summaryrefslogtreecommitdiffstats
path: root/crypto
AgeCommit message (Collapse)Author
2001-02-19make updateRichard Levitte
2001-02-19New -set_serial options to 'req' and 'x509'.Dr. Stephen Henson
Remove the old broken bio read of serial numbers in the 'ca' index file. This would choke if a revoked certificate was specified with a negative serial number. Fix typo in uid.c
2001-02-19VMS follows suit.Richard Levitte
2001-02-19Memory leak detection bugfixes for multi-threading.Bodo Möller
2001-02-19Add uid.{c,o}Bodo Möller
2001-02-16New options to 'ca' utility to support CRL entry extensions.Dr. Stephen Henson
Add revelant new X509V3 extensions. Add OIDs. Fix ASN1 memory leak code to pop info if external allocation used.
2001-02-14Option to disable standard block padding with EVP API.Dr. Stephen Henson
Add -nopad option to enc command. Update docs.
2001-02-14New function OPENSSL_issetugid(). Needs more work.Ulf Möller
2001-02-13New function OCSP_parse_url() and -url option for ocsp utility.Dr. Stephen Henson
Doesn't handle SSL URLs yet.
2001-02-12Modify OCSP nonce behaviour.Dr. Stephen Henson
2001-02-12Work around for libsafe "error".Dr. Stephen Henson
2001-02-10Fix CRL printing to correctly show when there are no revoked certificates.Dr. Stephen Henson
Make ca.c correctly initialize the revocation date. Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string() set the string type: so they can initialize ASN1_TIME structures properly.
2001-02-10Simplify BN_rand_rangeBodo Möller
2001-02-09Fix "wierd" typo as submitted by Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>.Lutz Jänicke
2001-02-09Various Win32 related fixed. Make no-krb5 work in mkdef.pl .Dr. Stephen Henson
Fix warning in apps/engine.c Remove definitions of deleted functions. Add missing definition of X509_VAL.
2001-02-08The check for request including a nonce and response not having it wasRichard Levitte
inversed. Corrected. Hopefully, this will make it work without dumping core.
2001-02-08use <= instead of ==Ulf Möller
2001-02-08point out that RAND_load_file() etc are only for seed files, not forUlf Möller
entropy devices or sockets.
2001-02-08Another comment change. (Previous comment does not applyBodo Möller
for range = 11000000... or range = 100000...)
2001-02-08Change comments. (The expected number of iterations in BN_rand_rangeBodo Möller
never exceeds 1.333...).
2001-02-08oops -- remove observation codeBodo Möller
2001-02-08Integrate my implementation of a countermeasure againstBodo Möller
Bleichenbacher's DSA attack. With this implementation, the expected number of iterations never exceeds 2. New semantics for BN_rand_range(): BN_rand_range(r, min, range) now generates r such that min <= r < min+range. (Previously, BN_rand_range(r, min, max) generated r such that min <= r < max. It is more convenient to have the range; also the previous prototype was misleading because max was larger than the actual maximum.)
2001-02-08platform specific CFLAGS don't belong into this MakefileBodo Möller
2001-02-07Bleichenbacher's DSA attackUlf Möller
2001-02-07Modify access to EGD socket to deal with EINTR etc that can appearLutz Jänicke
during connect() and other calls. First seen on Unixware-7. Unify access to EGD-socket for all RAND_egd_*() methods.
2001-02-07Fix AES code.Dr. Stephen Henson
Update Rijndael source to v3.0 Add AES OIDs. Change most references of Rijndael to AES. Add new draft AES ciphersuites.
2001-02-06Rijdael CBC mode and partial undebugged SSL support.Ben Laurie
2001-02-06Avoid coredumps for CONF_get_...(NULL, ...)Bodo Möller
2001-02-06format stringsUlf Möller
2001-02-06Fix potential buffer overrun for EBCDIC.Ulf Möller
2001-02-05Fix a memory leak in BIO_get_accept_socket(). This leak was small andRichard Levitte
only happened when the port number wasn't parsable ot the host wasn't possible to convert to an IP address. Contributed by Niko Baric <Niko.Baric@epost.de>
2001-02-05Include string.h (whis is in all relevant standards) instead ofBodo Möller
memory.h (which is not).
2001-02-05New function to copy nonce values from OCSPDr. Stephen Henson
request to response.
2001-02-04Make depend.Ben Laurie
2001-02-04Can't remember why this was needed?Ben Laurie
2001-02-04Fix a warning.Ben Laurie
2001-02-04Fix ASN1_TIME_to_generlizedtime().Dr. Stephen Henson
Add protoype for OCSP_response_create(). Add OCSP_request_sign() and OCSP_basic_sign() private key and certificate checks and make OCSP_NOCERTS consistent with PKCS7_NOCERTS
2001-02-03Various OCSP responder utility functions.Dr. Stephen Henson
Delete obsolete OCSP functions. Largely untested at present...
2001-02-02Various function for commmon operations.Dr. Stephen Henson
2001-02-02Tidy up the mess in bss_sock.c and bss_fd.cDr. Stephen Henson
by placing them socket/fd code in separate files rather than trying to have them both share the same one.
2001-02-01Tolerate some "variations" used in someDr. Stephen Henson
certificates. One is a valid CA which has no basicConstraints but does have certSign keyUsage. Other is S/MIME signer with nonRepudiation but no digitalSignature.
2001-01-30Increase consistency of header data (some mail readers really do notRichard Levitte
like spaces before the semicolon, and besides, other parts of this file makes the values without those spaces), and move spacing of continuation lines to support BIO's that break lines after each write.
2001-01-28Comment and indentationBodo Möller
2001-01-28Make sk_sort tolearate a NULL argument.Dr. Stephen Henson
2001-01-26New OCSP response verify option OCSP_TRUSTOTHERDr. Stephen Henson
2001-01-24Add debugging info to new ASN1 code to trace memory leaks.Dr. Stephen Henson
Fix PKCS7 and PKCS12 memory leaks. Initialise encapsulated content type properly.
2001-01-24Update "OAEP reconsidered" commentBodo Möller
2001-01-23There is no C version of bn_div_3_wordsUlf Möller
2001-01-20Fix to stop X509_time_adj() using GeneralizedTime.Dr. Stephen Henson
2001-01-19Fixes to various ASN1_INTEGER routines for negative case.Dr. Stephen Henson
Enhance s2i_ASN1_INTEGER().
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-27 10:47:23 +0000