Lutz Jänicke
a75b191502
Fix problem occuring when used from OpenSSH on Solaris 8.
2001-07-26 09:02:44 +00:00
Bodo Möller
6aecef815c
Don't preserve existing keys in DH_generate_key.
2001-07-25 17:20:34 +00:00
Bodo Möller
daba492c3a
md_rand.c thread safety
2001-07-25 17:17:24 +00:00
Bodo Möller
24cff6ced5
always reject data >= n
2001-07-25 17:02:58 +00:00
Bodo Möller
badb910f3c
Avoid race condition.
...
Submitted by: Travis Vitek <vitek@roguewave.com>
2001-07-24 12:31:14 +00:00
Ben Laurie
c518ade1fd
Clean up EVP macros, rename DES EDE3 modes correctly, temporary support for
...
OpenBSD /dev/crypto (this will be revamped later when the appropriate machinery
is available).
2001-07-21 10:24:07 +00:00
Dr. Stephen Henson
ee306a1332
Initial OCSP server support, using index.txt format.
...
This can process internal requests or behave like a
mini responder.
Todo: documentation, update usage info.
2001-07-12 20:41:51 +00:00
Richard Levitte
e452de9d87
Add the possibility to specify the use of zlib compression and
...
decompression. It can be set up to link at link time or to load the
zlib library at run-time.
2001-07-12 09:11:14 +00:00
Richard Levitte
0665dd6852
Document the recent Kerberos SSL changes.
2001-07-12 04:23:57 +00:00
Geoff Thorpe
af436bc158
openssl speed is quite useful for testing hardware support (among other
...
things), especially as the RSA keys are fixed. However, DSA only fixes the
DSA parameters and then generates the public and private components on the
fly each time - this commit hard-codes some sampled key values so that this
is no longer the case.
2001-07-11 18:59:25 +00:00
Bodo Möller
e9ad0d2c31
Fix PRNG.
2001-07-10 10:49:34 +00:00
Ben Laurie
c148d70978
A better compromise between encrypt and decrypt (but why isn't it as fast
...
for encrypt?).
2001-07-09 21:00:36 +00:00
Ben Laurie
f31b12503e
Use & instead of % - worth about 4% for 8 byte blocks.
2001-07-08 17:27:32 +00:00
Bodo Möller
d63c6bd397
Align with 0.9.6-stable CHANGES file, and make some corrections.
2001-07-04 20:56:47 +00:00
Bodo Möller
93dbd83570
Entry for Andy's mips3.s fix.
2001-07-04 20:17:27 +00:00
Lutz Jänicke
43f9391bcc
When only the key is given to "enc", the IV is undefined
...
(found by Andy Brown <logic@warthog.com>).
2001-07-03 10:31:11 +00:00
Richard Levitte
c80410c50c
Insuline shot
2001-07-01 23:15:43 +00:00
Dr. Stephen Henson
b7a26e6daf
Modify apps to use NCONF code instead of old CONF code.
...
Add new extension functions which work with NCONF.
Tidy up extension config routines and remove redundant code.
Fix NCONF_get_number().
Todo: more testing of apps to see they still work...
2001-06-28 11:41:50 +00:00
Dr. Stephen Henson
1e325f6149
Handle empty X509_NAME in printing routines.
2001-06-26 12:04:35 +00:00
Bodo Möller
c458a33196
DSA verification should insist that r and s are in the allowed range.
2001-06-26 09:48:17 +00:00
Richard Levitte
fd3e027faa
Oops, applies to 0.9.7 only.
2001-06-23 16:28:21 +00:00
Richard Levitte
235dd0a22a
Document recent changes.
2001-06-23 16:27:37 +00:00
Dr. Stephen Henson
323f289c48
Change all calls to low level digest routines in the library and
...
applications to use EVP. Add missing calls to HMAC_cleanup() and
don't assume HMAC_CTX can be copied using memcpy().
Note: this is almost identical to the patch submitted to openssl-dev
by Verdon Walker <VWalker@novell.com> except some redundant
EVP_add_digest_()/EVP_cleanup() calls were removed and some changes
made to avoid compiler warnings.
2001-06-19 22:30:40 +00:00
Richard Levitte
839590f576
- Add the possibility to control engines through control names but
...
with arbitrary arguments instead of just a string.
- Change the key loaders to take a UI_METHOD instead of a callback
function pointer. NOTE: this breaks binary compatibility with
earlier versions of OpenSSL [engine].
- Addapt the nCipher code for these new conditions and add a card
insertion callback.
2001-06-19 16:12:18 +00:00
Richard Levitte
9ad0f6812f
Enhance the user interface with better support for dialog box
...
prompting, application-defined prompts, the possibility to use
defaults (for example default passwords from somewhere else) and
interrupts/cancelations.
2001-06-19 15:52:00 +00:00
Dr. Stephen Henson
3cc1f498a1
Don't set pointer if add_lock_callback used.
2001-06-19 00:04:57 +00:00
Bodo Möller
285b42756a
pay attention to blocksize before attempting decryption
2001-06-15 18:05:09 +00:00
Bodo Möller
8a774dc9a6
Add directory name to the entry on /crypto/ui/.
2001-06-11 09:55:20 +00:00
Dr. Stephen Henson
f2a253e0dd
Add support for MS CSP Name PKCS#12 attribute.
2001-06-11 00:43:20 +00:00
Bodo Möller
ecf186065c
OAEP fix
2001-06-06 21:44:28 +00:00
Bodo Möller
31bc51c8cf
Fix Bleichenbacher PKCS #1 1.5 countermeasure.
...
(The attack against SSL 3.1 and TLS 1.0 is impractical anyway,
otherwise this would be a security relevant patch.)
2001-06-01 09:41:25 +00:00
Geoff Thorpe
d918f85146
Fix a memory leak in 'sk_dup' in the case a realloc() fails. Also, tidy up
...
a bit of weird code in sk_new.
2001-05-31 19:01:08 +00:00
Lutz Jänicke
7e97837274
Don't forget responsible person so that its clear who is to blame.
2001-05-29 13:52:21 +00:00
Richard Levitte
79bb8d0077
Document the latest change in ENGINEs.
2001-05-26 16:58:34 +00:00
Dr. Stephen Henson
76c919c1a3
Add missing variable length cipher flag for Blowfish.
...
Only use trust settings if either trust or reject settings
are present, otherwise use compatibility mode. This stops
root CAs being rejected if they have alias of keyid set.
2001-05-24 22:58:35 +00:00
Lutz Jänicke
e8734731d3
Increase ENTROPY_NEEDED to support Rijndael's larger key size.
2001-05-15 16:02:35 +00:00
Richard Levitte
496da8b918
Document the addition.
2001-05-13 10:37:02 +00:00
Dr. Stephen Henson
4831e626aa
Change Win32 to use EXPORT_VAR_AS_FN.
...
Fix OPENSSL_IMPLEMENT_GLOBAL.
Allow Win32 to use EXPORT_VAR_AS_FN in mkdef.pl
make update.
2001-05-12 23:57:41 +00:00
Lutz Jänicke
3351b8d007
Update changelog to reflect additional changes made to the egd-locations.
2001-05-10 09:45:31 +00:00
Bodo Möller
4b49bf6a93
restore change undone in 1.831 (apparently by accident)
2001-05-10 09:33:18 +00:00
Dr. Stephen Henson
926a56bfe3
Purpose and trust setting functions for X509_STORE.
...
Tidy existing code.
2001-05-10 00:13:59 +00:00
Dr. Stephen Henson
bdee69f718
Allow various X509_STORE_CTX properties to be
...
inherited from X509_STORE.
Add CRL checking options to other applications.
2001-05-09 00:30:39 +00:00
Bodo Möller
ff43e2e155
fix an old entry
2001-05-08 12:45:55 +00:00
Dr. Stephen Henson
b545dc6775
Initial CRL based revocation checking.
2001-05-07 22:52:50 +00:00
Richard Levitte
a63d5eaab2
Add a general user interface API. This is designed to replace things
...
like des_read_password and friends (backward compatibility functions
using this new API are provided). The purpose is to remove prompting
functions from the DES code section as well as provide for prompting
through dialog boxes in a window system and the like.
2001-05-06 23:19:37 +00:00
Bodo Möller
24cc290b85
.rnd issues
2001-05-03 09:27:43 +00:00
Richard Levitte
d02408ad8a
Remove part conflict indicator...
2001-05-02 07:15:03 +00:00
Geoff Thorpe
e5a77633cf
Make notes about ENGINE changes.
2001-04-26 20:42:12 +00:00
Dr. Stephen Henson
c962479bdf
Fix ASN1 bug when decoding OTHER type.
...
Various S/MIME DSA related fixes.
2001-04-21 12:06:01 +00:00
Geoff Thorpe
2a8a10eda6
Add notes about the new ENGINE functionality.
2001-04-19 23:06:00 +00:00