Commit Graph

509 Commits

Author SHA1 Message Date
Dr. Stephen Henson
dd14f91171 ASN1_TYPE documentation.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-26 21:59:17 +00:00
Rich Salz
8fdc3734c0 free NULL cleanup.
This gets EC_GROUP_clear_free EC_GROUP_free, EC_KEY_free,
EC_POINT_clear_free, EC_POINT_free

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-03-25 18:35:24 -04:00
Rich Salz
ca3a82c3b3 free NULL cleanup
This commit handles BIO_ACCEPT_free BIO_CB_FREE BIO_CONNECT_free
BIO_free BIO_free_all BIO_vfree

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-25 11:31:18 -04:00
Matt Caswell
302d38e3f7 Deprecate RAND_pseudo_bytes
The justification for RAND_pseudo_bytes is somewhat dubious, and the reality
is that it is frequently being misused. RAND_bytes and RAND_pseudo_bytes in
the default implementation both end up calling ssleay_rand_bytes. Both may
return -1 in an error condition. If there is insufficient entropy then
both will return 0, but RAND_bytes will additionally add an error to the
error queue. They both return 1 on success.
Therefore the fundamental difference between the two is that one will add an
error to the error queue with insufficient entory whilst the other will not.
Frequently there are constructions of this form:

if(RAND_pseudo_bytes(...) <= 1)
	goto err;

In the above form insufficient entropy is treated as an error anyway, so
RAND_bytes is probably the better form to use.

This form is also seen:
if(!RAND_pseudo_bytes(...))
	goto err;

This is technically not correct at all since a -1 return value is
incorrectly handled - but this form will also treat insufficient entropy as
an error.

Within libssl it is required that you have correctly seeded your entropy
pool and so there seems little benefit in using RAND_pseudo_bytes.
Similarly in libcrypto many operations also require a correctly seeded
entropy pool and so in most interesting cases you would be better off
using RAND_bytes anyway. There is a significant risk of RAND_pseudo_bytes
being incorrectly used in scenarios where security can be compromised by
insufficient entropy.

If you are not using the default implementation, then most engines use the
same function to implement RAND_bytes and RAND_pseudo_bytes in any case.

Given its misuse, limited benefit, and potential to compromise security,
RAND_pseudo_bytes has been deprecated.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-25 12:38:19 +00:00
Rich Salz
d64070838e free NULL cleanup
Start ensuring all OpenSSL "free" routines allow NULL, and remove
any if check before calling them.
This gets DH_free, DSA_free, RSA_free

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 23:17:16 -04:00
Dr. Stephen Henson
2e43027757 make ASN1_OBJECT opaque
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 17:35:58 +00:00
Rich Salz
0dfb9398bb free NULL cleanup
Start ensuring all OpenSSL "free" routines allow NULL, and remove
any if check before calling them.
This gets ASN1_OBJECT_free and ASN1_STRING_free.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 07:52:24 -04:00
Dr. Stephen Henson
3d764db7a2 additional configuration documentation
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-03-12 13:31:43 +00:00
Dr. Stephen Henson
e3013932df Additional CMS documentation.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-08 16:18:21 +00:00
Matt Caswell
f7812493a0 Update the SHA* documentation
Updates to include SHA224, SHA256, SHA384 and SHA512. In particular note
the restriction on setting md to NULL with regards to thread safety.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-02-25 20:52:34 +00:00
Rainer Jung
64d2733176 Fix NAME section of d2i_ECPKParameters to prevent broken symlinks when using
the extract-names.pl script.

RT#3718

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-02-25 20:46:51 +00:00
Matt Caswell
12e0ea306a Fix some minor documentation issues
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-02-25 17:13:34 +00:00
Matt Caswell
09f278f925 Add dire warnings about the "reuse" capability of the d2i_* functions.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-02-25 17:13:19 +00:00
Matt Caswell
93b83d0626 Provide documentation for i2d_ECPrivateKey and d2i_ECPrivateKey
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-02-25 17:13:14 +00:00
Matt Caswell
fa7b01115b Add documentation for the -no_alt_chains option for various apps, as well as
the X509_V_FLAG_NO_ALT_CHAINS flag.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-02-25 09:15:10 +00:00
Dr. Stephen Henson
146ca72cca Add additional EC documentation.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-02-21 00:45:06 +00:00
Emilia Kasper
0923e7df9e Fix hostname validation in the command-line tool to honour negative return values.
Specifically, an ASN.1 NumericString in the certificate CN will fail UTF-8 conversion
and result in a negative return value, which the "x509 -checkhost" command-line option
incorrectly interpreted as success.

Also update X509_check_host docs to reflect reality.

Thanks to Sean Burford (Google) for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-10 15:35:20 +01:00
Dr. Stephen Henson
a724e79ed7 Preliminary ASN1_TIME documentation.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-02-03 16:47:57 +00:00
Rich Salz
c303d4d868 old_des fix windows build, remove docs
Remove outdated doc files.
Fix windows build after old_des was removed.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-02-02 22:40:36 -05:00
Rich Salz
625a9baf11 Finish removal of DSS
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-01-28 12:21:55 -05:00
Matt Caswell
e640fa0200 Harmonise use of EVP_CTRL_GET_TAG/EVP_CTRL_SET_TAG/EVP_CTRL_SET_IVLEN
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-28 10:39:01 +00:00
Rich Salz
474e469bbd OPENSSL_NO_xxx cleanup: SHA
Remove support for SHA0 and DSS0 (they were broken), and remove
the ability to attempt to build without SHA (it didn't work).
For simplicity, remove the option of not building various SHA algorithms;
you could argue that SHA_224/256/384/512 should be kept, since they're
like crypto algorithms, but I decided to go the other way.
So these options are gone:
	GENUINE_DSA         OPENSSL_NO_SHA0
	OPENSSL_NO_SHA      OPENSSL_NO_SHA1
	OPENSSL_NO_SHA224   OPENSSL_NO_SHA256
	OPENSSL_NO_SHA384   OPENSSL_NO_SHA512

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 12:34:45 -05:00
Rich Salz
109f1031a8 OPENSSL_NO_xxx cleanup: DEC-CBCM removed
A DES algorithm mode, known attacks, no EVP support.
Flushed.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-01-27 10:02:39 -05:00
Rich Salz
abdd677125 Make OPENSSL_config truly ignore errors.
Per discussion: should not exit. Should not print to stderr.
Errors are ignored.  Updated doc to reflect that, and the fact
that this function is to be avoided.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-01-25 21:07:20 -05:00
Rich Salz
a09474dd2d Some cleanup of L<> markup in pod files
Show only the #define, not the values, in BIO_f_buffer.  Data
abstraction and we can remove a "see also" entry.

Remove internal forward reference to NOTES in EVP_EncryptInit; just
say "see below" as we do in the other pages.

Add missing (3) in pem.pod so the L<> entry is consistent.
Fix entry to point to the "master" page, not the symlink'd one.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-01-06 12:16:24 -05:00
Dr. Stephen Henson
63eab8a620 Remove MS SGC
MS Server gated cryptography is obsolete and dates from the time of export
restrictions on strong encryption and is only used by ancient versions of
MSIE.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-01-02 22:56:54 +00:00
Rich Salz
e03af1789f Minor doc fixes.
In EVP_EncryptInit remove duplicate mention of EVP_idea_cbc()
In EVP_PKEY_CTX_ctrl.pod remove EVP_PKEY_get_default_digest_nid
since it is documented elsewhere.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-11 17:05:57 -05:00
Matt Caswell
e35af275d5 Update documentation following BN opaquify
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 21:41:36 +00:00
Matt Caswell
e4bbee9633 Add documentation for OCB mode
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 10:28:56 +00:00
Matt Caswell
6484958645 Updates to X509_NAME_get_index_by_NID.pod submitted by user Bernardh via the wiki
Minor changes made by Matt Caswell

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-11-27 13:56:07 +00:00
Matt Caswell
f281b8df70 Updates to X509_NAME_add_entry_by_txt.pod submitted by user Bernardh via the wiki
Minor changes made by Matt Caswell.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-11-27 13:55:54 +00:00
Matt Caswell
34890ac18e Updates to EVP_PKEY_encrypt.pod submitted by user Bernardh via the wiki
Minor changes made by Matt Caswell.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-11-27 13:55:37 +00:00
Rich Salz
14d3b76be8 RT3488: Update doc for OPENSSL_config
Fix CONF_load_modules to CONF_modules_load.
Document that it calls exit.
Advise against using it now.
Add an error print to stderr.

Reviewed-by: Matt Caswell <matt@openssl.org>
2014-11-20 13:40:03 -05:00
Alok Menghrajani
5211e094de Fixes a minor typo in the EVP docs.
Out is the buffer which needs to contain at least inl + cipher_block_size - 1 bytes. Outl
is just an int*.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-11-12 21:03:52 +00:00
Rich Salz
5aed169305 RT3462: Document actions when data==NULL
If data is NULL, return the size needed to hold the
derived key.  No other API to do this, so document
the behavior.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-10-03 10:39:00 -04:00
Rich Salz
9208640a36 RT2309: Fix podpage MMNNFFPPS->MNNFFPPS
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-09-30 16:31:11 -04:00
Dr. Stephen Henson
5886354dcc Use correct function name: CMS_add1_signer()
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-09-25 00:03:27 +01:00
Rich Salz
2afb29b480 RT992: RSA_check_key should have a callback arg
The original RT request included a patch.  By the time
we got around to doing it, however, the callback scheme
had changed. So I wrote a new function RSA_check_key_ex()
that uses the BN_GENCB callback.  But thanks very much
to Vinet Sharma <vineet.sharma@gmail.com> for the
initial implementation.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-09-08 11:11:49 -04:00
Rich Salz
4f13dabe72 RT1834: Fix PKCS7_verify return value
The function returns 0 or 1, only.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-09-08 10:43:08 -04:00
Emilia Kasper
95b1752cc7 Add i2d_re_X509_tbs
i2d_re_X509_tbs re-encodes the TBS portion of the certificate.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
2014-09-05 17:18:06 +02:00
Rich Salz
8b77d64e99 RT2379: Additional typo fix
Andy found an additional typo "can be can be".
Now I have that silly "Que sera sera" song stuck in my head.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-08-30 09:55:56 -04:00
Rich Salz
07e3b31fae RT2379: Bug in BIO_set_accept_port.pod
The doc says that port can be "*" to mean any port.
That's wrong.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-08-29 16:45:02 -04:00
Rich Salz
c7497f34fb RT1665,2300: Crypto doc cleanups
RT1665: aes documentation.

Paul Green wrote a nice aes.pod file.
But we now encourage the EVP interface.
So I took his RT item and used it as impetus to add
the AES modes to EVP_EncryptInit.pod
I also noticed that rc4.pod has spurious references to some other
cipher pages, so I removed them.

RT2300: Clean up MD history (merged into RT1665)

Put HISTORY section only in EVP_DigestInit.pod. Also add words
to discourage use of older cipher-specific API, and remove SEE ALSO
links that point to them.

Make sure digest pages have a NOTE that says use EVP_DigestInit.

Review feedback:
More cleanup in EVP_EncryptInit.pod
Fixed SEE ALSO links in ripemd160.pod, sha.pod, mdc2.pod, blowfish.pod,
rc4.d, and des.pod.  Re-order sections in des.pod for consistency

Reviewed-by: Matt Caswell <matt@openssl.org>
2014-08-28 18:55:50 -04:00
Matt Caswell
f063e30fe9 RT3065: automatically generate a missing EC public key
When d2i_ECPrivateKey reads a private key with a missing (optional) public key,
generate one automatically from the group and private key.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
2014-08-27 19:49:35 +02:00
Mihai Militaru
7b3e11c544 RT2210: Add missing EVP_cleanup to example
I also removed some trailing whitespace and cleaned
up the "see also" list.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-08-27 12:53:40 -04:00
Jan Schaumann
fd4592be3a RT1804: fix EXAMPLE in EVP_EncryptInit.pod
The EXAMPLE that used FILE and RC2 doesn't compile due to a
few minor errors.  Tweak to use IDEA and AES-128. Remove
examples about RC2 and RC5.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-08-25 10:25:02 -04:00
Matt Caswell
2dd8cb3b95 Typo fixes to evp documentation.
This patch was submitted by user "Kox" via the wiki

Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-24 21:24:28 +01:00
Emilia Kasper
d64c533a20 Improve EVP_PKEY_sign documentation
Clarify the intended use of EVP_PKEY_sign. Make the code example compile.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
2014-08-22 15:00:11 +02:00
Martin Olsson
1afd7fa97c RT2513: Fix typo's paramter-->parameter
I also found a couple of others (padlock and signinit)
and fixed them.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-08-19 11:09:33 -04:00
John Gardiner Myers
fc979b93ee RT2942: CRYPTO_set_dynlock_create_callback doc fix
The file param is "const char*" not "char*"

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-08-18 16:04:33 -04:00