Dr. Stephen Henson
55ec5861c8
Modify S/MIME application so the -signer option writes the signer(s)
...
to a file if we are verifying.
1999-12-07 02:35:52 +00:00
Dr. Stephen Henson
5a9a4b299c
Merge in my S/MIME library and utility.
1999-12-05 00:40:59 +00:00
Bodo Möller
cddfe788fb
Add functions des_set_key_checked, des_set_key_unchecked.
...
Never use des_set_key (it depends on the global variable des_check_key),
but usually des_set_key_unchecked.
Only destest.c bothered to look at the return values of des_set_key,
but it did not set des_check_key -- if it had done so,
most checks would have failed because of wrong parity and
because of weak keys.
1999-12-03 20:24:21 +00:00
Dr. Stephen Henson
dd4134101f
Change the trust and purpose code so it doesn't need init
...
either and has a static and dynamic mix.
1999-12-02 02:33:56 +00:00
Dr. Stephen Henson
08cba61011
Modify the X509 V3 extension lookup code.
1999-12-01 01:49:46 +00:00
Ben Laurie
fea9afbfc7
Make salting the default. Fail gracefully if the input is not salted.
1999-11-30 20:15:19 +00:00
Dr. Stephen Henson
bb7cd4e3eb
Remainder of SSL purpose and trust code: trust and purpose setting in
...
SSL_CTX and SSL, functions to set them and defaults if no values set.
1999-11-29 22:35:00 +00:00
Dr. Stephen Henson
13938aceca
Add part of chain verify SSL support code: not complete or doing anything
...
yet.
Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.
Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
1999-11-29 01:09:25 +00:00
Dr. Stephen Henson
51630a3706
Add trust setting support to the verify code. It now checks the
...
trust settings of the root CA.
After a few fixes it seems to work OK.
Still need to add support to SSL and S/MIME code though.
1999-11-27 19:43:10 +00:00
Dr. Stephen Henson
9868232ae1
Initial trust code: allow setting of trust checking functions
...
in a table. Doesn't do too much yet.
Make the -<digestname> options in 'x509' affect all relevant
options.
Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.
A few constification changes.
1999-11-27 01:14:04 +00:00
Dr. Stephen Henson
d4cec6a13d
New options to the -verify program which can be used for chain verification.
...
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.
Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
1999-11-26 00:27:07 +00:00
Dr. Stephen Henson
52664f5081
Transparent support for PKCS#8 private keys in RSA/DSA.
...
New universal public key format.
Fix CRL+cert load problem in by_file.c
Make verify report errors when loading files or dirs
1999-11-21 22:28:31 +00:00
Ben Laurie
44eca70641
Update dependencies.
1999-11-18 14:32:54 +00:00
Ben Laurie
5ef738240a
Fix warning.
1999-11-18 14:10:53 +00:00
Dr. Stephen Henson
f76d8c4747
Modify verify code to handle self signed certificates.
1999-11-17 01:20:29 +00:00
Dr. Stephen Henson
91895a5938
Fix for a bug in PKCS#7 code and non-detached data.
...
Remove rc4-64 from ciphers since it doesn't exist...
1999-11-16 14:54:50 +00:00
Dr. Stephen Henson
fd699ac55f
Add a salt to the key derivation using the 'enc' program.
1999-11-16 02:49:25 +00:00
Dr. Stephen Henson
06556a1744
'req' fixes. Reinstate length check one request fields.
...
Fix to stop null being added to attributes.
Modify X509_LOOKUP, X509_INFO to handle auxiliary info.
1999-11-14 23:10:50 +00:00
Dr. Stephen Henson
a0e9f529a4
Add support for the 40 and 64 bit RC2 and RC4 ciphers in 'enc'
...
add documentation for 'enc'.
1999-11-14 03:23:17 +00:00
Richard Levitte
849c0fe240
Adjust to changes in apps/openssl.cnf
1999-11-12 01:59:47 +00:00
Richard Levitte
ca0e2bc973
Adjust to changes in apps/Makefile.ssl
1999-11-12 01:52:59 +00:00
Dr. Stephen Henson
954ef7ef69
Merge some common functionality in the apps, delete
...
the encryption option in the pkcs7 utility (they never
did anything) and add a couple more options to pkcs7.
1999-11-12 01:42:25 +00:00
Dr. Stephen Henson
af29811edd
Add password command line options to some utils. Fix and update man
...
pages.
1999-11-11 18:41:31 +00:00
Dr. Stephen Henson
53b1899e3c
Fix a couple of outstanding issues: update STATUS file, fix NO_FP_API problems.
...
Update docs, change 'ca' to use the new callback parameter. Now moved key_callback
into app.c because some other utilities will use it soon.
1999-11-11 13:58:41 +00:00
Ben Laurie
95fdc5eef9
Fix (spurious) warnings.
1999-11-09 12:09:24 +00:00
Bodo Möller
5fe2085bba
Avoid some warnings.
1999-11-09 10:00:15 +00:00
Dr. Stephen Henson
a0ad17bb6c
Fix to the -revoke option in ca. It was leaking memory, crashing and just
...
plain not working :-(
Also fix some memory leaks in the new X509_NAME code.
Fix so new app_rand code doesn't crash 'x509' and move #include so it compiles
under Win32.
1999-11-08 13:58:08 +00:00
Dr. Stephen Henson
ce1b4fe146
Allow additional information to be attached to a
...
certificate: currently this includes trust settings
and a "friendly name".
1999-11-04 00:45:35 +00:00
Dr. Stephen Henson
74400f7348
Continued multibyte character support.
...
Add a bunch of functions to simplify the creation of X509_NAME structures.
Change the X509_NAME_entry_add stuff in req/ca so it no longer uses
X509_NAME_entry_count(): passing -1 has the same effect.
1999-10-27 00:15:11 +00:00
Bodo Möller
847c52e47f
Warn about RANDFILE being overwritten.
1999-10-26 11:27:42 +00:00
Bodo Möller
640588bbfb
New file app_rand.c with some functionality used in various openssl
...
applications.
1999-10-26 01:59:11 +00:00
Bodo Möller
a31011e8e0
Various randomness handling bugfixes and improvements --
...
some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.
1999-10-26 01:56:29 +00:00
Bodo Möller
798757762a
Improve support for running everything as a monolithic application.
...
Submitted by: Lennart Bång, Bodo Möller
1999-10-25 19:36:01 +00:00
Dr. Stephen Henson
673b102c5b
Initial support for certificate purpose checking: this will
...
ultimately lead to certificate chain verification. It is
VERY EXPERIMENTAL at present though.
1999-10-13 01:11:56 +00:00
Dr. Stephen Henson
def38e38ec
Fix incorrect usage messages in some commands.
1999-10-06 22:59:21 +00:00
Dr. Stephen Henson
d71c6bc5a4
Fix for bug in pkcs12 program and typo in ASN1_tag2str().
1999-10-05 13:10:21 +00:00
Dr. Stephen Henson
2d681b779c
Fix for bug in pkcs12 program and typo in ASN1_tag2str().
1999-10-05 12:57:50 +00:00
Dr. Stephen Henson
3908cdf442
New option -dhparam to s_server to allow the DH parameter file to be set
...
explicitly. Previously it couldn't be changed because it was hard coded as
"server.pem".
1999-10-04 23:56:06 +00:00
Dr. Stephen Henson
3ea23631d4
Add support for public key input and output in rsa and dsa utilities with some
...
new DSA public key functions that were missing.
Also beginning of a cache for X509_EXTENSION structures: this will allow them
to be accessed more quickly for things like certificate chain verification...
1999-10-04 21:17:47 +00:00
Ben Laurie
18c77bf29e
Fix warnings.
1999-10-03 18:09:45 +00:00
Dr. Stephen Henson
c91e125934
Modify the 'speed' application so it now uses RSA_sign and RSA_verify
...
instead of RSA_private_encrypt and RSA_public_decrypt
1999-10-02 01:18:19 +00:00
Bodo Möller
39b30b6ab7
"make update"
1999-09-27 15:12:30 +00:00
Bodo Möller
8569c322be
Fix typo in error message.
...
Submitted by: Alan Batie
1999-09-25 11:26:31 +00:00
Bodo Möller
dd73193c83
Honor BUFSIZZ definition in s_server, don't use tiny 32 byte
...
buffer (which leads to truncation of client cipher list).
1999-09-25 11:24:53 +00:00
Bodo Möller
4ad378ea43
Bugfix: avoid opening CAfile when it's NULL.
1999-09-24 20:27:20 +00:00
Bodo Möller
f4e723f3e7
typo
1999-09-21 14:03:20 +00:00
Dr. Stephen Henson
06f4536a61
Fix to make s_client and s_server work under Windows. A bit of a hack but
...
an improvement on not working at all.
1999-09-20 22:09:17 +00:00
Dr. Stephen Henson
090d848ea8
Various CRL enhancements tidies and workaround for broken CRLs.
1999-09-18 01:42:02 +00:00
Bodo Möller
9a0f732d75
Document -startdate and -enddate in usage summary.
1999-09-17 16:35:29 +00:00
Dr. Stephen Henson
d79812b0fa
Fix typo.
1999-09-15 21:12:23 +00:00