generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,418 Commits 16 Branches 258 Tags 86 MiB
7f5b6f0f19
Commit Graph

1418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dr. Stephen Henson
3fc9635ea7 Fix the S/MIME code to use canonical MIME format for 
encrypted mail. Also update the smime docs.
 1999-12-15 01:26:17 +00:00
Ulf Möller
3b14cb717d Solaris x86 assembler problem is already addressed in ./config 
(bug reports keep coming in because that was still missing in 0.9.4)
 1999-12-14 15:28:10 +00:00
Dr. Stephen Henson
55f30198ad Various S/MIME fixes. Fix for memory leak, recipient list bug 
and not excluding parameters with DSA keys.
 1999-12-14 02:44:27 +00:00
Dr. Stephen Henson
2449961ab2 Fix a typo in a_enum.c. 1999-12-13 13:14:14 +00:00
Dr. Stephen Henson
b216664f66 Various S/MIME fixes. 1999-12-11 20:04:06 +00:00
Dr. Stephen Henson
d8223efd04 Fix for crashing INTEGERs, ENUMERATEDs and OBJECT IDENTIFIERs. 
Also fix a memory leak in PKCS#7 routines.
 1999-12-10 13:46:48 +00:00
Dr. Stephen Henson
e3775a33c1 Make the PKCS#7 S/MIME functions check for passed NULL pointers. 
Fix the usage message of smime utility and sanitise the return
codes.

Add some documentation.
 1999-12-09 01:31:32 +00:00
Ulf Möller
a4af39ac44 Don't use inline assembler on x86 Solaris (would need a different syntax). 1999-12-08 22:55:06 +00:00
Bodo Möller
63daa2aaf4 Useless files deleted -- they were just copies of files of the same name 
in the apps/ directory (which were recently changed).
 1999-12-08 18:30:39 +00:00
Dr. Stephen Henson
a2121e0aee Add i2d_ASN1_PRINTABLESTRING() function, and do 'make update' 1999-12-08 00:56:15 +00:00
Dr. Stephen Henson
55ec5861c8 Modify S/MIME application so the -signer option writes the signer(s) 
to a file if we are verifying.
 1999-12-07 02:35:52 +00:00
Dr. Stephen Henson
5a9a4b299c Merge in my S/MIME library and utility. 1999-12-05 00:40:59 +00:00
Ulf Möller
bc3baeacca CORE SDI proposed patch doesn't make any sense. Undo. 1999-12-04 01:19:23 +00:00
Ulf Möller
9f382899b2 Oops! 1999-12-04 00:13:37 +00:00
Ulf Möller
cd9860af26 Circumvent an exploitable buffer overrun error in RSA Security's RSAREF 
library. See: http://www.CORE-SDI.COM/english/ssh/index.html

Submitted by:
Reviewed by:
PR:
 1999-12-03 23:56:08 +00:00
Bodo Möller
23fb9bc0eb Use des_set_key_unchecked, not des_set_key. 1999-12-03 20:26:20 +00:00
Bodo Möller
cddfe788fb Add functions des_set_key_checked, des_set_key_unchecked. 
Never use des_set_key (it depends on the global variable des_check_key),
but usually des_set_key_unchecked.
Only destest.c bothered to look at the return values of des_set_key,
but it did not set des_check_key -- if it had done so,
most checks would have failed because of wrong parity and
because of weak keys.
 1999-12-03 20:24:21 +00:00
Dr. Stephen Henson
21131f00d7 New function PKC12_newpass() 1999-12-03 03:46:18 +00:00
Dr. Stephen Henson
6ea5314007 Fix a bug in the modified purpose code: it wasn't updated to use the 
new purpose getting function.

Update the ca-cert.pem and pca-cert.pem "CA" certificates so they
really are CA certificate: that is they have the appropriate extensions.
 1999-12-03 00:53:48 +00:00
Dr. Stephen Henson
dd4134101f Change the trust and purpose code so it doesn't need init 
either and has a static and dynamic mix.
 1999-12-02 02:33:56 +00:00
Dr. Stephen Henson
08cba61011 Modify the X509 V3 extension lookup code. 1999-12-01 01:49:46 +00:00
Ben Laurie
fea9afbfc7 Make salting the default. Fail gracefully if the input is not salted. 1999-11-30 20:15:19 +00:00
Dr. Stephen Henson
5f2f0b5596 Document the extension tests performed by the -purpose test 
in the x509 utility.
 1999-11-30 14:39:58 +00:00
Dr. Stephen Henson
7b418a474c Document all possible errors (and some impossible) from the verify program. 1999-11-30 02:28:42 +00:00
Dr. Stephen Henson
bb7cd4e3eb Remainder of SSL purpose and trust code: trust and purpose setting in 
SSL_CTX and SSL, functions to set them and defaults if no values set.
 1999-11-29 22:35:00 +00:00
Dr. Stephen Henson
13938aceca Add part of chain verify SSL support code: not complete or doing anything 
yet.

Add a function X509_STORE_CTX_purpose_inherit() which implements the logic
of "inheriting" purpose and trust from a parent structure and using a default:
this will be used in the SSL code and possibly future S/MIME.

Partial documentation of the 'verify' utility. Still need to document how all
the extension checking works and the various error messages.
 1999-11-29 01:09:25 +00:00
Dr. Stephen Henson
51630a3706 Add trust setting support to the verify code. It now checks the 
trust settings of the root CA.

After a few fixes it seems to work OK.

Still need to add support to SSL and S/MIME code though.
 1999-11-27 19:43:10 +00:00
Richard Levitte
74ecf9e2bb Add compilation of x509_trs 1999-11-27 15:26:48 +00:00
Dr. Stephen Henson
21f775522b Oops! Commit died on me :-( 1999-11-27 01:18:39 +00:00
Dr. Stephen Henson
9868232ae1 Initial trust code: allow setting of trust checking functions 
in a table. Doesn't do too much yet.

Make the -<digestname> options in 'x509' affect all relevant
options.

Change the name of the 'notrust' options to 'reject' as this
causes less confusion and is a better description of the
effect.

A few constification changes.
 1999-11-27 01:14:04 +00:00
Dr. Stephen Henson
d4cec6a13d New options to the -verify program which can be used for chain verification. 
Extend the X509_PURPOSE structure to include shortnames for purposed and default
trust ids.

Still need some extendable trust checking code and integration with the SSL and
S/MIME code.
 1999-11-26 00:27:07 +00:00
Dr. Stephen Henson
1126239111 Initial chain verify code: not tested probably not working 
at present. However nothing enables it yet so this doesn't
matter :-)
 1999-11-24 01:31:49 +00:00
Dr. Stephen Henson
6d3724d3b0 Support for authority information access extension. 
Fix so EVP_PKEY_rset_*() check return codes.
 1999-11-23 18:50:28 +00:00
Dr. Stephen Henson
52664f5081 Transparent support for PKCS#8 private keys in RSA/DSA. 
New universal public key format.

Fix CRL+cert load problem in by_file.c

Make verify report errors when loading files or dirs
 1999-11-21 22:28:31 +00:00
Dr. Stephen Henson
a716d72734 Support for otherName in GeneralName. 1999-11-19 02:19:58 +00:00
Ben Laurie
44eca70641 Update dependencies. 1999-11-18 14:32:54 +00:00
Ben Laurie
5ef738240a Fix warning. 1999-11-18 14:10:53 +00:00
Bodo Möller
1088e27ca8 Restore traditional SSL_get_session behaviour so that s_client and s_server 
don't leak tons of memory.
 1999-11-17 21:36:13 +00:00
Ulf Möller
4f23052492 Missing #ifdef NO_DES 1999-11-17 13:03:29 +00:00
Dr. Stephen Henson
f76d8c4747 Modify verify code to handle self signed certificates. 1999-11-17 01:20:29 +00:00
Bodo Möller
b1fe6ca175 Store verify_result with sessions to avoid potential security hole. 1999-11-16 23:15:41 +00:00
Dr. Stephen Henson
91895a5938 Fix for a bug in PKCS#7 code and non-detached data. 
Remove rc4-64 from ciphers since it doesn't exist...
 1999-11-16 14:54:50 +00:00
Dr. Stephen Henson
6d1b637ba1 Clarify docs. 1999-11-16 02:51:41 +00:00
Dr. Stephen Henson
fd699ac55f Add a salt to the key derivation using the 'enc' program. 1999-11-16 02:49:25 +00:00
Dr. Stephen Henson
e947f39689 New function X509_cmp(). 1999-11-16 00:56:03 +00:00
Mark J. Cox
b7cfcfb7f8 This corrects the reference count handling in SSL_get_session. 
Previously, the returned SSL_SESSION didn't have its reference count
incremented so the SSL_SESSION could be freed at any time causing
seg-faults if the pointer was subsequently used. Code that uses
SSL_get_session must now make a corresponding SSL_SESSION_free() call when
it is done to avoid memory leaks (or blocked up session caches).

Submitted By: Geoff Thorpe <geoff@eu.c2.net>
 1999-11-15 16:31:31 +00:00
Dr. Stephen Henson
06556a1744 'req' fixes. Reinstate length check one request fields. 
Fix to stop null being added to attributes.
Modify X509_LOOKUP, X509_INFO to handle auxiliary info.
 1999-11-14 23:10:50 +00:00
Dr. Stephen Henson
4abc5c624a Add some examples to the enc man page. 1999-11-14 13:34:34 +00:00
Dr. Stephen Henson
a0e9f529a4 Add support for the 40 and 64 bit RC2 and RC4 ciphers in 'enc' 
add documentation for 'enc'.
 1999-11-14 03:23:17 +00:00
Dr. Stephen Henson
0286d94454 Add info about the header and footer lines used in PEM formats 
and add an nseq manpage.
 1999-11-13 21:58:39 +00:00