Age | Commit message (Collapse) | Author | |
---|---|---|---|
2010-03-14 | add -sigopt option to ca utility | Dr. Stephen Henson | |
2010-03-12 | new sigopt and PSS support for req and x509 utilities | Dr. Stephen Henson | |
2010-03-10 | don't leave bogus errors in the queue | Dr. Stephen Henson | |
2009-10-04 | Fix warnings about ignoring fgets return value | Dr. Stephen Henson | |
2009-07-27 | Update from 1.0.0-stable | Dr. Stephen Henson | |
2009-04-26 | Update from 1.0.0-stable. | Dr. Stephen Henson | |
2009-04-15 | Updates from 1.0.0-stable. | Dr. Stephen Henson | |
2008-10-07 | Experimental new date handling routines. These fix issues with X509_time_adj() | Dr. Stephen Henson | |
and should avoid any OS date limitations such as the year 2038 bug. | |||
2008-06-04 | More type-checking. | Ben Laurie | |
2008-05-12 | Fix from stable branch. | Dr. Stephen Henson | |
2007-08-12 | Fix warnings. | Dr. Stephen Henson | |
2006-06-14 | Fix a bug recently introduced when updating this file to use the new | Bodo Möller | |
keygen API: make sure that 'pkey_type' is actually visible to MAIN(). | |||
2006-06-05 | Complete EVP_PKEY_ASN1_METHOD ENGINE support. | Dr. Stephen Henson | |
2006-05-16 | Gather keygen options in req and only use them after all other options have | Dr. Stephen Henson | |
been processed. This allows any ENGINE changing operations to be processed first (for example a config file). | |||
2006-05-12 | Typo. | Dr. Stephen Henson | |
2006-05-11 | Update 'req' command to use new keygen API. | Dr. Stephen Henson | |
2006-05-07 | Add support for default public key digest type ctrl. | Dr. Stephen Henson | |
2006-04-19 | Remove link between digests and signature algorithms. | Dr. Stephen Henson | |
Use cross reference table in ASN1_item_sign(), ASN1_item_verify() to eliminate the need for algorithm specific code. | |||
2006-03-15 | fix problems found by coverity: remove useless code | Nils Larsch | |
2005-07-16 | make | Nils Larsch | |
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa] make depend all test work again PR: 1159 | |||
2005-05-17 | OPENSSL_Applink update. | Andy Polyakov | |
2005-05-16 | ecc api cleanup; summary: | Nils Larsch | |
- hide the EC_KEY structure definition in ec_lcl.c + add some functions to use/access the EC_KEY fields - change the way how method specific data (ecdsa/ecdh) is attached to a EC_KEY - add ECDSA_sign_ex and ECDSA_do_sign_ex functions with additional parameters for pre-computed values - rebuild libeay.num from 0.9.7 | |||
2005-04-05 | some const fixes | Nils Larsch | |
2005-04-02 | use SHA-1 as the default digest for the apps/openssl commands | Nils Larsch | |
2004-11-17 | In "req" exit immediately if configuration file is needed and it can't | Dr. Stephen Henson | |
be loaded instead of giving the misleading: "unable to find 'distinguised_name' in config" error message. | |||
2004-04-26 | Allow RSA key-generation to specify an arbitrary public exponent. Jelte | Geoff Thorpe | |
proposed the change and submitted the patch, I jiggled it slightly and adjusted the other parts of openssl that were affected. PR: 867 Submitted by: Jelte Jansen Reviewed by: Geoff Thorpe | |||
2004-04-20 | Reduce chances of issuer and serial number duplication by use of random | Dr. Stephen Henson | |
initial serial numbers. PR: 842 | |||
2004-02-10 | minor signed/unsigned warning fixes | Geoff Thorpe | |
2003-12-27 | Use BUF_strlcpy() instead of strcpy(). | Richard Levitte | |
Use BUF_strlcat() instead of strcat(). Use BIO_snprintf() instead of sprintf(). In some cases, keep better track of buffer lengths. This is part of a large change submitted by Markus Friedl <markus@openbsd.org> | |||
2003-11-28 | Move do_subject() to apps.c and rename it to parse_name(). The | Richard Levitte | |
rationale behind the move is that it's use by several applications. The rationale behind the name change is that it describes what the function does a bit better. | |||
2003-11-28 | Allow multi-valued rdns in subjects. This adds the -multivalue-rdn option | Richard Levitte | |
to 'openssl req' and 'openssl ca'. PR: 779 Submitted by: Michael Bell <michael.bell@cms.hu-berlin.de> Reviewed by: Richard Levitte (there will be some follow-up changes) | |||
2003-11-20 | Give CRLDP its standard name. | Dr. Stephen Henson | |
Max req -x509 use V1 if extensions section absent. | |||
2003-10-29 | Copy-n-paste bug (don't mix variable declarations and code). This sets the | Geoff Thorpe | |
callback structure just before it is needed. | |||
2003-10-29 | Update any code that was using deprecated functions so that everything builds | Geoff Thorpe | |
and links with OPENSSL_NO_DEPRECATED defined. | |||
2003-04-03 | Correct a lot of printing calls. Remove extra arguments... | Richard Levitte | |
2003-03-30 | Multi valued AVA support. | Dr. Stephen Henson | |
2003-01-30 | Add the possibility to build without the ENGINE framework. | Richard Levitte | |
PR: 287 | |||
2003-01-24 | Check return value of gmtime() and add error codes | Dr. Stephen Henson | |
where it fails in ASN1_TIME_set(). Edit asn1.h so the new error code is the same in 0.9.7 and 0.9.8, rebuild new error codes. Clear error queue in req.c if *_min or *_max is absent. | |||
2002-12-24 | Avoid double definition of config. | Richard Levitte | |
PR: 420 | |||
2002-12-08 | Undefine OPENSSL_NO_DEPRECATED inside openssl application code if we are | Geoff Thorpe | |
being built with it defined - it is not a symbol to affect how openssl itself builds, but to alter the way openssl headers can be used from an API point of view. The "deprecated" function wrappers will always remain inside OpenSSL at least as long as they're still being used internally. :-) The exception is dsaparam which has been updated to the BN_GENCB-based functions to test the new functionality. If GENCB_TEST is defined, dsaparam will support a "-timebomb <n>" switch to cancel parameter-generation if it gets as far as 'n' seconds without completion. | |||
2002-12-03 | EXIT() may mean return(). That's confusing, so let's have it really mean | Richard Levitte | |
exit() in whatever way works for the intended platform, and define OPENSSL_EXIT() to have the old meaning (the name is of course because it's only used in the openssl program) | |||
2002-11-13 | Security fixes brought forward from 0.9.7. | Ben Laurie | |
2002-11-11 | Variables on the stack must be initialized or we can't depend on any | Richard Levitte | |
initial value. For errline/errorline, we did depend on that, erroneously | |||
2002-09-10 | Let 'openssl req' fail if an argument to '-newkey' is not | Bodo Möller | |
recognized instead of using RSA as a default. | |||
2002-08-26 | fix offsets | Bodo Möller | |
Submitted by: Nils Larsch | |||
2002-08-22 | Make -nameopt work in req and add support for -reqopt | Dr. Stephen Henson | |
2002-08-16 | 'EC' vs. 'ECDSA' | Bodo Möller | |
Submitted by: Nils Larsch | |||
2002-08-12 | get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead) | Bodo Möller | |
Submitted by: Nils Larsch | |||
2002-08-09 | Add ECDH support. | Bodo Möller | |
Additional changes: - use EC_GROUP_get_degree() in apps/req.c - add ECDSA and ECDH to apps/speed.c - adds support for EC curves over binary fields to ECDSA - new function EC_KEY_up_ref() in crypto/ec/ec_key.c - reorganize crypto/ecdsa/ecdsatest.c - add engine support for ECDH - fix a few bugs in ECDSA engine support Submitted by: Douglas Stebila <douglas.stebila@sun.com> | |||
2002-08-07 | use a generic EC_KEY structure (EC keys are not ECDSA specific) | Bodo Möller | |
Submitted by: Nils Larsch |