- 21 5月, 2015 1 次提交
-
-
由 Kurt Roeckx 提交于
40 bit ciphers are limited to 512 bit RSA, 56 bit ciphers to 1024 bit. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 14 5月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and adapt the affected source code and Makefiles. The header files that got moved are: crypto/cryptolib.h crypto/md32_common.h Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 22 1月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Sometimes it fails to format them very well, and sometimes it corrupts them! This commit moves some particularly problematic ones. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 07 10月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
? crypto/aes/aesni-sha1-x86_64.s ? crypto/aes/aesni-x86_64.s ? crypto/aes/foo.pl ? crypto/aes/vpaes-x86_64.s ? crypto/bn/.bn_lib.c.swp ? crypto/bn/armv4-gf2m.S ? crypto/bn/diffs ? crypto/bn/modexp512-x86_64.s ? crypto/bn/x86_64-gf2m.s ? crypto/bn/x86_64-mont5.s ? crypto/ec/bc.txt ? crypto/ec/diffs ? crypto/modes/a.out ? crypto/modes/diffs ? crypto/modes/ghash-armv4.S ? crypto/modes/ghash-x86_64.s ? crypto/modes/op.h ? crypto/modes/tst.c ? crypto/modes/x.h ? crypto/objects/.obj_xref.txt.swp ? crypto/rand/diffs ? crypto/sha/sha-512 ? crypto/sha/sha1-armv4-large.S ? crypto/sha/sha256-armv4.S ? crypto/sha/sha512-armv4.S Index: crypto/objects/obj_xref.c =================================================================== RCS file: /v/openssl/cvs/openssl/crypto/objects/obj_xref.c,v retrieving revision 1.9 diff -u -r1.9 obj_xref.c --- crypto/objects/obj_xref.c 5 Nov 2008 18:38:58 -0000 1.9 +++ crypto/objects/obj_xref.c 6 Oct 2011 20:30:21 -0000 @@ -110,8 +110,10 @@ #endif if (rv == NULL) return 0; - *pdig_nid = rv->hash_id; - *ppkey_nid = rv->pkey_id; + if (pdig_nid) + *pdig_nid = rv->hash_id; + if (ppkey_nid) + *ppkey_nid = rv->pkey_id; return 1; } @@ -144,7 +146,8 @@ #endif if (rv == NULL) return 0; - *psignid = (*rv)->sign_id; + if (psignid) + *psignid = (*rv)->sign_id; return 1; } Index: crypto/x509/x509type.c =================================================================== RCS file: /v/openssl/cvs/openssl/crypto/x509/x509type.c,v retrieving revision 1.10 diff -u -r1.10 x509type.c --- crypto/x509/x509type.c 26 Oct 2007 12:06:33 -0000 1.10 +++ crypto/x509/x509type.c 6 Oct 2011 20:36:04 -0000 @@ -100,20 +100,26 @@ break; } - i=X509_get_signature_type(x); - switch (i) + i=OBJ_obj2nid(x->sig_alg->algorithm); + if (i && OBJ_find_sigid_algs(i, NULL, &i)) { - case EVP_PKEY_RSA: - ret|=EVP_PKS_RSA; - break; - case EVP_PKEY_DSA: - ret|=EVP_PKS_DSA; - break; - case EVP_PKEY_EC: - ret|=EVP_PKS_EC; - break; - default: - break; + + switch (i) + { + case NID_rsaEncryption: + case NID_rsa: + ret|=EVP_PKS_RSA; + break; + case NID_dsa: + case NID_dsa_2: + ret|=EVP_PKS_DSA; + break; + case NID_X9_62_id_ecPublicKey: + ret|=EVP_PKS_EC; + break; + default: + break; + } } if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
-
- 26 10月, 2007 1 次提交
-
-
由 Dr. Stephen Henson 提交于
of handshake failure 2. Changes to x509_certificate_type function (crypto/x509/x509type.c) to make it recognize GOST certificates as EVP_PKT_SIGN|EVP_PKT_EXCH (required for s3_srvr to accept GOST client certificates). 3. Changes to EVP - adding of function EVP_PKEY_CTX_get0_peerkey - Make function EVP_PKEY_derive_set_peerkey work for context with ENCRYPT operation, because we use peerkey field in the context to pass non-ephemeral secret key to GOST encrypt operation. - added EVP_PKEY_CTRL_SET_IV control command. It is really GOST-specific, but it is used in SSL code, so it has to go in some header file, available during libssl compilation 4. Fix to HMAC to avoid call of OPENSSL_cleanse on undefined data 5. Include des.h if KSSL_DEBUG is defined into some libssl files, to make debugging output which depends on constants defined there, work and other KSSL_DEBUG output fixes 6. Declaration of real GOST ciphersuites, two authentication methods SSL_aGOST94 and SSL_aGOST2001 and one key exchange method SSL_kGOST 7. Implementation of these methods. 8. Support for sending unsolicited serverhello extension if GOST ciphersuite is selected. It is require for interoperability with CryptoPro CSP 3.0 and 3.6 and controlled by SSL_OP_CRYPTOPRO_TLSEXT_BUG constant. This constant is added to SSL_OP_ALL, because it does nothing, if non-GOST ciphersuite is selected, and all implementation of GOST include compatibility with CryptoPro. 9. Support for CertificateVerify message without length field. It is another CryptoPro bug, but support is made unconditional, because it does no harm for draft-conforming implementation. 10. In tls1_mac extra copy of stream mac context is no more done. When I've written currently commited code I haven't read EVP_DigestSignFinal manual carefully enough and haven't noticed that it does an internal digest ctx copying. This implementation was tested against 1. CryptoPro CSP 3.6 client and server 2. Cryptopro CSP 3.0 server
-
- 29 11月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
PR: 771 Submitted by: c zhang <czhang2005@hotmail.com>
-
- 20 6月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
PR: 587
-
- 22 4月, 2003 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Nils Larsch
-
- 12 8月, 2002 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Nils Larsch
-
- 14 2月, 2002 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Nils Larsch <nla@trustcenter.de>
-
- 24 4月, 1999 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Reviewed by: PR:
-
- 20 4月, 1999 1 次提交
-
-
由 Ulf Möller 提交于
-
- 03 1月, 1999 1 次提交
-
-
由 Dr. Stephen Henson 提交于
handling to x509.c
-
- 21 12月, 1998 2 次提交
-
-
由 Ralf S. Engelschall 提交于
-
由 Ralf S. Engelschall 提交于
-