Commit Graph

269 Commits

Author SHA1 Message Date
Dr. Stephen Henson
3e268d2717 Ensure EVP_CipherInit() uses the correct encode/decode parameter if
enc == -1

[Reported by Markus Friedl <markus@openbsd.org>]

Fix typo in dh_lib.c (use of DSAerr instead of DHerr).
2002-03-16 23:20:05 +00:00
Dr. Stephen Henson
de941e289e Initialize cipher context in KRB5
("D. Russell" <russelld@aol.net>)

Allow HMAC functions to use an alternative ENGINE.
2002-03-14 18:22:23 +00:00
Bodo Möller
690ecff795 Fixes for 'no-hw' combined with 'no-SOME_CIPHER'.
Fix dsaparam usage output.

Submitted by: Nils Larsch
2002-03-14 09:52:03 +00:00
Dr. Stephen Henson
bf6a9e66d6 Make ciphers and digests obtain an ENGINE functional reference
if impl is explicitly supplied.
2002-03-09 18:58:05 +00:00
Richard Levitte
87ebdd8a71 VMS addaptation, including a few more long names that needed hacking. 2002-02-28 13:17:40 +00:00
Richard Levitte
26414ee013 Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated 2002-02-28 12:42:19 +00:00
Richard Levitte
0d7b9b8b7e make update, after moving around symbols in libeay.num to match
0.9.7-stable.
2002-02-26 14:41:29 +00:00
Dr. Stephen Henson
a3829cb720 Updates from stable branch. 2002-02-23 13:50:29 +00:00
Dr. Stephen Henson
e84be9b495 New OPENSSL_LOAD_CONF define to load openssl.cnf
when OpenSSL_add_all_algorithms() is called.
2002-02-23 01:00:44 +00:00
Richard Levitte
5b7848a345 Add comfy aliases for AES in CBC mode. 2002-02-20 17:59:49 +00:00
Richard Levitte
236be53269 gcc figures that the format specifier %2x means unsigned int, so let's
make n unsigned.
2002-02-20 13:50:36 +00:00
Richard Levitte
a6cd870784 The AES modes OFB and CFB are defined with 128 feedback bits. This
deviates from the "standard" 64 bits of feedback that all other
algorithms are using.  Therefore, let's redo certain EVP macros to
accept different amounts of feedback bits for these modes.

Also, change e_aes.c to provide all usually available modes for AES.
CTR isn't included yet.
2002-02-16 12:39:07 +00:00
Bodo Möller
6cc3700314 don't call OPENSSL_config(), this does not make any sense during "make test" 2002-02-14 13:51:20 +00:00
Bodo Möller
4d94ae00d5 ECDSA support
Submitted by: Nils Larsch <nla@trustcenter.de>
2002-02-13 18:21:51 +00:00
Richard Levitte
de2f6e4dae 'make update' 2002-02-05 17:34:58 +00:00
Lutz Jänicke
2a81428489 Remove blanks at begin of empty lines irritating epv_test.c 2002-01-26 15:24:38 +00:00
Geoff Thorpe
f1c2a9de45 The 'type' parameter, an EVP_MD pointer, represents the type of digest
required as well as a default implementation (when no ENGINE provides a
replacement implementation). This change makes sure the correct
implementation's "init()" handler is used rather than assuming 'type'.
2002-01-25 03:13:50 +00:00
Richard Levitte
52b66a622d Keep the NIST AES vectors that were there previously. 2002-01-24 18:09:50 +00:00
Richard Levitte
fe19c448f0 make update
libeay.num got tweaked so the old des symbols would retain their
positions.
2002-01-24 12:31:54 +00:00
Richard Levitte
7389c848d4 Use FIPS-197 vectors for AES. The NIST vectors were constructed by
reencrypting or redecrypting the ciphertext 10000 times, which of
course gives higly different results.
2002-01-21 17:55:38 +00:00
Richard Levitte
4d393410f3 Add more of the NIST test vectors for AES.
For some reason, they give incorrect results with the OpenSSL
implementation.  I wonder why...
2002-01-21 16:09:45 +00:00
Ben Laurie
9dd5ae6553 Constification, add config to /dev/crypto. 2002-01-18 16:51:05 +00:00
Bodo Möller
e5d6528a12 fix EVP_CIPHER_mode macro
Submitted by: "Dan S. Camper" <dan@bti.net>
2002-01-04 13:04:45 +00:00
Richard Levitte
6f9079fd50 Because Rijndael is more known as AES, use crypto/aes instead of
crypto/rijndael.  Additionally, I applied the AES integration patch
from Stephen Sprunk <stephen@sprunk.org> and fiddled it to work
properly with the normal EVP constructs (and incidently work the same
way as all other symmetric cipher implementations).

This results in an API that looks a lot like the rest of the OpenSSL
cipher suite.
2002-01-02 16:55:35 +00:00
Richard Levitte
c938563a81 The block size may be something other than 8! 2002-01-02 16:51:17 +00:00
Richard Levitte
40928698bb When RSA or DSA are disabled, do not include the stuff that's specific
to them.
2002-01-02 12:45:51 +00:00
Bodo Möller
4d7072f4b5 remove redundant ERR_load_... declarations 2001-12-17 19:22:23 +00:00
Ben Laurie
ff3fa48fc7 Improve back compatibility. 2001-12-09 21:53:31 +00:00
Dr. Stephen Henson
6a0dec9584 Make EVP_SealInit() return the correct value. 2001-12-01 23:09:38 +00:00
Dr. Stephen Henson
b83eddc578 Win32 fixes. 2001-11-06 13:40:27 +00:00
Richard Levitte
c2e4f17c1a Due to an increasing number of clashes between modern OpenSSL and
libdes (which is still used out there) or other des implementations,
the OpenSSL DES functions are renamed to begin with DES_ instead of
des_.  Compatibility routines are provided and declared by including
openssl/des_old.h.  Those declarations are the same as were in des.h
when the OpenSSL project started, which is exactly how libdes looked
at that time, and hopefully still looks today.

The compatibility functions will be removed in some future release, at
the latest in version 1.0.
2001-10-24 21:21:12 +00:00
Dr. Stephen Henson
581f1c8494 Modify EVP cipher behaviour in a similar way
to digests to retain compatibility.
2001-10-17 00:37:12 +00:00
Dr. Stephen Henson
20d2186c87 Retain compatibility of EVP_DigestInit() and EVP_DigestFinal()
with existing code.

Modify library to use digest *_ex() functions.
2001-10-16 01:24:29 +00:00
Richard Levitte
67d0738aba In certain cases, no encoding has been set up for the b64 filter. In
such cases, a flush should *not* attempt to finalise the encoding, as
the EVP_ENCODE_CTX structure will only be filled with garbage.  For
the same reason, do the same check when a wpending is performed.
2001-10-11 19:38:40 +00:00
Richard Levitte
dd5e774664 Add support for md4WithRSAEncryption. 2001-10-10 21:37:45 +00:00
Geoff Thorpe
cf98440178 evp_test.c and evptests.txt both need to be linked in the test/ directory
however for different reasons. This separation should prevent the win32
build from interpreting evptests.txt as source code.
2001-10-09 01:38:31 +00:00
Geoff Thorpe
c500d44735 Change some EVP prototypes to use "cipher" rather than "type" as a variable
name. The implementations already use this anyway.
2001-10-08 17:25:42 +00:00
Geoff Thorpe
18eda73234 EVP_EncryptInit_ex() and EVP_DecryptInit_ex() had been defined in evp.h but
not implemented. (Bug reported by Martin Szotkowski)

This also changes the non-"_ex" versions to defer directly to
EVP_CipherInit_ex() rather than EVP_CipherInit() to avoid an unecessary
level of indirection.
2001-10-08 17:24:10 +00:00
Richard Levitte
f8000b9345 'make update' 2001-10-04 07:49:09 +00:00
Richard Levitte
2aa9043ad3 Because there's chances we clash with the system's types.h, rename our
types.h to ossl_typ.h.
2001-10-04 07:32:46 +00:00
Dr. Stephen Henson
1a095560f7 Use the maximum block length for the extra size in the encrypt
BIO buffer instead of hard coding it as 8.
2001-10-03 12:47:03 +00:00
Dr. Stephen Henson
f329b8d73b Make EVP_DecryptUpdate work again. 2001-10-02 16:19:49 +00:00
Dr. Stephen Henson
de822715b2 Constify EVP_SealInit, EVP_OpenInit 2001-09-28 01:47:36 +00:00
Ben Laurie
0fea7ed4a4 Don't clean up stuff twice. 2001-09-26 15:15:03 +00:00
Geoff Thorpe
11a57c7be5 This changes EVP's cipher and digest code to hook via the ENGINE support.
See crypto/engine/README for details.

- it also removes openbsd_hw.c from the build (that functionality is
  going to be available in the openbsd ENGINE in a upcoming commit)

- evp_test has had the extra initialisation added so it will use (if
  possible) any ENGINEs supporting the algorithms required.
2001-09-25 21:37:02 +00:00
Geoff Thorpe
cb78486d97 This commits changes to various parts of libcrypto required by the recent
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGINE. Previously their use of
"method" pointers was replaced by use of ENGINE references. See
crypto/engine/README for details.

Also, remove the ENGINE iterations from evp_test - even when the
cipher/digest code is committed in, this functionality would require a
different set of API calls.
2001-09-25 20:23:40 +00:00
Dr. Stephen Henson
591ccf586d Fix AES CBC mode EVP_CIPHER structures: the IV length is always
16.
2001-09-25 13:49:58 +00:00
Geoff Thorpe
e059b19ddb Add a SHA1 test to evptests.txt - only the MD5 hash algorithm was being
tested previously.
2001-09-14 18:21:36 +00:00
Geoff Thorpe
997a54c981 'evp_test' needs to initialise and cleanup EVP_CIPHER_CTX structures. Also,
fix a typo and add cleanup operations. This also switches on memory leak
checking (which is how the rest was found).
2001-09-14 18:20:44 +00:00
Bodo Möller
5a85385387 typo 2001-09-10 16:57:06 +00:00