011 20:36:04 -0000
@@ -100,20 +100,26 @@
break;
}
- i=X509_get_signature_type(x);
- switch (i)
+ i=OBJ_obj2nid(x->sig_alg->algorithm);
+ if (i && OBJ_find_sigid_algs(i, NULL, &i))
{
- case EVP_PKEY_RSA:
- ret|=EVP_PKS_RSA;
- break;
- case EVP_PKEY_DSA:
- ret|=EVP_PKS_DSA;
- break;
- case EVP_PKEY_EC:
- ret|=EVP_PKS_EC;
- break;
- default:
- break;
+
+ switch (i)
+ {
+ case NID_rsaEncryption:
+ case NID_rsa:
+ ret|=EVP_PKS_RSA;
+ break;
+ case NID_dsa:
+ case NID_dsa_2:
+ ret|=EVP_PKS_DSA;
+ break;
+ case NID_X9_62_id_ecPublicKey:
+ ret|=EVP_PKS_EC;
+ break;
+ default:
+ break;
+ }
}
if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
2011-10-06 20:44:02 +00:00
Andy Polyakov
c608171d9c
Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
2011-08-23 20:51:38 +00:00
Dr. Stephen Henson
32a2d8ddfe
Provisional AES XTS support.
2011-04-12 23:21:33 +00:00
Dr. Stephen Henson
df6de39fe7
Change AR to ARX to allow exclusion of fips object modules
2011-01-26 16:08:08 +00:00
Dr. Stephen Henson
ff04bbe363
Add PSS algorithm printing. This is an initial step towards full PSS support.
...
Uses ASN1 module in Martin Kaiser's PSS patch.
2010-03-06 19:55:25 +00:00
Dr. Stephen Henson
df4c395c6d
add anyExtendedKeyUsage OID
2010-02-24 15:53:58 +00:00
Andy Polyakov
e5a4de9e44
Add assigned OIDs, as well as "anonymous" ones for AES counter mode.
2010-02-23 16:47:17 +00:00
Dr. Stephen Henson
c8ef656df2
Make CMAC API similar to HMAC API. Add methods for CMAC.
2010-02-08 15:31:35 +00:00
Dr. Stephen Henson
cab6de03a2
PR: 2149
...
Submitted by: Douglas Stebila <douglas@stebila.ca>
Fix wap OIDs.
2010-01-25 16:07:42 +00:00
Dr. Stephen Henson
f2334630a7
Add OID for PWRI KEK algorithm.
2009-11-25 22:07:49 +00:00
Dr. Stephen Henson
709a395d1c
PR: 2091
...
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org
If an OID has no short name or long name return the numerical representation.
2009-11-10 01:00:07 +00:00
Dr. Stephen Henson
cc7399e79c
Changes from 1.0.0-stable.
2009-04-07 16:33:26 +00:00
Ben Laurie
a79b668b8f
Autogeneration seems to have changed slightly.
2009-04-05 10:21:05 +00:00
Dr. Stephen Henson
06ddf8eb08
Updates from 1.0.0-stable
2009-04-04 19:54:06 +00:00
Dr. Stephen Henson
14023fe352
Merge from 1.0.0-stable branch.
2009-04-03 11:45:19 +00:00
Dr. Stephen Henson
ddcfc25a6d
Update from stable branch.
2009-03-25 19:02:22 +00:00
Dr. Stephen Henson
aaa29f9e83
Add error checking to obj_xref.pl and add command line support for data
...
file locations.
2009-02-10 13:03:31 +00:00
Geoff Thorpe
6343829a39
Revert the size_t modifications from HEAD that had led to more
...
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2e5975285e
Update obsolete email address...
2008-11-05 18:39:08 +00:00
Ben Laurie
5e4430e70d
More size_tification.
2008-11-01 16:40:37 +00:00
Ben Laurie
4d6e1e4f29
size_tification.
2008-11-01 14:37:00 +00:00
Dr. Stephen Henson
df0681e554
Add permanentIdentifier OID.
2008-10-22 18:48:11 +00:00
Dr. Stephen Henson
e19106f5fb
Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros
...
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.
This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
2008-10-22 15:43:01 +00:00
Dr. Stephen Henson
dcf6b3e9b6
Reinstate obj_xref.h as it is not auto generated on all platforms.
2008-10-20 15:12:48 +00:00
Dr. Stephen Henson
606f6c477a
Fix a shed load or warnings:
...
Duplicate const.
Use of ; outside function.
2008-10-20 15:12:00 +00:00
Dr. Stephen Henson
111a6e2a23
Fix multiple ; warning.
2008-10-18 15:02:59 +00:00
Ben Laurie
d764e7edb8
Fix warning a different way.
2008-10-18 12:12:34 +00:00
Ben Laurie
1ea6472e60
Type-safe OBJ_bsearch_ex.
2008-10-14 08:10:52 +00:00
Ben Laurie
babb379849
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
Dr. Stephen Henson
249a77f5fb
Add support for freshest CRL extension.
2008-08-27 15:52:05 +00:00
Dr. Stephen Henson
d4cdbab99b
Avoid warnings with -pedantic, specifically:
...
Conversion between void * and function pointer.
Value computed not used.
Signed/unsigned argument.
2008-07-04 23:12:52 +00:00
Dr. Stephen Henson
8528128b2a
Update from stable branch.
2008-06-26 23:27:31 +00:00
Ben Laurie
5ce278a77b
More type-checking.
2008-06-04 11:01:43 +00:00
Ben Laurie
3c1d6bbc92
LHASH revamp. make depend.
2008-05-26 11:24:29 +00:00
Dr. Stephen Henson
3247812e34
Since OID NIDs with 0.9.8.
2008-04-02 10:48:34 +00:00
Dr. Stephen Henson
fe591284be
Update dependencies.
2008-03-22 18:52:03 +00:00
Dr. Stephen Henson
054307e7ed
Allow alternate eContentType oids to be set in cms utility.
...
Add id-ct-asciiTextWithCRLF OID.
Give more meaninful error message is attempt to use key ID from a certificate
without a key ID.
2008-03-19 19:34:30 +00:00
Dr. Stephen Henson
16fe5f8b50
Produce meaningful error if sanity check fails.
...
Delete trailing whitespace from objects.txt
Delete duplicate NIDs.
2008-03-19 17:01:12 +00:00
Dr. Stephen Henson
041e7f2eee
Additional sanity check.
2008-03-19 14:18:36 +00:00
Dr. Stephen Henson
c36e936b60
Partial support for KEKRecipientInfo type.
2008-03-17 18:11:27 +00:00
Geoff Thorpe
1e26a8baed
Fix a variety of warnings generated by some elevated compiler-fascism,
...
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
2008-03-16 21:05:46 +00:00
Dr. Stephen Henson
b510d77535
We already have an object for "zlib compression" but it was a place
...
holder and its actual encoding never used.
Just as well because it's value looks like it was made up in the mists of
time...
Now there is a registered value for zlib compression (used in S/MIME
compressedData content type) use that instead.
2008-02-29 14:24:52 +00:00
Dr. Stephen Henson
400ca0e467
Add OIDs for compressedData content type and zlib compression.
2008-02-12 13:48:10 +00:00
Dr. Stephen Henson
1ad6a1b5e9
Rebuild OID database: duplicates got in there somehow??
2007-11-23 00:34:00 +00:00
Dr. Stephen Henson
6e150083bb
Fix from stable branch.
2007-11-23 00:19:24 +00:00
Dr. Stephen Henson
98d8baabbd
Add caRepository OID and sync object NIDs with OpenSSL 0.9.8.
2007-11-23 00:14:59 +00:00
Dr. Stephen Henson
f670738987
Rebuild object cross reference table.
2007-11-20 13:04:45 +00:00
Lutz Jänicke
86140095b5
Add OIDs by CMP (RFC 4210) and CRMF (RFC 4211)
...
Submitted by: Martin Peylo <martinmeis@googlemail.com>
2007-11-01 08:24:56 +00:00
Andy Polyakov
a005fb019f
Addenum to "Constify obj_dat.[ch]."
2007-09-18 22:15:31 +00:00
Andy Polyakov
26f0cf69d3
Constify obj_dat.[ch], as well as minimize linker relocations.
2007-09-18 21:05:21 +00:00
Dr. Stephen Henson
81025661a9
Update ssl code to support digests other than MD5+SHA1 in handshake.
...
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
2007-08-31 12:42:53 +00:00
Bodo Möller
96afc1cfd5
Add SEED encryption algorithm.
...
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:48:59 +00:00
Dr. Stephen Henson
74633553a9
Experimental HMAC support via EVP_PKEY_METHOD.
2007-04-11 12:33:06 +00:00
Dr. Stephen Henson
9981a51e42
Stage 1 GOST ciphersuite support.
...
Submitted by: ran@cryptocom.ru
Reviewed by: steve@openssl.org
2007-03-23 17:04:05 +00:00
Nils Larsch
357d5de5b9
add support for DSA with SHA2
2007-02-03 14:41:12 +00:00
Nils Larsch
c92da5a605
update
2006-12-21 19:48:47 +00:00
Nils Larsch
06e2dd037e
add support for ecdsa-with-sha256 etc.
2006-12-20 08:58:54 +00:00
Dr. Stephen Henson
5de3a0ff3d
Sync OID NIDs with OpenSSL 0.9.8.
2006-12-06 13:44:21 +00:00
Nils Larsch
b0eedd77f6
add "Certificate Issuer" and "Subject Directory Attributes" OIDs
...
PR: 1433
2006-12-04 18:51:06 +00:00
Dr. Stephen Henson
47a9d527ab
Update from 0.9.8 stable. Eliminate duplicate error codes.
2006-11-21 21:29:44 +00:00
Ben Laurie
777c47acbe
Make things static that should be. Declare stuff in headers that should be.
...
Fix warnings.
2006-08-28 17:01:04 +00:00
Dr. Stephen Henson
31780d0e26
Bugfix: don't look in internal table for signature if found in application
...
supplied list.
2006-07-12 16:30:40 +00:00
Dr. Stephen Henson
0ee2166cc5
New functions to add and free up application defined signature OIDs.
2006-07-09 16:05:43 +00:00
Bodo Möller
f3dea9a595
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:44:59 +00:00
Dr. Stephen Henson
1631d5f9b9
HMAC OIDs from RFC4231.
2006-05-17 12:27:45 +00:00
Dr. Stephen Henson
856640b54f
Extend PBE code to support non default PKCS#5 v2.0 PRFs.
2006-05-14 18:40:53 +00:00
Richard Levitte
98bf13c36b
make update
2006-05-12 15:31:28 +00:00
Dr. Stephen Henson
d202709808
Add OID cross reference table.
...
Fix some typos in GOST OIDs.
Update dependencies.
2006-04-18 23:36:07 +00:00
Dr. Stephen Henson
29da3ade3c
Rebuild mac table to avoid duplicates.
2006-04-05 12:09:09 +00:00
Dr. Stephen Henson
de908d6319
Typos in a few OID names.
2006-04-05 12:06:32 +00:00
Dr. Stephen Henson
5e0e9fce5d
Minor object name edit.
2006-04-05 11:29:31 +00:00
Dr. Stephen Henson
228b4e426b
Update and add last (?) set of GOST OIDs.
2006-04-04 15:53:21 +00:00
Dr. Stephen Henson
362ab3e4f9
More GOST OIDs
2006-04-02 13:22:39 +00:00
Dr. Stephen Henson
2aed84d16b
Add GOST parameter set OIDs.
2006-04-02 03:01:27 +00:00
Dr. Stephen Henson
5a47825ece
Fix gost OIDs.
2006-03-31 10:57:32 +00:00
Dr. Stephen Henson
531308d929
Fix typo.
2006-03-29 15:58:55 +00:00
Dr. Stephen Henson
74e564cd46
Add some GOST OIDs.
2006-03-29 13:02:21 +00:00
Dr. Stephen Henson
246e09319c
Fix bug where freed OIDs could be accessed in EVP_cleanup() by
...
defering freeing in OBJ_cleanup().
2006-03-28 17:23:48 +00:00
Dr. Stephen Henson
9c339a7227
Fix from stable branch.
2006-02-15 15:04:42 +00:00
Dr. Stephen Henson
15ac971681
Update filenames in makefiles.
2006-02-04 01:45:59 +00:00
Nils Larsch
8c5a2bd6bb
add additional checks + cleanup
...
Submitted by: David Hartman <david_hartman@symantec.com>
2006-01-29 23:12:22 +00:00
Andy Polyakov
f106fb85d4
Add Whirlpool OID.
2005-11-28 20:51:46 +00:00
Dr. Stephen Henson
452ae49db5
Extensive OID code enhancement and fixes.
2005-11-20 13:07:47 +00:00
Nils Larsch
5f10073c95
fix typo in sbgp names
...
PR: 1194
2005-09-02 21:23:25 +00:00
Nils Larsch
8215e7a938
fix warnings when building openssl with the following compiler options:
...
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
-Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
-Wstrict-prototypes -Wreturn-type -Wpointer-arith -W -Wunused
-Wno-unused-parameter -Wuninitialized
2005-08-28 22:49:57 +00:00
Dr. Stephen Henson
231493c93c
Initial print only support for IDP CRL extension.
2005-07-23 23:33:06 +00:00
Ben Laurie
45d8574b93
Fix warnings.
2005-06-29 10:25:06 +00:00
Andy Polyakov
ce92b6eb9c
Further BUILDENV refinement, further fool-proofing of Makefiles and
...
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342 .
2005-05-16 16:55:47 +00:00
Andy Polyakov
81a86fcf17
Fool-proofing Makefiles
2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
29dc350813
Rebuild error codes.
2005-04-12 16:15:22 +00:00
Richard Levitte
4bb61becbb
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
Nils Larsch
f763e0b5ae
make sure error queue is totally emptied
...
PR: 359
2005-04-07 22:53:35 +00:00
Nils Larsch
70f34a5841
some const fixes and cleanup
2005-04-05 10:29:43 +00:00
Ben Laurie
42ba5d2329
Blow away Makefile.ssl.
2005-03-30 13:05:57 +00:00
Andy Polyakov
f7f2125522
Avoid re-build avalanches with HP-UX make.
2005-03-12 09:12:44 +00:00
Richard Levitte
6951c23afd
Add functionality needed to process proxy certificates.
2004-12-28 00:21:35 +00:00
Richard Levitte
3c97bd833b
Change libeay.num so it's synchronised with additions in 0.9.7-stable.
...
make update
2004-12-13 22:57:08 +00:00
Dr. Stephen Henson
a0e7c8eede
Add lots of checks for memory allocation failure, error codes to indicate
...
failure and freeing up memory if a failure occurs.
PR:620
2004-12-05 01:03:15 +00:00
Dr. Stephen Henson
8544a80776
Add couple of OIDs. Resync NIDs for consistency with 0.9.7.
2004-12-01 18:09:53 +00:00
Richard Levitte
a2ac429da2
Don't use $(EXHEADER) directly in for loops, as most shells will break
...
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Richard Levitte
914d36ba19
make update
2004-05-31 13:16:08 +00:00
Andy Polyakov
6bca8e3886
objects.txt update for SHA-224/-256/-384/-512. SHA-224 ids still appear
...
"draft," but we have to start somewhere...
Submitted by: Nils Larsch <nlarsch@compuserve.de>
2004-05-31 13:07:19 +00:00
Geoff Thorpe
9c52d2cc75
After the latest round of header-hacking, regenerate the dependencies in
...
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
2004-05-17 19:26:06 +00:00
Richard Levitte
875a644a90
Constify d2i, s2i, c2i and r2i functions and other associated
...
functions and macros.
This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const. Those will be removed when this change has been
properly reviewed.
2004-03-15 23:15:26 +00:00
Dr. Stephen Henson
edec614efd
Support for inhibitAnyPolicy extension.
2004-03-08 13:56:31 +00:00
Richard Levitte
8d1ebe0bd1
Add the missing parts for DES CFB1 and CFB8.
...
Add the corresponding AES parts while I'm at it.
make update
2004-01-28 19:05:35 +00:00
Richard Levitte
075521725d
Fix Perl problems on sparc64.
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 16:13:18 +00:00
Richard Levitte
79b42e7654
Use sh explicitely to run point.sh
...
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:59:07 +00:00
Richard Levitte
d420ac2c7d
Use BUF_strlcpy() instead of strcpy().
...
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
2003-12-27 14:40:17 +00:00
Richard Levitte
0d78bc3356
Add IPSec/IKE/Oakley curves.
...
PR: 768
Submitted by: Vadim Fedukovich <vf@unity.net>
2003-11-29 09:25:59 +00:00
Bodo Möller
968766cad8
updates for draft-ietf-tls-ecc-03.txt
...
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
2003-07-22 12:34:21 +00:00
Richard Levitte
f9d183c209
Replace CCITT with ITU-T. Keep CCITT around as an alias.
...
make update
PR: 80
2003-07-04 15:45:04 +00:00
Richard Levitte
c89f31def0
make update
2003-06-26 10:27:11 +00:00
Richard Levitte
54dbdd9837
Some variables were uninitialised...
2003-04-29 20:45:36 +00:00
Richard Levitte
ea5240a5ed
Add an extended variant of OBJ_bsearch() that can be given a few
...
flags.
2003-04-29 20:25:21 +00:00
Dr. Stephen Henson
1c2d141238
Name Constraints OID.
2003-03-24 00:56:09 +00:00
Dr. Stephen Henson
6f528cac5a
Typo: OID should be policyMappings
2003-03-20 17:14:27 +00:00
Dr. Stephen Henson
ba5df66a8b
Add some OIDs.
2003-03-13 23:37:55 +00:00
Bodo Möller
d745af4b0c
avoid potential confusion about curves (prime192v1 and prime256v1 are
...
also known as secp192r1 and secp256r1, respectively)
Submitted by: Nils Larsch, Bodo Moeller
2003-01-16 16:05:23 +00:00
Bodo Möller
b05645902a
"!Cname surname" has now become redundant ...
2003-01-13 15:57:33 +00:00
Bodo Möller
54d4f8c320
undo part of a recent change: it's "surname", not "surName"
...
(see X.520 aka ISO/IEC 9594-6)
2003-01-13 15:52:04 +00:00
Richard Levitte
c9ecb1edd8
Keep the internal lowercase 'surname', for programmer's sake.
2002-12-20 09:39:34 +00:00
Richard Levitte
8baf5fdca0
Be consistent with capitalisation of object names.
2002-12-20 09:24:17 +00:00
Richard Levitte
aafafa314d
Be consistent with capitalisation of object names.
2002-12-20 09:18:18 +00:00
Richard Levitte
6dc78bf7e8
make update
2002-11-15 11:20:43 +00:00
Richard Levitte
ce4f169ff9
A few more Microsoft OIDs added
2002-11-15 11:17:50 +00:00
Ben Laurie
54a656ef08
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
Richard Levitte
001ab3abad
Use double dashes so makedepend doesn't misunderstand the flags we
...
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:25:12 +00:00
Dr. Stephen Henson
2af52de7b5
Fix typo in OBJ_txt2obj which incorrectly passed the content
...
length, instead of the encoding length to d2i_ASN1_OBJECT.
This wasn't visible before becuse ASN1_get_object() used
to read past the length of the supplied buffer.
2002-08-14 00:48:02 +00:00
Bodo Möller
16dc1cfb5c
Add more WAP/WTLS elliptic curve OIDs.
...
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-02 12:28:34 +00:00
Lutz Jänicke
c046fffa16
OpenSSL Security Advisory [30 July 2002]
...
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
2002-07-30 13:04:04 +00:00
Richard Levitte
17085b022c
Pass CFLAG to dependency makers, so non-standard system include paths are
...
handled properly.
Part of PR 75
2002-06-27 16:39:25 +00:00
Lutz Jänicke
82869b3c8d
Add OIDs for Secure Electronic Transactions (SET)
...
Submitted by: Vadim Fedukovich <vf@unity.net>
Reviewed by: Lutz Jaenicke
PR: 80
2002-06-13 11:52:56 +00:00
Lutz Jänicke
0f7b63c834
Make sure that settings are passed back and forth when walking around
...
in the tree during build.
Reinstall default PERL settings in Makefiles, as the real reason for the
failure was that the settings were not passed.
2002-06-06 10:16:59 +00:00
Lutz Jänicke
345731731a
New OID for X509 usage: pseudonym
...
Submitted by: Michael Bell <michael.bell@rz.hu-berlin.de>
Reviewed by: Lutz Jaenicke
PR: 83
2002-06-06 07:33:00 +00:00
Lutz Jänicke
bb0db9c491
The correct PERL interpreter is passed via commandline.
2002-06-05 07:03:17 +00:00
Richard Levitte
9cdf87f194
Check the return values where memory allocation failures may happen.
...
PR: 49
2002-05-30 16:47:45 +00:00
Lutz Jänicke
f1e6643751
Add generationQualifier OID (proposed by Fiel Cabral).
2002-04-25 18:03:13 +00:00
Lutz Jänicke
d5d007abe3
Optimize: better shortcut evaluation ("Howard Chu" <hyc@highlandsun.com>).
2002-04-18 11:54:06 +00:00
Lutz Jänicke
ea7fc0311c
Use the "mail" short name according to RFC2798 (Michael Bell
...
<michael.bell@rz.hu-berlin.de>).
2002-04-15 13:30:41 +00:00
Lutz Jänicke
30911232c1
Some more OID enhancements.
2002-04-15 10:41:38 +00:00